Internet Voting: Perils and Summary
John Sebes
No, I am not going to lecture on why Internet voting is bad for half a dozen different reasons. In fact, Internet voting is both a horribly loaded term, and also a general topic that is not germane to our current work at OSDV — which is technologically fixing the election technology mess that we are in, without also trying to change the way elections work.
But I came across a very well researched and well written diatribe against Internet voing, and couldn’t help passing it along: The Perils of Internet Voting, from the wide ranging (from tech to policy to advocacy …) blog Voting Matters.
I don’t agree with all 6+ pages of it (though I am indirectly quoted via a statement of leading computer science experts that I support), but I have to say that if you want a good laundry list of all the objections (and kitchen sink too) to Internet voting, look no farther — and a finely expressed list it is as well.
If the topic is of interest to you, but the list too long an detailed, then get back to me. My story about the peril is simpler (it rests on only one principle, which most people can readily understand), and may be of interest here — if it isn’t too distracting from the immediate issues we’re working on now.
— EJS
While the article John cites is definitely a fine point of view on the matter for which I largely agree, I have to admit some amusement with a group of activists who are railing against several states wanting to at least leverage the Internet to mitigate disenfranchising an important constituency: overseas voters including military and NGO citizens. And that mitigation need not, and until some technical and social challenges are ironed out, should not include casting of ballots. Delivery, however it quite another matter. And that raises two points of amusement for myself.
1. “If its Internet it Must be eMail” Argument. First, there is this “tagging” of all proposals for digitally transferred cast ballots over a tcp/ip (packet-switched) network along with the use of SMTP and presumably, Port 25. I submit that any proposal or design that utilizes tcp/ip protocol AND relies on Port 25, or more particularly SMTP, to transport a cast ballot without any encryption (i.e., in the clear) is without merit and simply stupid. But take eMail as a transport mechanism off the table, and do we have an opportunity to design a private, secure solution? Possibly, and maybe worth exploring; I mean its a fair query. And maybe we resolve to NO. But intellectual investigations should not be stifled merely for asking.
So, seems to me proposals worth vetting should [a] never use a public tcp/ip network; [b] never use SMTP as a transport mechanism; [c] never use a clear channel, only encrypted; [d] not limit encryption strength to 256Kb transmissions; [e] consider using milnet (.mil) and substantially stronger forms of secure data transfer or explore VPN (virtual private network) solutions; and [f] design means to privatize, redact, or make anonymous sender data (much as what is done with anonymous mail services today).
Will this resolve all the issues with “Internet” vote casting? Of course not. But my point is, there are likely technical solutions to at least some of the issues, and so a more intellectually honest adverse position would be something like, “today’s public tcp/ip networks are ill-suited to the requirements of ensuring secret secure ballot casting.”
2. The Slippery-Slope Argument. Then there is this aspect that (until recently) left me perplexed: activists are equally railing against the delivery of BLANK ballots to those overseas who have no possible way to otherwise receive their ballots in sufficient time to cast and have them returned and counted (ah, the wonders of the US Mails). I couldn’t believe people were actually trying to make an intelligent argument against delivery of blank, (BLANK, I say) ballots. In fact, we take more risk every time we use a PC to print our boarding pass for a flight.
Then, I finally learned the reason why the activists are wringing hands and gnashing teeth over digitally available or delivered blank ballots. It was a “Duh” moment for me: the slippery slope argument. Right: once you allow someone to download and print a blank ballot for preparation, then you’ve started down this path of next allowing them to leverage a digital means of ensuring they properly fill out the ballot (e.g., prevent under-voting or over-voting, etc.), and then next, you’ll want to let them return (no!) the ballot as cast. This is the proverbial “camel’s nose under the tent” argument. Good grief… but I understand the point of the argument. So be it.
And to be sure, none of what the OSDV TrustTheVote Project is working on addresses voting using tcp/ip networks; not now, and not for the foreseeable future.
That said, disallowing use of the ‘Net to simply deliver blank ballots (bit no more) seems a bit short sighted, especially for the limited problem of timely ballot availability — slippery slopes notwithstanding. And by the way, I’d never recommend doing so with a PDF attached to an eMail message (even secured), but rather a link to a site, where (with an authentication scheme) one could download to their printer (only) a blank ballot for their jurisdiction. (And I note that the Overseas Voting Foundation has an agreement with FedEx to return those ballots to their jurisdictions for counting within a time frame to make them count.)
And finally, like it or not, this past election included a population of newly eligible voters who have never known a world without an Internet. And the reality is, some of these same newly registered participating voters will likely be running parts of our government in two full election cycles …just 8 years from now. Guess what they’re going to expect. So seems like someone will need to start investigating the what-if and how-to questions without the fear of being stoned for so doing.
Cheers
GAM|out