Why Georgia's Voting Machines Are in the Crosshairs

A coordinated push against Georgia's voting machines has picked up momentum. President Trump issued an executive order directing federal election officials to change voting system guidelines specifically to block ballots that use QR codes — the square barcodes you scan with a smartphone camera. This federal action echoes Georgia state legislation passed in 2024 that removed barcode requirements from ballots. Meanwhile, lawsuits are already challenging the machines in court.

The stakes are real. These ballot marking devices — made by Dominion Voting Systems — have been in use across Georgia since 2019 and are deployed in hundreds of counties across 19 states. Hundreds of millions of dollars have been invested in these systems. Any mandated shift away from them would create substantial operational headaches for election officials.

Multiple Fronts of Challenge

The opposition is coming from several directions at once. In Georgia, a civil rights group called VoterGA and a state legislator filed a lawsuit challenging the voting machines in local court. Their argument: voters have no way to independently verify that the QR codes printed on their ballots actually match the choices they made. If the code was tampered with, a voter wouldn't know.

Earlier this year, a long-running federal lawsuit against Georgia's electronic voting system was dismissed by a judge, though the court acknowledged that the plaintiffs had done useful work in exposing a documented security breach at one county's election office after the 2020 election.

A nonprofit called the Coalition for Good Governance has also been pushing the issue in multiple forums — from state board meetings to petitions — pointing to known vulnerabilities in the state's voting technology.

What Security Researchers Found

The scientific foundation for all this pressure comes from security research released in mid-2024 by computer scientist Alex Halderman at the University of Michigan. He documented specific vulnerabilities in how Georgia's voting machines encode and process ballots. His findings prompted the federal Cybersecurity and Infrastructure Security Agency to issue a public advisory flagging concerns about the ballot marking devices.

The core technical issue is straightforward: the machines show voters a human-readable ballot — the actual words of their choices — but encode those same choices into a QR code that voters cannot read or verify. When the ballots are counted, most systems read only the QR codes, not the human-readable text. This creates a potential weak point. If malicious code altered the QR encoding after the voter approved it, the voter would never know, because they can't actually read QR codes with their eyes.

Security researchers argue this violates a foundational principle of election security: every voter needs to be able to independently verify that their vote was recorded correctly.

People who support QR code voting systems offer a counterargument: these machines offer real accessibility benefits for voters with disabilities and help prevent common marking errors like accidental overvotes. They also note that post-election audits — where officials spot-check results against the original ballots — should catch any discrepancies between QR codes and human-readable text if properly implemented. The real question is whether election offices actually conduct those audits thoroughly.

What This Means Beyond Georgia

The broader context here matters. We have seen similar cycles before. When electronic voting was introduced in the early 2000s — partly in response to the Florida recount confusion — it created an entirely new set of security problems that took years to fully understand and address. The current pushback against QR codes follows a similar arc: technology was deployed to solve immediate problems, but comprehensive security analysis came later.

Colorado offers a precedent. In 2019, that state's secretary of state decided to move away from QR code ballots, even before the security research emerged. Other states can make that choice too. But the transition costs are real. Hundreds of counties have already invested in these machines, and switching to different systems requires retraining election staff and updating procedures before the next major election.

The Trump executive order also includes another provision that operates separately from the QR code issue: it directs federal agencies, including the Department of Homeland Security, to share voter registration data more freely with state election officials. The scope and mechanics of that data-sharing remain unclear.

What Comes Next

Georgia faces a complex situation. Federal guidance is being rewritten. State legislators have already voted to remove barcode requirements. Court cases are in motion. And documented security weaknesses are on the record. The state will likely need to develop backup plans and may need to transition away from its current system before the next major election cycle.

The timing remains uncertain — the executive order uses voluntary federal guidelines as its mechanism, and it's unclear when or how strictly the changes will be enforced. But the momentum across all these channels — executive, legislative, judicial, and technical — points in one direction. Election officials in Georgia and other states running similar systems should probably start thinking about what comes next.