When voters go to the polls in five states, a verified paper trail will not follow them.
At a time of heightened concerns over election interference, election-security experts have called for that to change, suggesting paper results – visually confirmed by voters – would help state officials recover in the event of meddling or simple mistakes.
"That presents a greater risk because there's no way to detect if things have gone wrong," said Marian Schneider, former deputy secretary of voting and administration in Pennsylvania and the president of the group Verified Voting.
Paper ballots – or, at least, auditable paper trails, in which voters can see their choices recorded on a printed roll of paper – have been recommended by experts from Homeland Security Secretary Kirstjen Nielsen to the Brennan Center for Justice's Democracy Program to the Defending Digital Democracy Project at Harvard's Belfer Center.
A large swath of Americans, however, will vote without them.
Delaware, Georgia, Louisiana, New Jersey, and South Carolina will all vote without such paper trails. That's in addition to eight other states that use paperless voting machines in some, but not all, counties. Those range from Pennsylvania, where three-fourths of the state's 67 counties use paperless machines, to Arkansas, where the state has been upgrading its final handful of paperless-voting counties and expects all but one to have voter-verified paper trails by Election Day.
In some cases, as in Delaware and South Carolina, the electronic machines do print vote totals internally, for comparison with results stored electronically on cartridges. In others, as in Georgia, they can print images of ballots. Election-security experts, however, call for paper records of each vote, which voters can actually see, to make sure their choices are recorded accurately.
Officials in the five exclusively paperless-voting states say their results are safe from hacking -- and that voters should not be concerned.
"Our machines have never been connected to the Internet," Delaware Election Commissioner Elaine Manlove told ABC News. "We take every security precaution that there is."
Nor are voting machines connected to each other.
"You would have to hack into each machine individually, in all 64 parishes without being seen," said Tyler Brey, spokesman for Louisiana Secretary of State Kyle Ardoin. "We are very confident in a safe, secure, and complete election."
At this year’s DEFCON hacker conference, where hackers test their skills on out-of-use voting machines brought in by conference organizers, hackers succeeded in cracking -- to various extents -- several models currently in use, conference organizer Harri Hursti told ABC News.
One hacker, already familiar with the machine, gained full administrative-level access to a Premier (formerly Diebold) AccuVote TSX in about 30 seconds. That model is used in Georgia. In a video from last year’s conference, cybersecurity professional Rachel Tobac demonstrated a similar hack in about as much time.
At @defcon hacking conference and just learned how easy it is to physically gain admin access on a voting machine that is used in 18 states. Requires no tools and takes under 2 minutes. I’m concerned for our upcoming elections. pic.twitter.com/Kl9erBsrtl— Rachel Tobac (@RachelTobac) 12 août 2018
This year, hackers turned a Dominion (formerly Sequoia) AVC Edge -- used in some New Jersey counties -- into a Pac-Man game, Hursti said. They manipulated a piece of equipment used in tallying votes from Election Systems & Software iVotronic machines, used statewide in South Carolina and in parts of New Jersey.
"The voting machines themselves are horrifically insecure," Ryan Kalember, senior vice president of cybersecurity strategy at cybersecurity firm Proofpoint, told ABC.
In each state except New Jersey, where the Election Division did not respond to requests for comment about its voting machines and potential vulnerabilities, officials insisted that voting machines are not connected to the Internet -- rendering a widespread hack virtually impossible. Machines are protected by seals that would show any evidence of tampering, officials say.
Security experts have focused their worries mainly on other possible threats -- such as hacking of voter-registration databases, which could wreak havoc on checking in voters and cause longer lines at the polls -- but experts also voice concerns that results could be vulnerable nonetheless, if gaps in the system go unanticipated.
"There really is risk in using an electronic-only system, in that it's not only about the machines, but it's about the machines that program the machines -- it's about the machines that tally the votes," McAfee Chief Technology Officer Steve Grobman told ABC.
"If somebody tells you that their risk is zero, that's not true. We know that," said Verified Voting's Scheider.
State officials say their vote-tabulation systems are similarly connected only to closed networks cut off from the Internet -- and DEFCON's results should be taken with a large grain of salt, the National Association of Secretaries of State cautioned, as unfettered access to voting machines "does not replicate physical and cyber protections" in place on Election Day.
Electronic-voting states have taken other cybersecurity precautions after 2016 saw interference attempts including hacks of Democratic groups and attempted intrusions into state voter-registration systems -- but not any hacking of actual votes.
State precautions have included training for employees, multi-step verification when logging into vote-related systems, in at least one case hiring cybersecurity firms, and tapping the Department of Homeland Security -- which has offered cybersecurity assistance to states -- to monitor threats and scan for vulnerabilities.
A Slow Change to Paper
Electronic voting was once all the rage, Delaware's Manlove said.
"I got a lot of phone calls from people saying, 'Gosh, I'm looking at Florida on TV, and they have butterfly ballots, and they're talking about hanging chads, and Delaware's so advanced,'" Manlove told ABC, referencing Florida's paper-ballot count in 2000 that ended up in the Supreme Court. "Now I'm getting calls saying, 'Why don't we use paper?'"
The pendulum has swung back -- but change takes time.
A group of Georgians has sued Secretary of State Brian Kemp to force an end to Georgia's paperless machines, but Kemp's office has pushed back, insisting elections are secure and that a wholesale change would cause problems if undertaken too quickly. Georgia solicited information on new equipment this year, and Kemp has stipulated new machines should have a paper trail.
Other states are buying new machines but won't roll them out by the 2018 midterm elections. Congress appropriated $380 million for election upgrades this spring, but unless states began buying new machines before 2018, November has not been a realistic deadline, officials in these states and others have said.
In Louisiana, the state approved a bid for new machines, but the losing bidder challenged, and the buying process is on hold. Despite the current limbo, the state expects new machines -- with paper records voters can see -- to be in place in 2019. Delaware expects to have paper-verified machines next year, too, and South Carolina expects to have them by 2020. New Jersey will begin trying out new, paper-verified machines under a pilot program, but not before November.
For state officials, cybersecurity isn't the problem -- even if a paper trail might provide greater peace of mind. Instead, it's simply about outdated technology. For instance, in Delaware, where voters press a plastic-shielded, paper ballot to record their choices through buttons underneath, the paper ballots are designed on Windows XP computers, and the Elections Commission worries it won't be able to buy new ones.
For those concerned with paperless machines on a nationwide Election Day, they will have to wait until 2020 for larger-scale change.