Skip to main content

Why can't you vote online?

Making internet voting secure is a big challenge, but American elections have bigger demons

voting online lead
voting online lead

Elections in the United States aren’t perfect. Between rare instances of voter fraud, attempts to make it harder for people to vote, voter intimidation, egregious manipulation of voting districts by major parties, and regularly low voter turnout, there’s plenty of room for improvement — leading governments at all levels in the US federal system to examine alternative voting mechanisms that could alleviate these issues. In the age of the internet, an obvious solution for many is remote internet voting — an option that seems more palatable every year given the adoption of PCs, mobile devices, and broadband internet. And in 2012, more citizens than ever will have access to online voting assistance: more than 30 states and the District of Columbia will offer registration or provide absentee ballots for overseas voters using email or an internet portal. But can internet voting really solve problems in US elections?

New voting technologies face a mountain of scrutiny. Elections in the United States require a high level of integrity, across multiple dimensions, either by public expectation or by law. These requirements include secrecy (so people can’t find out how you voted), privacy (so people can’t stand over your shoulder at the ballot box and coerce you), accountability (so votes can be verified as authentic), uniqueness (so people can only vote once), and accuracy (so votes are recorded correctly). Good voting systems should also be reliable, flexible, convenient, and cost-effective. For remote internet voting to be feasible and meaningful, it has to fulfill all of these criteria adequately, and experts are skeptical that an internet voting system could meet all of these needs.

Each time an internet voting initiative begins in the US, warnings come from high places. A circle of expert technologists in the United States have been speaking out against the prospect of online voting since various groups began exploring it as early as 2000. And government bodies like the National Institute of Science and Technology have identified serious security vulnerabilities and voter authentication and election auditing weaknesses in pilot systems. According to some critics of internet voting, a secure solution might as well be penciled in on the calendar next to cold fusion; experts say the technical challenges of securing a remote online voting system are insurmountable, at least in the foreseeable future.

Cold fusion

A leading expert on internet voting, Professor David Dill from Stanford University, says that it’s still far on the horizon — and that it may never happen. Dill, a computer security expert and founder of Verified Voting, an organization that pushes for integrity in elections, says that he hasn’t seen any encouraging developments in recent years. “My position is that internet voting will be trustworthy at some point, but we don’t know how to do it now,” Dill says. “There are some problems where a single challenge has to be solved, and those are more feasible to solve. But internet voting has multiple challenges.”

Given all the doomsaying, why do we need online voting at all?

The biggest technical challenge, Dill says, is the “trusted platform problem.” Since remote internet voting would occur on the home computers or mobile devices of voters, those machines would need to be secure enough to reliably transmit a vote that couldn’t be tampered with. “Most schemes want to be convenient so they have people voting on uncontrolled personal computers,” Dill says. “Those are subject to the usual problems of viruses, or other malware.” He notes that many PCs are part of botnets, and that “malware could conceivably be used to steal votes.” And even if the transmission of the vote is protected with cryptography en route to its destination, Dill says that personal devices are still vulnerable: “if you intercept the vote at the voter’s keyboard there’s not a lot the voter can do about it,” he says. “I’m not just worried about external hackers here: when you’re talking about the stakes of US elections — control of the government — the incentive for people to steal an election are really large.” Dill says malware could be installed by someone with access to a voting machine, like a programmer who writes apps for smartphones.

Dill is also skeptical that mobile devices could facilitate remote internet voting. He says that “in the long run, it’s just as insecure,” and that while there’s an effort to build-in security to mobile systems, they’re still open to a range of attacks including rogue apps or misconduct by people who have legitimate access to devices.

Given the doomsaying, why do we need online voting at all? Supporters believe that it can provide broad benefits to democracy, especially by giving voters better access to the ballot. It’s easy to imagine: if you could vote from your phone, or tablet, or personal computer, instead of having to travel (on a work day) to an election site, the franchise of democracy would be delivered to the purse or pocket of nearly every internet-connected citizen in the country. As a result, voter turnout would theoretically reach new highs.

In the last decade, several research efforts and trials of internet voting have been attempted in the United States. In 1999, President Bill Clinton tasked the National Science Foundation to investigate the feasibility of internet voting, with the understanding that online voting could reverse the downward trend of voter turnout in the US, and add more convenience and precision to vote collection and counting. In 2000, the Democratic party used internet voting systems via Election.com for a primary election in Arizona, and the Republican party used a web application for a straw-poll in Alaska. Since then, other small-scale pilots have been tested in local elections and primaries, but none have been maintained or used in successive years. Only the Department of Defense’s efforts to provide internet voting to members of the military stands out as a program with serious support and scrutiny.

Internet voting has already been available to members of the military overseas

The government’s pilot internet voting programs grew under the Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA), a 1986 law that sought to enfranchise members of the uniformed services and other federal groups, who have historically found it difficult to vote compared to their peers at home. The effort is well-intentioned: the Pew Center on the States found in a 2009 analysis that more than a dozen states didn’t provide overseas voters enough time to cast their ballots. To meet the objectives of this act the DoD created SERVE, the Secure Electronic Registration and Voting Experiment, a system that was supposed to allow overseas citizens to vote from their computers over the internet. But SERVE was met with harsh criticism.

