DOCSLIB.ORG

Scantegrity: Enditoiend Voteriverifiable

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Scantegrity: Enditoiend Voteriverifiable E-voting Scantegrity: end-to-End Voter-Verifiable optical- Scan voting Scantegrity is a security enhancement for any optical scan voting system. It lets voters verify that their ballots were correctly recorded and counted, but doesn’t change how voters mark their ballots. DAVID CHAUM oter confidence in the US electoral process lot format—for is eroding as a steady stream of reports con- example, Punch- ALEKS ESSEX tinue to expose fundamental security flaws scan ballots4 require two sheets of paper, and Prêt à University of in certified electronic voting machines.1,2 Voter ballots5 randomize candidate name order. Ottawa VSimilar voting technology is used outside of the US, The Scantegrity voting system combines E2E and resistance to electronic voting has spread to other systems’ cryptographic ideas with the familiarity of RICHArd democracies. Although proposals such as stricter de- a widely used vote-counting system. It thus provides CARBACK sign standards, more open systems (preferably open the strong security guarantees of E2E systems but is AND ALAN source), and independent verification methods (such unobtrusive to the voter, has a minimal cost for wide- SHERMAN as paper audit trails) are improvements, they don’t go scale deployment, and doesn’t interfere with existing University of far enough. In any voting system, with or without procedural requirements such as paper audit trails and Maryland, an electronic component, the core security problem is manual recounts. Scantegrity is designed for use with Baltimore chain of custody. An attacker who breaks chain of cus- optical scan voting systems, which are the most wide- County tody could stuff the ballot box, delete or switch votes, ly used election technology in the US and are being or add votes to contests that the voter left empty. adopted in other countries as well.6 Scantegrity can be JEREMY CLARK Whether the attacker accomplishes this by inserting readily deployed in precincts with existing optical scan University of malicious code or altering paper ballots, such attacks systems because it adds minimal requirements to the Waterloo go undetected even with a manual vote recount. underlying optical scan process and doesn’t introduce Recently proposed end-to-end (E2E) verification any new polling place equipment. It only requires ex- STEFAN voting systems have focused on minimizing voting tra information to be printed on the ballots during POPOVENIUC systems’ reliance on chain of custody.3 These E2E production and system access to the raw scan results AND POORVI systems typically provide cryptographic checks indi- after the election. In summary, Scantegrity minimally VORA cating that ballots have been recorded as cast and tal- impacts election procedures and is the first indepen- The George lied as recorded. Voters can check that their votes are dent E2E verification mechanism that preserves opti- Washington recorded accurately using a receipt, and any observer cal scan as the underlying voting system and doesn’t University can verify that the tally is correctly constructed, all interfere with a manual recount. without compromising ballot secrecy. In these sys- tems, any chain-of-custody break causes a detectable Independent E2E alteration of the public record. In particular, erroneous verification voting systems voting machine software or voting machine malfunc- E2E systems, sometimes called receipt-based or uni- tion doesn’t dilute the voting systems’ integrity. How- versally verifiable voting systems, don’t derive security ever, using these systems in real elections has been a from any specific type of voting equipment. Instead, challenge. They typically require a special type of bal- they generally produce an encrypted representation of 40 PUBLISHED BY THE IEEE COMPUTER SOCIETY ■ 1540-7993/08/$25.00 © 2008 IEEE ■ IEEE SECURITY & PRIVACY E-voting ballot choices that functions as a receipt. This receipt 1234 doesn’t reveal the voter’s identity or choices, so the 1234 A voter can take home a signed or stamped copy of his Choose one: Choose one: or her receipt. Election officials publicly post the re- B Alice B Alice ceipts of all the ballots they received, and voters can check this record to see that their ballot was included A Bob A Bob and is unmodified. If a voter’s receipt doesn’t appear or was modified, the signature or stamp on the receipt gives the voter proof of a discrepancy that he or she Figure 1. The Scantegrity ballot. Scantegrity uses an optical scan ballot with can use to dispute the record. randomly assigned code letters next to each choice. The perforated chit Election officials can only decrypt the receipts to in the corner contains a serial number written in human- and computer- recover the final tally by using a method that hides readable forms. which decrypted ballots correspond to