COS, Wilson School professor Edward Felten on election security, intersection of tech and policy

News Body

November 9, 2018

By Julia IlhardtThe Daily Princetonian

Edward Felten is the Robert E. Kahn Professor of Computer Science and Public Affairs. He is the founding director of the University’s Center for Information Technology Policy.  In 2011–12, he served as chief technologist for the Federal Trade Commission, and from May 2015 to January 2017, he served as Deputy U.S. Chief Technology Officer for the Obama administration. He currently serves part-time as a member of the Privacy and Civil Liberties Oversight Board.  

His current research involves cryptocurrency and blockchain technologies. He is also looking at the intersection of artificial intelligence and automation with jobs.

On Wednesday, Nov. 7, Felten spoke with The Daily Princetonian about his career, the security of electronic voting machines, and the intersection of technology and public policy.

Ed Felten, the University’s Robert E. Kahn Professor of Computer Science and Public Policy
Ed Felten, the University’s Robert E. Kahn Professor of Computer Science and Public Policy
Photo courtesy of David Kelly Crow.

The Daily Princetonian: Could you explain how you came to be Princeton's Robert E. Kahn Professor of Computer Science and Public Policy and the significance of having a role focused on this intersection?

Dr. Edward Felten: I came to the University 25 years ago as a junior professor in computer science, and at that time, I just did core computer science research and teaching, and over time I got interested in public policy issues and how public policy touched computer science. About 15 years ago, I started working in a cross-disciplinary way across those areas. Since then, I’ve been trying to build up an effort here on campus and work with colleagues to recruit more people and get more activity going at the boundary between computer science and policy. And so, 10 years ago, we set up the Center for Information Technology Policy as a vehicle for doing that.

DP: When you first came to the University, did you feel like there was a big gap in terms of intersecting these two areas?

EF: When I first came, I don’t think anyone was really doing things at this intersection, and I didn't do anything at that intersection for about my first five to 10 years here. It was only later that I switched over and we’ve had more people switch to do this kind of work. We’ve also tried to build a community of people who do it.

DP: Can you explain what the CITP is and your motivation for setting it up?

EF: CITP is a joint venture between the engineering school and the Wilson School, and it’s designed to do teaching, research, and service that’s at the boundary between computer science and public policy, or if you like, between information technology and all aspects of the public life. CITP does a bunch of things in that area: it sponsors research, organizes events — we have a weekly seminar series — and sponsor and co-sponsor a bunch of conferences. We had 10 conferences last academic year. We administer part of an undergraduate certificate program: the Policy and Technology certificate, Information Track. We are setting up a certificate program for Ph.D. students. We run internship programs and all kinds of things in that area — basically anything we can do to get people on campus interested in technology and policy.

DP: What motivates you to want to be involved in government work?

EF: I’ve been advocating for a long time about the importance of having technical experts in the research of policymaking processes. Partly, people who are recruiting for these positions will call my bluff. They will say, “You say there needs to be technical experts there — how about you come?” And having preached that so much, it’s hard to say ‘no’ when someone issues that invitation to me. But [it’s] also partly because the work is really important, and it makes a real difference in both the work itself and also the opportunity to open the doors to get more technical folks involved. Nowadays, so many policy issues depend on technology issues and similar issues, so policy makers need to have the best advice — the best informed advice — about technical matters. In almost any policy area you go into, you’ll find that technology is changing that area in a big way, whether it’s in healthcare, transportation, education, economy, jobs, international relations, or national security. Whatever it is, technology is transforming that, so there’s a huge need for good advice in that area.

DP: I’ve been reading some of your work on electronic voting systems. How did you get involved in these projects, and can you talk about the ongoing issues?

EF: A lot of the computer scientists got interested in security issues around electronic voting in around 2004 or so. This was after the 2000 presidential election … there were a lot of problems involving the punch card paper ballots, and so there was a rush to adopt electronic voting. But computer scientists were skeptical of that, including me. One of the problems was we computer scientists — independent computer scientists — had not been able to get our hands on a real electronic voting machines of the sort used in elections because the voting machine vendors were preventing it. When our group got the opportunity to get a real voting machine used then in Georgia and Maryland — and that is still used in Georgia — we jumped at it. We were lucky to get the opportunity to get our hands on real voting machines. We followed it up with a bunch of other machines … [For instance] there’s a [voting machine] in the lounge outside [my office] that a few students transformed into a Pac-Man machine. They turned it into a Pac-Man machine to show that these machines can do absolutely anything … If you can make them into Pac-Man machines, you can for sure make them into incorrect vote counting machines. That was a part of an effort to demonstrate to the public and to policy makers that the problems that computer scientists were suggesting existed really did exist. We did a bunch of studies here at the University about the security of electronic voting machines, and then we started to work to try to get the law changed — to get states and counties to switch to more secure systems. A lot of places in the United States have switched — there’s been a real improvement since 2006 when we started this. But, unfortunately, there are a few states that use insecure voting machines, and one of them is New Jersey. If you vote here, you vote on these big, old electronic voting machines that leave a lot to be desired from the security standpoint.

DP: In your opinion, what’s the most significant challenge facing our world and society regarding computer security and privacy?

EF: From a security standpoint, the biggest challenge is the combination of our reliance — our very heavy reliance — on the computerization of almost everything, including all kinds of things that you don’t think of as being computers. A car, for example, is basically just a computer with an engine, a computer that has a motor and carries people around. A typical car has more software in it than your laptop does. There’s a lot of systems that we don’t think of as being computers that carry many of the same risks that computers do. And, yet, we fundamentally don’t know how to secure big, complicated systems. That combination leaves us very vulnerable to attacks or a malfunction, and that is sort of the core problem that underlies a lot of things.

DP: Going forward, how do you think the relationship between computer science and public policy will change? Do you think students who are interested in public policy will need a technical background?

EF: I think the relationship will get tighter, and you’re going to see computer science students more and more studying some aspects of policy and ethics and social science. And you’re going to see students in policy who want to be well-prepared, needing to understand some things about technology. They won’t necessarily need to have a deep technical background, although it wouldn’t hurt, but some core training in information technology and computer science will be a core skill for policy people going forward. Familiarity with technology as a user [and] some ability to think a little more deeply about how it works and about what is likely to be able to do and not do — that’s going to be core knowledge for policy professionals in the future.