While it could have been offered to more than 6 million eligible voters, concerns about the security of the system caused administrators to scale down the plans and offer SERVE to only 100,000 people in the 2004 elections. Despite the downsizing, the program was halted by Defense Secretary Paul Wolfowitz just a day before it could be used in the general election. The decision to cancel the program was based on a peer review from academia and industry, which identified a number of serious vulnerabilities. Researchers found that SERVE was vulnerable to “insider attacks, DDOS attacks, spoofing, automated vote buying, viral attacks on voter PCs, etcetera,” and that any of these attacks “could be catastrophic.” The report says that attacks like these “could occur on a large scale, and could be launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of US law.” Consequences of such an attack could include selective voter disenfranchisement, privacy violations, buying and selling of votes, or vote switching. And the group says that some of these attacks could succeed without ever being detected.

In a 2007 follow-up report on SERVE, US computer science experts including Dr. David Jefferson and Dr. Aviel Rubin challenged the fundamental security of online elections — writing it off at the most basic levels of trust. The aforementioned problems not only apply to SERVE, but to all other forms of internet voting. “These vulnerabilities are fundamental in the architecture of the internet and of the PC hardware and software that is ubiquitous today,” they write. “They cannot all be eliminated for the foreseeable future without some unforeseen radical breakthrough.”

The fear of widespread voter fraud and tampering in online voting is infectious. In a report commissioned by Elections Canada, researchers found that “SERVE was terminated not because of its system design or architecture, but rather due to security concerns surrounding the internet itself and the view that any transaction conducted over the internet is not secure and considered vulnerable to system breakthroughs.” Despite the warnings, some governments are pushing onward.

Who wants online voting?

While a group of influential experts has warned the public and the government about internet voting, companies like Safevote, Everyone Counts, Diebold, and others have responded to the demand for new voting systems by developing proprietary technologies, some of which are currently used at various levels of government. Several states have completely abandoned physical ballots and paper trails in favor of electronic systems, though none provide remote internet voting to citizens in general elections.

But aside from a few companies exploring the possibility, there’s really no widespread grassroots effort to establish internet voting in the United States, save for a few vocal activists who routinely comment on expert testimony. Expert reports on the feasibility of online voting often provide uncited claims that it’s an inevitability — an assumption based on the wide adoption of internet-connected technologies and the upward swing in their day-to-day use, not empirical evidence of its safety. And while the benefits associated with online voting are attractive to some government officials who are tasked with fulfilling requirements of recent election laws, like the Help America Vote Act (HAVA) of 2002 which was established to replace outdated voting systems and enhance the integrity of elections, federal efforts to expand online voting are still focused on absentee voting.

In a panel held earlier this month at the University of Maryland, Bob Carey, the former director of the Federal Voting Assistance Program — responsible for assisting with the SERVE program — says that at the very least online voting guarantees more military votes will be counted, according to the Maryland Reporter. And Dave Mason, a former commissioner of the Federal Election Commission, said that “it’s just a matter of time until people demand that we vote on the internet. People do everything on the internet.” But the public doesn’t seem to share the same enthusiasm with electronic elections.

Even if the technical hurdles could be overcome, is online voting a good idea, or even a necessary one? Remote internet voting isn’t the only vulnerable method of voting, and some controversial electronic systems are already widely used in the US. Multiple reports on US elections in the past decade note that the integrity of voting systems has been a major issue since 2000, when George W. Bush and Al Gore struggled with recounts. That election was eventually decided by a drawn-out legal battle and a rare decision from the Supreme Court which declared Bush the winner. And since the days of the “hanging chad,” the government has taken formal measures to modernize election systems across the country and create standards for election integrity, including the use of controversial “direct electronic recording” (DRE) machines and other paperless solutions, which are now used widely in states like Delaware, Georgia, Maryland, New Jersey, and South Carolina.

Public confidence in voting depends on more than trust in the technology

Public confidence in new voting mechanisms is dependent on more than trust in the actual technology, and research suggests that partisanship in the American electorate is partly to blame. In a 2009 research project from Caltech and MIT, Dr. Thad Hall says that because they were on the losing end of the 2000, 2002, and 2004 elections, and because of the “close and controversial” aspects of those elections, liberals and Democrats are less confident in elections overall. Hall says that in the US, specific technologies are linked to partisan suspicions: he says that “Democrats and liberals associate [DREs] with pro-Republican interests.”