which receipts. They then perform a mandatory audit to prove math- ematically that the public record was decrypted prop- also make a copy of the receipt and give it to third par- erly and that the votes were unmodified—whether ties, who can also check the public record. The more by a software error, the election officials, a hacker, or receipts checked, the higher the chance of detecting a some other entity. Any independent party can author problem with the public record.11 the software used to verify the election outcome using Correct letters indicate to voters that the officials a public specification. Under this model, we expect properly scanned and recorded their votes. However, that several independent entities will make their soft- if the public record contains a letter that’s different ware tool version freely available to the public, miti- from what a voter recorded, the voter can challenge gating the issue of software error. the record through a dispute-resolution process. Other E2E systems include VoteHere’s Mark- Pledge,7,8 Votegrity,9 Punchscan,4 Prêt à Voter,5 and Dial “0” Voter Initiated Auditing.10 Scantegrity is closely re- for independent verification lated to Punchscan, but unlike its predecessors, it can Anyone can use the public record to verify the tally— also serve as an add-on to existing voting technol- that is, that the results were counted as recorded. Tally ogy without interfering with the underlying system’s verification is challenging because the system must not tabulation procedures or paper audit trails. It also uses directly reveal the links between code letter and candi- a new, simpler mechanism to replace the basic vote date to preserve ballot secrecy. tallying mechanism of other E2E schemes. Although Scantegrity isn’t the first system to pro- vide counted-as-recorded integrity verification,4,5,7–9 Voter experience its solution is the simplest. The importance of solution The voter experience in Scantegrity is identical to simplicity can’t be overemphasized in voting—it lets that of regular optical scan systems (that is, the voter the widest possible audience understand how the vot- marks the optical scan ballot and feeds it into an opti- ing system works. cal precinct scanner), except the voter can take home Some E2E solutions use a mix network12 to cre- a privacy-preserving receipt. To create the receipt, a ate an anonymous but verifiable link between receipt voter tears off a perforated corner of the ballot, called and vote. The mix network applies a cryptographic a ballot chit, that contains a serial number. In addition, operation at each node to obscure the path of mes- as Figure 1 shows, the voter writes down the random- sages through the network. This is especially im- ly assigned code letter listed next to the selected can- portant for identifiable (that is, unique) data such as didate. Note that in the ballot in Figure 1, the letter email messages. Some E2E systems provide encrypted A is beside Bob’s name, but it might be beside Alice’s information on the ballot receipt (this information is name on other ballots. Thus, knowing that someone sometimes called an “onion”) to let the mix network voted for a particular code letter doesn’t tell you which perform the correct cryptographic operations to count candidate that person voted for. the vote correctly. Punchscan, Scantegrity’s direct an- After the underlying optical scan system tallies the cestor, uses a simplified two-stage mix network with election results, election officials post a public record efficient cryptographic operations. It also doesn’t use containing the Scantegrity serial numbers and cho- an onion on the ballot. sen code letters of all the scanned ballots, but not the Election data doesn’t necessarily need to be ex- candidate associated with the letter on each ballot. plicitly encrypted. Under the familiar plurality voting Voters can retrieve this public record, look up their system (also known as “first-past-the-post”), voters serial number, and verify that the code letters they express their intent by making a mark beside their wrote match those in the posted record. Voters can chosen candidate. A cast ballot therefore can be ex- www.computer.org/security/ ■ IEEE SECURITY & PRIVACY 41 E-voting Serial Code voters’ workstation transmits the state of each markable region number letter marks Switchboard Results on each ballot in the election through the switch- Bob A Alice board to votes for the corresponding candidates in 002 Alice B Alice the election results. Finally, the public must be able to verify indepen- Alice A Alice dently that marks are being transmitted to the correct 005 Bob B Alice candidate without exposing both of the circuit’s end points (receipt and vote). Alice A Bob 007 Bob B Bob Auditing the switchboard To ensure voter confidence in the switchboard’s Bob A Bob 008 ability to produce a correct tally, Scantegrity must Alice B Bob reveal some information for verification purposes.
