Voter Verifiable Paper Audit Trail (VVPAT) is useless unless a statistically significant number of VVPATS are manually counted after the election to ascertain that they functioned properly, say two American computer scientists who believe that the only safe election technology is the ‘paper ballot’. In other words, the Election Commission’s provision of testing VVPATs at just ONE polling booth in each constituency is not good enough to inspire confidence.National Herald on Sunday asked two pioneers engaged in advocacy for election integrity in the United States, Barbara Simons and Mark Halvorson to comment on the controversy over Electronic Voting Machines in India. While Simons, a computer scientist who worked for IBM, was one of the founders of the non-profit Verified Voting (verifiedvoting.org), Halvorson continues to be on its board of advisors. He was also the founder and former director of Citizens for Election Integrity, Minnesota (US) and helped organize the first national Audit Summit in the United States in 2007.
Election Commission of India is of the firm opinion that Electronic Voting Machines cannot be tampered. How would you react?
We disagree. EVMs are computers, and all computers can be tampered with. They really should be called “voting computers” to avoid any misunderstanding.
To address concerns, ECI has introduced a paper trail which is called Voter Verifiable Paper Audit Trail (VVPAT) in which a voter having pressed the EVM can look at a slip and verify that his vote has gone to his chosen party or candidate. Is this safeguard sufficient?
VVPATs can increase the security of voting, but only if the following two conditions hold: 1) VVPATs must be universal, namely every EVM must have a VVPAT, and 2) routine Risk Limiting Audits and manual post-election audits are conducted on those VVPATs before the results are certified. The reason for condition 1) is that if the attacker knows which EVMs have VVPATs and which do not, the attacker will focus on those machines without VVPATs. Condition 2) is critical, because the VVPATs provide essentially no security unless they are used to check the machines. A Risk Limiting Audit is a manual audit that examines a statistically significant number of VVPATs to check that the machines are recording and counting the votes correctly.