Internet voting: A really bad idea whose time has come
Believe it or not, most states have some provisions for allowing people to vote over the Internet. The pressure is on to expand it, even though a secure online voting system is impossible using today's technology.
The area on the Jersey shore where I grew up was hit very hard by Hurricane Sandy in 2012. It was many weeks before some of the people could even go home. Life was a mess. And then, a little over a week later, was the 2012 election day.
The state made it clear that they would make whatever accommodations it could to help people vote if they were displaced by the storm. So far, so good, but my ears perked up when I heard about "email voting."
Yes, the state announced that voters could email in a vote. This was part of an effort to make all non-traditional forms of voting, including mail-in and fax, easier. In fact, voters were instructed to ignore the part of the relevant web page where it says "The County Clerk cannot accept faxed or emailed copies of a Application for Vote by Mail Ballot, unless you are a Military or Overseas Voter, since an original signature is required."
But certainly such circumstances were sui generis, and no sane state authority would contemplate Internet voting in the normal course of things, right? Wrong.
The whole issue of security in voting is highly controversial even without bringing computers and the internet into it. Merely asking for identification is considered racist by many. But voting over the internet increases the possibility for fraud by many orders of magnitude, and those committing the fraud could be halfway around the world.
Speaking of around the world, Estonia is the current poster child for electronic voting. Estonians at home and around the world can vote online using a national ID card, a smart card. Clearly a system of digital national IDs has no chance of being adopted in the US, but for all its sophistication, the Estonian system is still vulnerable to tampering according to recent research.
In one sense, voting does seem like the sort of thing that should be ideal for the internet. I'm reminded of Ross Perot's ridiculous notion of an "electronic town hall" that could actually replace representative government with direct democracy. I hope that the last 22 years of internet insecurity have shown us what a bad idea that would be.
The best thing you can say about most current online voting provisions is that the numbers of voters are probably small enough that any significant fraud would stand out. Maybe.
But if the goal is to increase participation by making voting easier and easier, then moving it online is just asking for trouble. I doubt there's a way to do it that would provide sufficient confidence. A 2011 study by NIST pretty much said the same.
In fact, it's easy to find research by people who understand computer security pointing out the considerable risks from internet voting. There are other people who would like to increase turnout no matter what and who are happy to declare that all technical problems can be worked out by the experts. Well, the experts have spoken: Internet voting is not and cannot be made secure with current technology.