Load more

Recommended publications
  • Black Box Voting Ballot Tampering in the 21St Century
    This free internet version is available at www.BlackBoxVoting.org Black Box Voting — © 2004 Bev Harris Rights reserved to Talion Publishing/ Black Box Voting ISBN 1-890916-90-0. You can purchase copies of this book at www.Amazon.com. Black Box Voting Ballot Tampering in the 21st Century By Bev Harris Talion Publishing / Black Box Voting This free internet version is available at www.BlackBoxVoting.org Contents © 2004 by Bev Harris ISBN 1-890916-90-0 Jan. 2004 All rights reserved. No part of this book may be reproduced in any form whatsoever except as provided for by U.S. copyright law. For information on this book and the investigation into the voting machine industry, please go to: www.blackboxvoting.org Black Box Voting 330 SW 43rd St PMB K-547 • Renton, WA • 98055 Fax: 425-228-3965 • [email protected] • Tel. 425-228-7131 This free internet version is available at www.BlackBoxVoting.org Black Box Voting © 2004 Bev Harris • ISBN 1-890916-90-0 Dedication First of all, thank you Lord. I dedicate this work to my husband, Sonny, my rock and my mentor, who tolerated being ignored and bored and galled by this thing every day for a year, and without fail, stood fast with affection and support and encouragement. He must be nuts. And to my father, who fought and took a hit in Germany, who lived through Hitler and saw first-hand what can happen when a country gets suckered out of democracy. And to my sweet mother, whose an- cestors hosted a stop on the Underground Railroad, who gets that disapproving look on her face when people don’t do the right thing.
    [Show full text]
  • Randomocracy
    Randomocracy A Citizen’s Guide to Electoral Reform in British Columbia Why the B.C. Citizens Assembly recommends the single transferable-vote system Jack MacDonald An Ipsos-Reid poll taken in February 2005 revealed that half of British Columbians had never heard of the upcoming referendum on electoral reform to take place on May 17, 2005, in conjunction with the provincial election. Randomocracy Of the half who had heard of it—and the even smaller percentage who said they had a good understanding of the B.C. Citizens Assembly’s recommendation to change to a single transferable-vote system (STV)—more than 66% said they intend to vote yes to STV. Randomocracy describes the process and explains the thinking that led to the Citizens Assembly’s recommendation that the voting system in British Columbia should be changed from first-past-the-post to a single transferable-vote system. Jack MacDonald was one of the 161 members of the B.C. Citizens Assembly on Electoral Reform. ISBN 0-9737829-0-0 NON-FICTION $8 CAN FCG Publications www.bcelectoralreform.ca RANDOMOCRACY A Citizen’s Guide to Electoral Reform in British Columbia Jack MacDonald FCG Publications Victoria, British Columbia, Canada Copyright © 2005 by Jack MacDonald All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by an information storage and retrieval system, now known or to be invented, without permission in writing from the publisher. First published in 2005 by FCG Publications FCG Publications 2010 Runnymede Ave Victoria, British Columbia Canada V8S 2V6 E-mail: [email protected] Includes bibliographical references.
