(Bloomberg) -- The first sign something was wrong with Northampton County, Pennsylvania’s state-of-the-art voting system came on Election Day when a voter called the local Democratic Party chairman to say a touchscreen in her precinct was acting “finicky.” As she scrolled down the ballot, the tick-marks next to candidates she’d selected kept disappearing.

Her experience Nov. 5 was no isolated glitch. Over the course of the day, the new election machinery, bought over the objections of cybersecurity experts, continued to malfunction. Built by Election Systems & Software, the ExpressVote XL was designed to marry touchscreen technology with a paper-trail for post-election audits. Instead, it created such chaos that poll workers had to crack open the machines, remove the ballot records and use scanners summoned from across state lines to conduct a recount that lasted until 5 a.m.

In one case, it turned out a candidate that the XL showed getting just 15 votes had won by about 1,000. Neither Northampton nor ES&S know what went wrong.

Digital voting machines were promoted in the wake of a similarly chaotic scene 19 years ago: the infamous punch-card ballots and hanging chads of south Florida that tossed the presidential contest between George W. Bush and Al Gore into uncertainty.

But now, the machinery that was supposed to be the solution has spawned a whole new controversy, this time with national security at stake—the prospect of foreign states disrupting American elections.

Security experts say the cheapest, and to their minds, most reliable and hack-proof method to cast votes also happens to be the lowest tech: paper ballots marked by hand and fed through scanners (no chads) to tally the results. They have called for replacing computerized equipment—particularly paperless older models—with the decidedly Luddite alternative.

The devices have “raised far more security questions than paper ballots because you have a potentially hackable computer standing between the voter and the record,” said J. Alex Halderman, a computer science professor at the University of Michigan, adding that without sufficient research, these new machines could be “a waste of money.”

The switch to paper can’t come soon enough, they fear, as election officials prepare for the first presidential election since Russia meddled in the 2016 race, hacking Democratic Party emails and targeting election systems in all 50 states, according to federal authorities. While there didn’t appear to be any votes changed or election machines manipulated in that race, there’s little doubt that U.S. adversaries will try again. “Russia, China, Iran and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions,” national security leaders including Attorney General William Barr said in joint statement on Nov. 5. 

Yet many state and local jurisdictions, like Northampton County, are buying a new generation of computerized voting machines ahead of the 2020 presidential election that security experts say are less secure and cost more—about $24 per voter, compared with $12 per voter in jurisdictions using a mix of the two systems, according to the University of Pittsburgh, which analyzed costs in Pennsylvania.

After the failure in Northampton, ES&S apologized and assured voters that the results were accurate. “At this point, ES&S has not determined root cause of the reporting issue and is working closely with the state and county to conduct a thorough investigation, including a review of the machines,” the Omaha-based company said.

Cybersecurity experts are baffled by local election officials choosing the computerized voting machines. “It’s a mystery to me,” said Rich DeMillo, a Georgia Tech computer science professor and former Hewlett-Packard chief technology officer. “Does someone have 8 x 10 glossies? No one has been able to figure out the behavior of elections officials. It’s like they all drink the same Kool-Aid.” 

The animus is mutual. At conferences, election administrators swap complaints about cyber experts treating them like idiots, said Dana DeBeauvoir, head of elections in Travis County, Texas, whose office purchased a computerized system DeMillo deplores. Hand-marked ballots are “a supremely horrible idea” cooked up by people in Washington “who have never had to really conduct an election,” she said.

Election machines are just one way hackers could try to infiltrate an election to change the vote or undermine its credibility. They also could corrupt voter registration rolls or lock up the computers of voting officials with ransomware. Only in the case of voting machines, though, does the safest technology also happen to be simpler and cheaper.

“These elaborate election systems benefit companies’ bottom line far more than the taxpayers and voters paying for them”

It’s an argument that has barely budged the voting-machinery market. By 2020, the use of paper ballots with scanners is set to increase by about 2% since the last presidential election, while devices with a touch-screen component have dropped .2% across precincts, according to data compiled by the Verified Voting Foundation, a non-profit focused on election transparency and best practices.

Paper ballots are marked with a writing utensil before being fed into a scanner. The more expensive ballot-marking devices use touchscreens to produce a paper record that the voter may review before putting into a scanner for tabulation. 

Neither method is entirely safe, as the scanner tallying paper ballots could be breached. But cybersecurity experts argue that the computerized model is riskier, because a hacked or buggy ballot marker could contaminate the paper record needed to audit results. A voter marking a ballot by hand could spoil his own but no one else’s. With ballot computers, it's up to the voter to catch and report errors in the receipt, and many don’t do that, according to a study DeMillo published in December. If authorities find a machine is at fault, the only fix is a new election, because the paper record is ruined. 

In a report on Russian election meddling, the Senate Intelligence Committee voiced support for paper ballots and optical scanners, calling them “the least vulnerable to cyber attack.”

