Some states — including swing states — have flawed voting systems

Donald Trump has been arguing that the 2016 election will be rigged, provoking concerns about what his supporters may do if — as seems likely — he loses. In fact, as President Obama and many others have pointed out, the decentralized nature of our state-by-state system makes the coordinated hijacking of a national election all but impossible. Such a feat would require coordination and conspiracy on a truly massive scale— with so many participants that many would surely be caught in the act.

That does not mean that there aren’t problems with the apparatus of our elections. Although the entire system can’t be collectively hacked or rigged, individual electronic voting machines remain vulnerable to hacking — and some states are connecting their voting machines to the internet, needlessly creating another security weakness. This is especially dangerous when those machines don’t create a paper trail that allows for double-checking or auditing.

Some states made the mistake, after the debacle of the 2000 election – remember "hanging chads"? – of rushing to embrace technology as a solution to that year’s problems, yet they failed to think through potential vulnerabilities.

The good news is that while there are problems, we can fix them. It is important, now more than ever, to put safeguards in place, so that if a distortion of facts begins, we can quickly shut down the conspiracy theorists. It may not be possible to finish the reform process by November 8, but it must be a priority.

A diversity of approaches offers protection

States oversee their own election commissions and have the authority to use whatever voting machines they choose, from paper ballot scanners to touchscreen and other digital devices —internet-enabled or not — or a mix of all of the above.

This lack of homogeneity and systemic connectivity among voting machines is precisely what helps protect the election process from significant, widespread manipulation. Hacking would take local, physical breaches of security, an effort that would be extraordinarily difficult to coordinate across precincts (let alone states).

Instead, the major problem is our inability to fully audit election results. VerifiedVoting.org, which advocates for best practices in elections, rates 25 states as having an "inadequate" auditing mechanism — and only seven as "excellent" or "good."

Many newer voting machines provide no evidence of how an individual voted. There is no paper trail to follow if there are doubts or challenges. If an election is deemed too close to call, or if a machine error occurs, nothing can be done to scrutinize the vote count and reinstate the tally. It would be necessary to hold the election again or accept the election outcome as is.

Old-fashioned hand counting has advantages

In Massachusetts, one state whose voting system I am closely familiar with, 64 of the state’s 350-plus towns and cities still rely on hand counting by volunteers. While that may sound archaic, it allows for an audit or a recount. The other municipalities use four different types of optical scan voting machines — but all of them use paper. So in Massachusetts, if there is a contested election, officials can retrieve the paper ballots and count them again.

The state passed an audit law in 2014, to be used for the first time in the upcoming election; 3 percent of precincts will be manually recounted — one way to detect irregularities.

Since 1997, Rhode Island has used optical scanners with paper ballots. Rhode Island has had very few problems with elections. However, in the event of an issue, there are no laws in place that establish procedures for conducting an orderly audit. Moreover, this year the state "upgraded" to machines that have the ability to send the votes to the board of elections over the internet — a step backward in terms of security. (The machines do have other advantages: They can notify voters when they have cast a ballot in which the bubbles have been filled in incorrectly, for example.)

The seductive attraction, and dangers, of "direct-recording electronic systems"

Several swing states, including Virginia, Pennsylvania, and Florida, pressured by tech-savvy consumers who demanded what they believe is a more sophisticated and convenient system, moved to newer, so-called direct-recording electronic systems (DREs). To the general public, these seem more modern because they employ a familiar touchscreen interface. But many DREs leave no paper trail — known in the trade as a voter-verified paper audit trail — which makes a recount or an audit all but impossible. And because the technology is proprietary, researchers and the public have little to no access to the vendor’s software information for testing, comparing, and troubleshooting.

In order for an election system to be trusted, it must be verifiable. There must be methods with which to check that machines calculate votes as voters intend. There must be strong evidence that machines function as designed, so voters — and candidates — feel confident that elections are fair and accurate. Maintaining a paper trail and keeping election machines off the internet are well-founded methods of instilling trust in our elections.

The importance of a secure chain of custody

We can learn from forensics. After a crime, investigators collect evidence like blood samples and footprints. To prove that evidence remains uncontaminated, it is strongly safeguarded and a chain of custody is established. In an election, chain of custody refers to the safekeeping and secure transport of ballots — and the machines themselves. If a strong chain of custody can be proved, the public can feel confident that the ballots and election machines are secure from the moment of their creation until the final tally at the board of elections. Putting ballots or machines on the internet breaks the chain.

In Connecticut — rated by VerifiedVoter.org above Massachusetts and Rhode Island — paper ballots and manual audits are required by law. For each election, 10 percent of randomly chosen voting districts are selected, and a hand count is conducted. The secretary of state receives a report that indicates the total number of counted ballots. The auditors examine each ballot and make note of potential anomalies, such as marks found outside the ovals or marks made with pencil instead of a pen.

In the modern era, the code used in voting machines needs to be subject to audits too. Hardware and software should be open, transparent, and available for public examination. The code should be periodically reviewed by qualified computer scientists in an open environment to be sure the system is error-free and operates as intended. (Computer scientists are among the strongest proponents of paper trails.)

In addition, voting machines should have error-detection capability, so that problems can be caught in real time, rather than in the audit phase. And error messages should be internally logged as well and externally documented

Two steps forward, one step back

The Help America Vote Act of 2002, adopted two years after the controversy surrounding the 2000 presidential election, established some important guidelines, but, in some states, it also led to a rush to buy DREs — thereby causing fresh problems.

And not just theoretical problems. In a congressional election using DREs that took place in Florida in 2006, Republican Vern Buchanan defeated Democrat Christine Jennings by the minuscule margin of 369 votes. It was determined that in Sarasota County, where DREs were used, 18,000 votes went unrecorded. Since there was no paper trail, there was no way to determine how those 18,000 people voted.

On the tech front, scientists at Princeton University have demonstrated that given access to a DRE system for one minute, they could install malicious code that could alter vote counts and compromise the internal records of the election machine. Although many of the states have since either switched out these machines or adapted them to create paper trails, there are far too many still in use.

We’ve made considerable strides since the 2000 presidential election, but challenges remain.

This November will test our nation’s ability to protect polling places from hacking – and our ability to quickly audit and verify results in close or contested races. If we escape problems in the states that use no-paper-trail DREs, we can exhale — and then finish the job of fixing the system.

Suzanne Mello-Stark is an associate teaching professor at Worcester Polytechnic Institute in Worcester, Massachusetts, and has served in technical advisory roles to the election commissions and secretary of state offices in Rhode Island and Connecticut.