    [Show full text]
  • PDF of Law As Amended to 14/12/2010
    REPUBLIC OF LITHUANIA LAW ON REFERENDUM 4 June 2002 No IX-929 (As last amended on 14 December 2010 — No XI-1229) Vilnius The Seimas of the Republic of Lithuania, relying upon the legally established, open, just, harmonious, civic society and principles of a law - based State and the Constitution: the provisions of Article 2 that “the State of Lithuania shall be created by the People. Sovereignty shall belong to the Nation”; the provision of Article 3 that “no one may limit or restrict the sovereignty of the Nation and make claims to the sovereign powers belonging to the entire Nation”; the provision of Article 4 that “the Nation shall execute its supreme sovereign power either directly or through its democratically elected representatives”; and the provision of Article 9 that “the most significant issues concerning the life of the State and the Nation shall be decided by referendum”, passes this Law. CHAPTER I GENERAL PROVISIONS Article 1. Purpose of the Law This Law shall establish the procedure of implementing the right of the citizens of Lithuania to a referendum, the type of referendum and initiation, announcement, organising and conducting thereof. 2. The citizens of the Republic of Lithuania (hereinafter - citizens) or the Seimas of the Republic of Lithuania (hereinafter - Seimas) shall decide the importance of the proposed issue in the life of the State and the People in accordance with the Constitution of the Republic of Lithuania and this Law. Article 2. General Principles of Referendum 1. Taking part in the referendum shall be free and based upon the democratic principles of the right of elections: universal, equal and direct suffrage and secret ballot.
    [Show full text]
  • § 163-182.2. Initial Counting of Official Ballots. (A) the Initial Counting Of
    § 163-182.2. Initial counting of official ballots. (a) The initial counting of official ballots shall be conducted according to the following principles: (1) Vote counting at the precinct shall occur immediately after the polls close and shall be continuous until completed. (2) Vote counting at the precinct shall be conducted with the participation of precinct officials of all political parties then present. Vote counting at the county board of elections shall be conducted in the presence or under the supervision of board members of all political parties then present. (3) Any member of the public wishing to witness the vote count at any level shall be allowed to do so. No witness shall interfere with the orderly counting of the official ballots. Witnesses shall not participate in the official counting of official ballots. (4) Provisional official ballots shall be counted by the county board of elections before the canvass. If the county board finds that an individual voting a provisional official ballot is not eligible to vote in one or more ballot items on the official ballot, the board shall not count the official ballot in those ballot items, but shall count the official ballot in any ballot items for which the individual is eligible to vote. Eligibility shall be determined by whether the voter is registered in the county as provided in G.S. 163-82.1 and whether the voter is qualified by residency to vote in the election district as provided in G.S. 163-55 and G.S. 163-57. If a voter was properly registered to vote in the election by the county board, no mistake of an election official in giving the voter a ballot or in failing to comply with G.S.
    [Show full text]
  • IC 3-11.5-5 Chapter 5. Counting of Absentee Ballots Cast on Paper Ballots
    IC 3-11.5-5 Chapter 5. Counting of Absentee Ballots Cast on Paper Ballots IC 3-11.5-5-1 Applicability of chapter; counties of application Sec. 1. (a) This chapter applies in a county only if the county election board adopts a resolution making this chapter applicable in the county. (b) A copy of a resolution adopted under this section shall be filed with the election division. (c) A county election board may not adopt a resolution under this section less than: (1) sixty (60) days before an election is to be conducted; or (2) fourteen (14) days after an election has been conducted. (d) A resolution adopted under this section takes effect immediately and may only be rescinded by the unanimous vote of the entire membership of the county election board. As added by P.L.3-1993, SEC.176 and P.L.19-1993, SEC.2. Amended by P.L.2-1996, SEC.202; P.L.3-1997, SEC.335. IC 3-11.5-5-2 Applicability of chapter; paper ballot cast votes Sec. 2. This chapter applies to the counting of absentee ballots cast on paper ballots. As added by P.L.3-1993, SEC.176 and P.L.19-1993, SEC.2. IC 3-11.5-5-3 Time for counting ballots Sec. 3. (a) Except as provided in subsection (b), immediately after: (1) the couriers have returned the certificate from a precinct under IC 3-11.5-4-9; and (2) the absentee ballot counters or the county election board have made the findings required under IC 3-11-10 and IC 3-11.5-4 for the absentee ballots cast by voters of the precinct and deposited the accepted absentee ballots in the envelope required under IC 3-11.5-4-12; the absentee ballot counters shall, in a central counting location designated by the county election board, count the absentee ballot votes for each candidate for each office and on each public question in the precinct.