Source: Federal Election Commission
Source: Federal Election Commission
Source: Common Cause Oregon
Source: Common Cause Oregon
Source: International Institute for Democracy and Electoral Assistance
Source: International Institute for Democracy and Electoral Assistance

But the distrust isn’t completely one-sided. According to analysis from Hall, in the 2006 and 2008 elections, voters who used electronic voting were “significantly less confident” that their votes were received and counted correctly than voters who used paper ballots. And confidence in elections is important: in a two-party system where losses can have dramatic consequences, any perceived impropriety could disrupt the integrity of the government. Hall points out that “in the United States, one reason why confidence is so important is that losers are just that, losers.” Since there’s no proportional representation in Congress, “losing can be a more bitter experience.”

Michael J. G. Cain, a professor of political science at St. Mary’s College of Maryland, and director of its Center for the Study of Democracy, says that isolated instances of fraud aren’t as much of a challenge to the system as restricted access to elections. The data supports this claim: a 2006 study from the Brennan Center for Justice concluded that “fraud by individual voters is both irrational and extremely rare,” that “many vivid anecdotes of purported voter fraud have been proven false or do not demonstrate fraud,” and that “raising the unsubstantiated specter of mass voter fraud suits a particular policy agenda.”

That agenda, often perpetuated by Republican officials in the last decade, is to restrict access to the vote for particular groups of voters. Cain says that “some political parties have tried to restrict access not because they’re worried about fraud but because they’re worried about another side getting more votes.” Additionally, he says that “the balance between fraud and access has to be strong,” but that excluding people from voting to eliminate fraud is “the last thing we want to do.” Problems arising from partisan agendas can’t be solved with remote internet voting or existing technologies like DREs.

“Voting is a public act, but it wasn’t always that way.”

Beyond trust in technology, voting also has a cultural dimension in American politics. “Voting is a public act,” Cain says, “but it wasn’t always that way. In some of the first campaigns there was a desire to mobilize people and get them to a certain place.” He says “when there was voting, no TV, no internet of course, back in the 18th and 19th centuries, men would often go to polling places and place bets on who would win — it was a big party.” Now, he says, “we bring our children to vote — something I think many people do to illustrate the importance of being a citizen of the United States and to let them see what people are doing.” Cain says “there’s a demonstration effect by going to a place, and that demonstration is important to continuing the process.” He can’t see how internet voting would improve the obligation to vote, or to communicate the importance of voting in choosing government officials. “That doesn’t mean it won’t happen someday,” he says, “but right now it’s very hard to see.” Of course, arguments like this are reminiscent of a general concern with technology (have Facebook and Twitter eroded real interpersonal face time with other people?), but for those growing up with the internet, physical spaces may justifiably lose their importance in civic life. Still, it’s hard to see how something like the Iowa Internet Uncaucus that took place just a few days ago could have happened without a physical meet-up.

Even if voters abandon physical spaces for elections, key benefits associated with online voting, like increased voter turnout, aren’t guaranteed. Voter turnout is a complicated issue that’s not directly solved just by giving people better access to voting: for instance, Oregon’s popular vote-by-mail system, open to all voters, has had no discernible effect on the overall turnout of eligible voters. Obviously internet voting presents a different mechanism to voters, some of whom may find it easier than mail voting, but in terms of practical effort the difference is negligible.

Proponents of online voting in the US are quick to point out foreign successes, but the cultural differences are important to observe. Estonia is a significant example because it’s had online voting since 2005, and treats internet access as a fundamental human right. Internet voting in Estonia is built on the technology provided by its national ID card, a mandatory identity document with an onboard digital certificate. Voters also receive a smart card that allows them to remotely authenticate and sign legally binding documents. Still, Estonia is only a country of just over a million people — about the size of New Hampshire or Rhode Island — and isn’t necessarily illustrative of how online voting would work in the US, a country of over 300 million people spread out under tens of thousands of local governments.

As Hall notes, Estonia has “much clearer core ideals about the efficacy of electronic voting and these core ideals make confidence in the system higher.” A study for the Elections Canada notes that “Estonian officials now describe internet voting as an accepted and expected feature of the electoral process, and one that is essential in engaging electors.” Additionally, the report notes that Estonian citizens have a “high degree of trust in remote electronic voting,” and that such trust is neutral with regard to factors like income, education, gender, and geography. But as David Dill notes, that trust may be misplaced. “Estonia’s system is hyped a lot, and studies on the security of that system are not conclusive.” Past performance is not a guarantee that future internet-based elections will be secure or effective at meeting the rigorous requirements of US elections.

A solution without a problem

When evaluating the problems facing US elections, internet voting looks like an unnecessary solution relative to the challenges it presents. For instance, the day selected for national elections in the United States was set by Congress all the way back in 1845 to accommodate the needs of agrarian society — a burden for many in the modern workforce. Clearly the needs of human society in 2012 aren’t the same. Low-tech solutions could be applied to alleviate some problems in elections, including expanding the voting window beyond one day, or making election day a national holiday.

Ultimately, the question of whether internet voting will happen in the future comes down to trust. If citizens demand it, politicians may provide it. But the question of its efficacy, security, and necessity is something else entirely — and in 2012, internet voting seems like more trouble than it’s worth in American democracy. At least for now, there are more important problems to solve.