Overview

The Case for 2PV

The image of election officials holding ballots up to fluorescent lights, squinting to determine the implied wishes of ineffective voters, remains a symbol of how a modern democracy fell prey to an outdated and inefficient voting system. In passing HAVA, the Help America Vote Act of 2002, Congress set out to eliminate the bugaboo of the 2000 elections, hanging chads. HAVA requires the use of electronic systems in voting, allocates budgeting for each state to pay for the new systems, and must be implemented by January 1, 2006.

There are many benefits to be gained in requiring the US voting system to move to the electronic arena. Depending on the programming and systems employed, voting can now be multi-language and handicapped accessible. The tabulation process can be sped up. And there will no longer be a problem in the disposition of chads.

However, being an electronic system, the underlying methods for voter self verification and final tabulation are hidden from view. The operating system, front end code, database code, and connectivity code are all currently treated as intellectual property and therefore are not released as "open code." A quote often attributed to Joseph Stalin states that, "Those who cast the votes decide nothing; those who count the votes decide everything." If all the source code is released into the public domain, however, does it then open itself up to problems of external corruption (i.e., hacking)? And can all versions of source code be verified with each deployed machine?

There are currently two different types of voting systems. One is touch screen technology, commonly referred to as a DRE, Direct Recording Electronic, system. The DRE serves as both ballot and tabulation point. The second is called Optical Scan. Optical Scan requires that voters darken a circle on a paper ballot to indicate their choice. After the voter has finished marking the paper ballot, the ballot is then scanned at an Optical Scan machine.

Some DREs do have a paper trail, an analog history for auditing the vote, but most do not. The Optical Scan intrinsically has this characteristic. However, if a recount of all ballots is not done by hand, the final tabulation is always done only on a single electronic machine.

Two Pass Verification (2PV) is a concept created out of the need to comply with HAVA and to reduce the possibility of fraud. It employs both a DRE and Optical Scan, in tandem.

1. The voter uses the DRE to create an optical card ballot by selecting candidates from the touch screen. The first verification is performed on the DRE when the voter finalizes the ballot and the card is printed.
2. The optical card ballot is then taken to an Optical Scan machine and scanned. On a screen attached to the Optical Scan, all the voter's selections are displayed, and with a single "Yes" or "No," a second verification is performed.

When the poll is closed, both the DRE and the Optical Scan machine must come up with the same number of votes. If there is a discrepancy, a hand count to tally the votes must be completed.

To minimize the possibility of electronic fraud, the following steps must be taken:

1. Once installed on site, the DREs' and Optical Scans' modems/Ethernet must not be connected.
2. The DRE and the Optical Scan machine must not be connected to each other, wired or wireless.
3. After the polls have closed, the election judges must record each machine's tally and confirm that the DRE totals match the Optical Scan totals prior to connection for downloading the final tallies to a central processing point.
4. Final electronic tallies must not be erased from system memory until all auditing has been completed.

To minimize the possibility of analog card fraud, each printed optical card must contain an encrypted checksum, a date-time stamp and an identification to prevent changes on the hard copy ballot.

In requiring such a system, the United States will move on from the possibility of fraud at the electronic level.

Thank you for your interest.

Marc Chinitz
President, Consultant
2PV.org