    [Show full text]
  • Carback, R.T.: Security Innovations In
    APPROVAL SHEET Title of Thesis: Security Innovations in the Punchscan Voting System Name of Candidate: Richard T. Carback III Master of Science, 2008 Thesis and Abstract Approved: Alan T. Sherman Associate Professor Department of Computer Science and Electrical Engineering Date Approved: April 18th, 2008 Curriculum Vitae Name: Richard T. Carback III. Permanent Address: 2819 Manoff Rd, Halethorpe, MD 21227. Degree and date to be conferred: Master of Science, August 2007. Date of Birth: March 27, 1983. Place of Birth: Baltimore, Maryland. Secondary Education: Chesapeake High School, Pasadena, Maryland, 2001. Collegiate institutions attended: University of Maryland Baltimore County, Master of Science, Computer Science, 2008. Bachelor of Science, Computer Science, 2005. Major: Computer Science. Minor: None. Professional publications: • David Chaum, Richard Carback, Jeremy Clark, Aleksander Essex, Stefan Popoveniuc, Ronald L. Rivest, Peter Y.A. Ryan, Emily Shen, and Alan T. Sherman. Scantegrity II: End-to-End Verifiability for Optical Scan Election Systems using Invisible Ink Confirmation Codes. Submitted to USENIX EVT 2008. • Russell A. Fink, Alan T. Sherman, and Richard Carback. TPM Meets DRE: Reducing the Trust Base for Electronic Voting using Trusted Platform Modules. Submitted to USENIX EVT 2008. • David Chaum, Aleksander Essex, Richard Carback, Jeremy Clark, Stefan Popoveniuc, Alan T. Sherman, and Poorvi Vora. Scantegrity: End-to- end voter verifiable optical-scan voting. Accepted for publication in IEEE Security and Privacy, volume May/June, 2008. • Stefan Popoveniuc, Jeremy Clark, Richard Carback, and Aleksander Essex. Securing optical-scan voting. Presented at Dagstuhl. To be published in Towards Trustworthy Election Systems in the Lecture Notes in Computer Science series by Spinger-Verlag, date unknown.
    [Show full text]
  • An Implementation of Dual (Paper and Cryptographic) Voting System
    Tel Aviv University Raymond and Beverly Sackler Faculty of Exact Sciences The Blatavnik School of Computer Sciences An Implementation of Dual (Paper and Cryptograhic) Voting System Submitted as a partial fulfillment of the requirements towards the Master of Science degree by Niko Farhi The research work has been conducted under the supervision of Prof. Amnon Ta-Shma March 2013 Abstract This thesis reports on the design and implementation of a cryptographic voting system, named Wombat. The system is designed to retain the ”look and feel” of standard paper- based plurality voting, while enhancing security using methods from modern electronic voting literature. To achieve this, the system executes two voting processes in parallel: one is electronic and end-to-end verifiable, while the other is paper based and emulates more traditional processes (to which the voters are accustomed). Consistency between the two processes is enforced by means of a new specially-tailored paper ballot format. In addition, this work examines the practicality of the Wombat protocol through im- plementation and field testing in two student council elections with over 2000 voters and party premiership elections with almost 900 voters. During these field test the usabilty, performance and voter satisfaction was examined. Overall, voters trusted the system and found it comfortable to use. Parts of this work were presented in EVote2012. ii Acknowledgments I wish to thank my advisor, Prof. Amnon Ta-Shma for his patience with me. I also wish to thank Mr. Ben Riva for providing aid when it was needed. iii Contents Abstract ii Acknowledgments iii 1 Introduction 1 1.1 ThesisOutline................................