Winning over the nation’s election administrators to that point of view is no simple task. They are splintered among thousands of state and local governments and often lobbied by privately held election companies anxious for sales, as taxpayers tend to pay for new voting equipment only once a decade.

Decision makers include state officials in some states and local ones in most. Some of those officials have other duties, like approving zoning permits and marriage licenses or, in Texas, cattle brands. Some have technical expertise. Some do not.

Familiarity, practicality, professional relationships and campaign money compete with security concerns when purchasing decisions are made. 

“These elaborate election systems benefit companies’ bottom line far more than the taxpayers and voters paying for them”

In Philadelphia, a three-person election commission discounted cybersecurity warnings and, in February, selected ExpressVote XL from ES&S after a massive lobbying effort. It has a 32-inch touchscreen at a cost of $29 million, or $27.59 per voter, not including roughly $3.8 million over 10 years in fees.

But the decision raised suspicions. State Auditor General Eugene DePasquale noted that the request for proposals appeared to favor equipment of the XL’s type and size. An investigation by City Controller Rebecca Rhynhart later found that ES&S had courted the tiny commission for six years, spending almost half a million dollars lobbying it. The company paid a $2.9 million penalty—the highest in Philadelphia history—for failing to disclose lobbying on bid documents, according to the city controller’s office.

The company acknowledged that it erred by failing to register its lobbyists, saying it was due to a flawed interpretation of the city's procurement provisions. But the company’s “inadvertent omission in no way impacted the RFP process,” according to an ES&S statement on Aug. 15.

Asked this week about the relative security of the hand-marked or computer-marked ballots, an ES&S spokeswoman said they are both very secure. “In either instance, votes are counted via technology, and both use human-readable paper records for audit purposes,” Katina Granger said in an emailed statement in which she noted that computer ballot markers also are easier for the disabled to use.

In North Carolina, the state elections board initially decided against allowing counties to buy digital-voting machines like ExpressVote after hearing arguments “that simpler is better and that hand-marked paper ballots were the gold standard,” said board member Stella Anderson. Then one member asked to change his vote, and a second quit in an uproar after making an offensive joke in a speech.

The new state elections chairman, Damon Circosta, replaced him. In August, he cast the deciding vote certifying ES&S’s ExpressVote and later said many voters prefer the familiarity of touchscreens. “The challenge we have with the cyber advocates who are laser focused on the ballot-marking devices is that they can’t see the forest for the trees,” Circosta said in an interview. 

After last week’s fiasco in Northampton, opponents of the county’s decision to buy the ExpressVote system were saying I told you so. “The local elections administrators just fell in love with these machines,” said Deb Hunter, a school teacher who served on the board that selected the XL system from ES&S, the dominant player in the industry. She had pushed for hand-marked paper ballots. “This administration just railroaded this.”  

ES&S and several other manufacturers said they aren’t in the business of telling election administrators what to buy but rather are simply offering options of varying price ranges and technological abilities. Some favor the more expensive electronic models because voters are comfortable with using a touchscreen, they said.

Computer-voting’s defenders say there’s never been proof hacking has altered an election’s result, which is true, and that computers can’t be compromised if not connected to the internet, which is not. They also note that the systems all but eliminate human error by not allowing  voters to mark more than one candidate in a race, for instance. (Modern scanners also reject such ‘overvotes’ on hand-marked ballots.)

David Becker, founder of the Center for Election Innovation & Research in Washington, argued that the machines are safe and that complaints “are more heat than light, fueled by activism and anger and social media.”

But Susan Greenhalgh, vice president at the National Election Defense Coalition, said too many election officials have been convinced by vendors and colleagues that spending more money and deploying more technology will result in a better, safer election.

“That isn't always true,” said Greenhalgh, whose group advocates for better election security. “These elaborate election systems benefit companies’ bottom line far more than the taxpayers and voters paying for them.”

In Northampton, election officials said the silver lining was that the system allowed the flawed initial results to be checked.

But the paper record they’re counting on isn’t reliable, said Philip Stark, a University of California-Berkeley statistics professor who invented the kind of post-election audit that security experts say is needed. “There’s no reason to believe that the paper trail generated by the XL accurately reflects voters’ selections,” he said.

Northampton Republicans are no less skeptical. Lee Snover, the local party chairwoman, said the results can't be trusted and the experience has shaken voters’ trust going into 2020. “We think voters were disenfranchised,” she said. “I actually supported these machines, but I had no idea they could be so flawed. I think we were better off the old-fashioned way.”

In another echo of Bush v. Gore, local Republicans sent for investigators from the Republican National Committee: The party is considering a lawsuit against the county and ES&S, which has apologized for the snafu.

The only solution, Snover said, is to conduct another election with—wait for it—punch-card paper ballots.

To contact the authors of this story: Kartikay Mehrotra in San Francisco at kmehrotra2@bloomberg.netMargaret Newkirk in Atlanta at mnewkirk@bloomberg.net

To contact the editor responsible for this story: Andrew Martin at amartin146@bloomberg.net, Flynn McRoberts

©2019 Bloomberg L.P.