Note: This column was submitted by Indiana University President Michael A. McRobbie and Columbia University President Lee C. Bollinger, and it appeared in The Hill on September 3, 2019.
Public confidence in the integrity and security of our elections is essential for democracy to be a trusted means of governing, and that very confidence is now under unprecedented attack by foreign adversaries.
A newly released report from the Senate Select Committee on Intelligence, as well as recent congressional testimony by Special Counsel Robert Mueller, indicated that in 2016 Russia attempted intrusions into the election infrastructure of all 50 states. In one of the most dramatic moments of his testimony, Mueller said that Russia is at it again "as we sit here."
With just 15 months until the next round of major state and federal elections, and as Congress continues to debate the sources of and steps to combat the cyberattacks, it is sobering to consider the effect that a deep erosion of public confidence in the election process could have.
It would be devastating to Americans' faith in our democracy and the legitimacy of our elected government.
For these reasons, state and federal leaders must act with urgency to secure our elections. As co-chairs of the committee convened in 2016 by the National Academies of Sciences, Engineering and Medicine to address voting security, we concluded that the nation should immediately take three actions to strengthen the safeguards for election systems against the mounting cyberthreats.
First, we must increase the cybersecurity of systems used in elections, such as voter registration databases and voting machines. Since state and local governments do not possess, on their own, the ability to guard election resources against attacks by foreign nations or other malicious actors, they must work together with the federal government for greater insight, training and rapid intelligence sharing.
Yet, enhanced cybersecurity and intra-government coordination will not be enough. The evolving nature of cyberthreats means that securing the election data and infrastructure can never be 100 percent sure. Because of this, we need two additional measures that together can safeguard public confidence in our elections — paper ballots and audits of election results.
Paper ballots are evidence of voters’ choices that cannot be altered by compromised software or hardware. They can be marked either by machine or by hand – and counted either by machine or by hand – but it is this paper record that is crucial. And only paper ballots can enable the third action.
Audits inspect a sample of paper ballots in order to verify that votes have been counted correctly and that the election results are accurate. A particular type of audit known as a risk-limiting audit is our best defense. A risk-limiting audit performed on an election with tens of millions of ballots may require that as few as several hundred randomly selected ballots be inspected by hand. If an election’s results were tampered with, risk-limiting audits would detect it. States should start by piloting risk-limiting audits and proceed to full implementation for all federal and state elections.
To be sure, at a time when nearly everyone has a cell phone and uses the internet daily, some will wonder why we cannot devise a technical solution to securing our election systems. The very idea of counting paper ballots, especially in large metropolitan areas, might seem quaint and unsophisticated.
The extraordinary technical advancements in recent years have proven no match for the confidence levels required to secure online voting, and voting systems are especially vulnerable when they are connected to the internet. There is no basis for confidence that secure internet voting will be feasible anytime soon. Paper is feasible now.
Further delay, squabbling among levels of government, lack of funding or naive faith in technology alone put our democracy at risk. Paper can help protect it.