    [Show full text]
  • Voting Equipment and Procedures on Trial
    From quill to touch screen: A US history of ballot-casting 1770s Balloting replaces a show of Voting hands or voice votes. Voters write out names of their candidates in longhand, and give their ballots to an election judge. 1850s Political parties disperse Equipment preprinted lists of candidates, enabling the illiterate to vote. The ballot becomes a long strip of paper, like a railroad ticket. 1869 Thomas Edison receives a patent for his invention of the and voting machine, intended for counting congressional votes. 1888 Massachusetts prints a ballot, at public expense, listing names of all candidates nominated Procedures and their party affiliation. Most states adopt this landmark improvement within eight years. 1892 A lever-operated voting machine is first used at a Lockport, N.Y., town meeting. on Trial Similar machines are still in use today. 1964 A punch-card ballot is introduced in two counties in Georgia. Almost 4 in 10 voters used punch cards in the 1996 presidential election. 1990s Michigan is the first to switch to' optical scanning, used for decades in standardized testing. One-quarter of voters used the technology in the 1996 election. 2000 A storm erupts over Florida's punch-card ballots and Palm Beach County's "butterfly ballot" in the presidential election. 2002 New federal law authorizes $3.9 billion over three years to help states upgrade voting technologies and phase out punch cards and lever machines. Georgia is the first state to use DRE touch-screen technology exclusively. Sources: Federal Elections Commission; "Elections A to Z," CQ, 2003; International Encyclopedia of Elections, CQ Press, 2000; League of Women Voters.
    [Show full text]
  • The Scantegrity Voting System and Its Use in the Takoma Park Elections
    The Scantegrity Voting System and its Use in the Takoma Park Elections David Chaum Richard T. Carback Jeremy Clark Aleksander Essex Travis Mayberry Stefan Popoveniuc Ronald L. Rivest Emily Shen Alan T. Sherman Poorvi L. Vora John Wittrock Filip Zagórski 1 Introduction The Scantegrity project began with a simple question: is it possible to design a voting system offering the strong security properties of cryptographic end-to-end (E2E) election verification with the intuitive look and feel of a paper optical-scan ballot? This chapter recounts a decade-long research effort toward answering this question, from the design of Scantegrity’s precursor Punchscan, all the way to the first governmental election run by an E2E voting system. The main focus of this chapter is on the Scantegrity II voting system (hereafter referred to as simply Scantegrity) and its use in the municipal elections of Takoma Park, MD in 2009 and 2011. To our knowledge, the Takoma Park election of 2009 was the first use of an E2E-verifiable voting system in an in-person secret-ballot governmental election anywhere in the world, as well as being the first governmental election held in the United States to run on open-source software. We also describe the Punchscan voting system and its use in the 2007 election of the the University of Ottawa Graduate Students Association/Association Étudiant(e)s Diplômé(e)s (GSAÉD), which, to our knowledge, is the first time an E2E voting system was used in a binding election.1 Additionally, this chapter describes the remote voting system Remotegrity and accessible Scantegrity variant Audiotegrity, and their use in the 2011 Takoma Park election.
