We recently had a conversation with a potential volunteer who accused us of incrementalism for insisting on paper ballots and not pushing for online or smartphone voting. (Needless to say, we doubt he’ll be joining our team, but we wish him well.)
We can agree to disagree on how to handle this iceberg; whether starting with what’s above water and tractable, or diving deep and working from underneath. The fact is, assuming the iceberg is increasing confidence in elections and their outcomes, then we need to work within regulatory schemes and current processes (working for change from within) and bring the ecosystem of people, process, platform, policy and politics into the 21st century in a manner that engenders trust.
This isn’t the first time a well-meaning engineer with a strong passion for fixing our democracy has expressed frustration with our approach — it does seem weird that a bunch of technologists insist on paper! Or seem to be bogged down by policy and (God-forbid) regulations. And this would be such a scalable way to approach massive growth in at-home voting during a pandemic! So, we figured we should approach it head-on.
Simply put, there are two reasons why we oppose online voting (at this time). One, it’s not secure. And two, the public wouldn’t trust it.
But first, let’s be clear about what online voting is: when a voter’s choices are submitted via the open Internet, whether through a browser, an app, or even eMail, from a consumer device to the election office. And it does happen today, albeit on a very small scale, typically for what’s known as “UOCAVA” voters (essentially, military and overseas residents).
Now on to security. A paper just came out from MIT, corroborated by reporting in a lengthy New York Times article, demonstrating that one of the top platforms for online voting has some major security shortcomings. They expressly recommend that voters not use it for online voting, and instead print, hand-mark, and mail a ballot if they’re constrained to use the system. The security of another leading system also is the subject of substantial doubt to the point that one advocacy organization is in legal proceedings against them.
So why not simply build a better system?
Well, even if we were able to design a platform that kept each voter’s choices in perfect privacy and unalterable, we simply wouldn’t be able to develop an authentication system that could completely ensure (in a verifiable manner) that each e-ballot was truly submitted by a distinct, real, eligible voter. Estonia (population 1.3 million) managed to implement a nationwide i-voting system, but only after a major investment in a citizen credentialing (federalized ID) system that, frankly, wouldn’t fly in America.
Baffling as it may sound to techies, the good ol’ mailed ballot, sent to a pre-registered household address and returned with a signature on the outside of an envelope, is far more fraud-resistant than anything that could realistically be implemented online. (Also, turns out that even in 2020, not all Americans own an Internet-connected device, so no matter what you still need to be able to accommodate non-digital voting.)
But suppose we somehow found a way around the authentication issue, and magically all the federal and state regulations changed to make online voting super-doable. (Tech folks, please do not underestimate the sclerosis of regulation.) There is so much distrust in America around anything having to do with elections and technology, that wholesale movement to an online system would leave a mile-wide chasm to be filled with doubts and rumors. The last thing our fragile voting system needs right now is more reasons for people to distrust the outcome.
That’s why we’re strong believers that every cast ballot must ultimately be reduced to a durable paper ballot of record — it’s the only thing that can serve as an indelible, audit-able record of the vote. (Admittedly, it only records those who managed to vote, but we’ll leave discussion of the many reasons people end up not being able to register or cast a ballot to a different time.)
Lest we sound like Luddites or technophobes, we’re truly not.
- We embrace blockchain technology as a tamper-evident immutable change-log means for voter registrations, cast ballot records, election results, and other election administration data.
- We’re deeply committed to the ethos of open-source development and distribution, and nearly our whole darn system is run in the cloud.
Lest we sound unaware of all you can do on your phone like online check deposits and e-signatures on everything, yes, we use that technology too, but financial and legal systems have a calculated tolerance for fraud as a trade-off for the efficiencies of technology. Elections simply cannot tolerate any degree of fraud, and hence, while we’re going to continue using technology to innovate in every way that we can, we cannot and will not, abandon paper ballots as the core currency of voting.
All this said, if you can trust that in 13+ years we’ve discovered just how far we can advance the state of election technology, while building something the public can trust, and that we’re also planning for what’s just over that horizon, then we’re eager for volunteers to help finish building our open source, security-centric, user-centered elections administration technology framework.