A NEW PARADIGM FOR ASSESSING
The current debate about electronic voting and voting technology generally is hindered by the lack of a clear and coherent risk assessment model. Critics of electronic voting argue that direct recording equipment (DRE) is too risky to be used, but these critics also fail to provide a baseline level of risk from which to evaluate electronic voting. In short, they fail to address the question, Riskier than what? or to subject the baseline technology—paper-based voting—to the same scrutiny. Critics simply assert that there is a risk to voting on DREs but do not provide real assessment of the magnitude or likelihood of these risks occurring. We can imagine a simple comparison of system vulnerabilities between paper-based and electronic voting systems along a range of criteria. The 2000 election in Florida would be one example of the worst-case scenario illustrating the vulnerabilities of paper-based voting: ballots exist that cannot be counted because voter intent cannot be discerned, there are obvious issues with ballot design, and the result changes the outcome of the entire election. The 2006 election in the Thirteenth Congressional District in Florida would be a worse-case scenario for electronic voting, where ballot design seems to have led to a very high residual vote rate in an important race.
Critics of electronic voting also often fail to consider these risks within a real-world context and consider strategies that might mitigate or eliminate many of the risks they identify as potentially problematic. Even worse, many of the solutions that have been proposed to solve the problems associated with electronic voting have not been forced to undergo the same sort of rigorous threat-risk scrutiny to which the original DREs were subjected. For example, the threats of using VVPAT systems, which involve adding software and printers to DREs, add additional layers of complexity to electronic voting and introduce new threats to the use of these electronic voting systems, such as the opportunity for these systems to be sabotaged by intentionally jamming the printers. Other solutions, like parallel monitoring, which involves pulling equipment from precincts and testing it throughout the election to ensure that it is operating without malfunction, introduce mitigation without adding new threats.