More thoughts on email voting
Following up on John’s discussion of “Internet Voting” in North Carolina… Let me pick up the thread from the perspective of Vote By Mail as a point of comparison.
I think it’s an interesting comparison because it’s worth asking whether using the Internet makes voting immediately riskier than the model we all know (and some love) of receiving and returning ballots using the mail (broadly defined – I suppose it’s not always the good ole US Postal Service that is doing the delivering).
Key problems that John discussed the other day with using email to deliver marked ballots back to the jurisdiction were that on the trip from the voter (imagine a soldier casting his or her vote while serving overseas) the ballots could be intercepted, read and even changed as it traversed email servers.
One might say, who said that the humans who handle the bags of paper ballots on their trip are any more trustworthy? [Did you notice what I just did there? I went from talking about digital delivery in general to email delivery, which are not the same thing!]
I would respond that it’s just much more difficult to do bad things to ballots on route if their route uses atoms (paper, trucks, aircraft) rather than bits (files, email messages, protocols.) It’s harder to deal with when it’s paper – you have to find the paper and get physical access to it, you need to work on it without being observed.
I suppose you could cause a whole bag of ballots to fall of a truck, but you’d need to also then falsify paper manifests and other like documents. These are real risks but the truth is that we’ve come to understand and accept these kinds of risks as acceptable trade-offs for the greater good of allowing our citizens in far places to cast their vote.
Less well understood are the new and highly technical kinds of risks that we’re looking if we want to allow those citizens to use email to return their marked ballots back home. Think about all the pieces of software and infrastructure that handle the returning email starting from the voter’s potentially virus laden PC (or weirdly hacked Internet Cafe station), through a series of servers that are invisible and controlled by who knows who, all the way back to the Jurisdiction. Ouch.
But let me argue against myself now. First of all, I was very facile in claiming that it would be harder to attack the physical transportation of paper ballots when traveling from Camp Foobar in Farawayistan. I was just using common-sense and intuition. But the truth is I don’t know a whole lot about how that actually works, or about the real so-called attack surface is for delivery of paper marked ballots.
And let me also argue against myself by pointing out that many of my arguments against email voting may not apply to other more direct ways of delivering marked ballot, not with email, but some other digital means.
In any event, in my opinion, we need to face up to the reality that the world is getting flatter and we have more and more citizens whose votes must be counted who are in very faraway places. The time it takes to send a blank ballot by snail mail and send a voted ballot back with snail mail, makes the voters’ time window much too slim in many cases.