    [Show full text]
  • Demtech Research Security Analysis of Scantegrity System
    DemTech Research Security Analysis of Scantegrity System DemTech Technical Report Series TR-2012-1 May 2012 Copyright c 2012, DemTech Research Project IT University of Copenhagen All rights reserved. Reproduction of all or part of this work is permitted for educational or research use on condition that this copyright notice is included in any copy. Copies may be obtained by contacting: DemTech Project IT University of Copenhagen Rued Langgaards Vej 7 DK-2300 Copenhagen S Denmark Telephone: +45 72 18 50 00 Telefax: +45 72 18 50 01 Web www.demtech.dk This work is supported in part by DemTech grant 10-092309 awarded by the Danish Council for Strategic Research, Programme Commission on Strategic Growth Technologies. Security Analysis of Scantegrity System Amir Rached Submitted in partial fulfillment for the degree of Bachelor of Science. Committee: • Professor Carsten Schurmann¨ • Professor Joseph Kiniry 1 Contents 1 Introduction 3 2 Scantegrity 3 2.1 Basic Idea . 3 2.2 Scantegrity System . 4 2.3 Scantegrity Back-end . 5 2.4 Voting Experience . 7 2.5 Security . 8 2.5.1 Integrity . 8 2.5.2 Privacy . 9 3 Implementation 9 4 Deployment 10 4.1 Election Setting . 10 4.1.1 Meeting 1 . 10 4.1.2 Meeting 2 . 11 4.1.3 Meeting 3 . 11 4.1.4 Meeting 4 . 11 4.2 Back-end Architecture . 11 5 Evaluation 15 5.1 Douglas Wikstroem Attacks . 15 5.1.1 The Duplicates Thread . 15 5.1.2 The Duplicates Thread and The Inconsistency of Opened Commitments with a Permutation Thread . 16 5.1.3 The Inconsistency of Unrevealed Commitments with a Permutation Thread 16 5.1.4 Universal Verfiability When Checking Is Performed at the End of the Mixing 17 5.2 Initial Automated Language-based Security Analysis .
    [Show full text]
  • Voting System Failures: a Database Solution
    B R E N N A N CENTER FOR JUSTICE voting system failures: a database solution Lawrence Norden Brennan Center for Justice at New York University School of Law about the brennan center for justice The Brennan Center for Justice at New York University School of Law is a non-partisan public policy and law institute that focuses on fundamental issues of democracy and justice. Our work ranges from voting rights to campaign finance reform, from racial justice in criminal law to presidential power in the fight against terrorism. A singular institution – part think tank, part public interest law firm, part advocacy group – the Brennan Center combines scholarship, legislative and legal advocacy, and communication to win meaningful, measurable change in the public sector. about the brennan center’s voting rights and elections project The Brennan Center promotes policies that protect rights, equal electoral access, and increased political participation on the national, state and local levels. The Voting Rights and Elections Project works to expend the franchise, to make it as simple as possible for every eligible American to vote, and to ensure that every vote cast is accurately recorded and counted. The Center’s staff provides top-flight legal and policy assistance on a broad range of election administration issues, including voter registration systems, voting technology, voter identification, statewide voter registration list maintenance, and provisional ballots. The Help America Vote Act in 2002 required states to replace antiquated voting machines with new electronic voting systems, but jurisdictions had little guidance on how to evaluate new voting technology. The Center convened four panels of experts, who conducted the first comprehensive analyses of electronic voting systems.
    [Show full text]
  • The Precedent-Based Voting Paradox
    THE PRECEDENT-BASED VOTING PARADOX ∗ DAVID S. COHEN INTRODUCTION ............................................................................................... 184 I. MULTIPLE-ISSUE VOTING PARADOXES ............................................... 188 A. Eastern Enterprises v. Apfel: A Voting Paradox with Two Separate Main Issues ................................................................... 188 B. Kassel v. Consolidated Freightways Corp.: A Voting Paradox with One Main Issue and Two Sub-Issues .................... 191 C. Modeling Multiple-Issue Voting Paradoxes ................................ 194 1. The Social Choice Model ...................................................... 195 2. Other Models ......................................................................... 203 II. PRECEDENT-BASED VOTING PARADOXES ........................................... 205 A. Hein v. Freedom from Religion Foundation, Inc.: The Precedent-Based Voting Paradox ............................................... 206 B. Modeling Precedent-Based Voting Paradoxes ............................ 211 III. THE IMPLICATIONS OF PRECEDENT-BASED VOTING PARADOXES ....... 219 A. More Common than Previously Understood ............................... 219 B. Issue or Outcome Voting ............................................................. 222 C. Judicial Outcome Manipulation .................................................. 224 D. Strategic Litigation Planning for Attorneys ................................ 227 CONCLUSION ..................................................................................................
    [Show full text]