America is years away from being able to implement online voting

Online voting is thought to be a straightforward way to massively expand ballot access. Done correctly, it would do away with long wait times, hanging chads and concerns over voter suppression and intimidation.

However, a new report commissioned by the US Vote Foundation warns that the technology behind our government’s websites is woefully incapable of handling the requirements of implementing an online voting system.

As the report explains, online voting systems must be “end to end verifiable,” meaning that the voter must be able to verify both that their vote was accurately recorded and that the election as a whole was conducted properly. Such a system is currently not in sight, although in the report does not explicitly say that our government is not capable of putting one together.

However, even if our government was able to design such a system, there is no reason to believe that it wouldn’t be vulnerable to distributed denial-of-service (DDoS) attacks, in which a website is targeted with a stream of so many arrivals that the site crashes. As the report explains:

A system that is correct, secure, and usable is still not useful to voters if it is unavailable during an election. Many government websites are unreliable, especially during a distributed denial-of-service (DDoS) attack or just after a security breach.

While many private companies have built systems capable of withstanding DDoS attacks, governments have a much more difficult time putting them together.

What’s more, even if the government’s website is perfectly secure and functional, malware on a voter’s computer could be used to alter their ballot.

Additionally, the report cautions that common authentication procedures, such as passwords and email verification, are inadequate. More strenuous verification is needed in order to ensure the integrity of online ballots, and the government is ill-equipped to provide it to the 129 million voters who would be using the system.

Computer servers via Shutterstock

Computer servers via Shutterstock

It’s important to keep in mind the fact that our government’s technology lags years behind what many of us take for granted in our homes — to say nothing of the capabilities of those who would seek to compromise an online American election. After all, no member of Congress wants to be the one who puts new computers in the budget for the Executive Branch, and the result is a government run on computers that we would complain about if our elementary schoolers were still using them.

But that reluctance to fund our government comes at a cost: Right now, that cost is measured in the recent security breach at the Office of Personnel Management — in which information on over 22 million current and former federal employees was stolen. If we can’t keep something as important as the Social Security numbers of federal workers secure, we’ve got a long way to go before we can say with any certainty that we’re able to secure and verify the millions upon millions of votes cast in our presidential elections.

This isn’t to say that the project is impossible. Other countries have implemented online voting to various degrees. In 2000, the European Union launched the CYBERVOTE Project, conducting trials in Sweden, France and Germany. Estonia became the first country to hold legally-binding elections over the Internet when they conducted municipal elections online in 2005. Voting via the Internet remains an option for Estonian citizens to this day, with just over 30% of voters casting online ballots in this year’s parliamentary elections.

However, this is to say that we have a long way to go before we can safely say that we are able to implement online voting with any degree of security. And even if and when we could, we’d have to make the switch through legislation, which would presumably require support from Republicans in Congress who have no interest in expanding ballot access to the mass public.

It’s a great idea in theory, but I wouldn’t hold your breath.

(h/t Dell Cameron / The Daily Dot)

Jon Green graduated from Kenyon College with a B.A. in Political Science and high honors in Political Cognition. He worked as a field organizer for Congressman Tom Perriello in 2010 and a Regional Field Director for President Obama's re-election campaign in 2012. Jon writes on a number of topics, but pays especially close attention to elections, religion and political cognition. Follow him on Twitter at @_Jon_Green, and on Google+. .

Share This Post

21 Responses to “America is years away from being able to implement online voting”

  1. slideguy says:

    We always give the jobs out to the lowest bidder, too.

  2. slideguy says:

    Y’all watch the rollout of Sure, let’s vote online.

    Oh, and remember, the system will be assembled by the lowest bidder and/or highest campaign contributor.

  3. slideguy says:

    My take, and that of the programmers I hand out with. Online voting is an invitation to election rigging. So are voting machines.

  4. Indigo says:

    I suspected as much. Thank you.

  5. 2karmanot says:


  6. HeartlandLiberal says:

    As a retired IT Director, with 35 years experience in programming and support of computing at all levels, let me just point out that anyone who supports online voting simply has no idea what they are talking about.

    There is simply no way to secure online voting, to insure that the results cannot be hacked or manipulated. Based on my pretty extensive experience with computing, I assure you the ONLY automation I support is a sheet that can be read on which choices have been marked so that they pages can be scanned to speed up counting, but also so they can be read and counted by human beings to confirm accuracy if there is every any question or need for a recount. You could use this system to have voter by mail, and thus provide the ability to vote securely without having to go to a polling place, which is one of the arguments for online voting.

    The moment you go to total electronic voting you lose control of auditing, recounts, and any assurance whatsoever that the results can be trusted. Not only is it impossible to secure the backend of servers and networks hosting the applications, but you are opening it up to all the myriad devices by which voters would be connecting, and the moment you include the personal devices of voters, you have exposed yourself to a world in which an incredibly high percentage of them are already hacked, owned, and part of bot nets operated by criminal enterprises. And FBI report from 2014 estimated that worldwide 18 new computers are hacked and taken over by botnets every 17 seconds, 500 million computers a year.

    I run my own web server and email server, and right now, the attacks from China on my personal WordPress blogs are so out of control I am about ready to stop adding to the Symantec firewall on the web server, and just go to my router and drop every last IP block associated with China into a router level block, forever.

    Right now the only thing you can say about online system is that they are insecure and they WILL BE COMPROMISED. Just read up on the recent OPM fiasco. Just look at the steady rates of compromise of POS systems and credit cards. I have had a credit card compromised and replaced on average every six months for years now. I now have three credit cards from my credit union to be used for card present, online purchases, and paying bills, isolating the function of each card. and doing no payments out our our primary bank account. I keep two small checking accounts, into which I move money to pay bills only is I cannot pay with the purposed credit card. Plus I have three additional cards from three additional sources, to insure I have a card to use when traveling and when inevitably another one is hacked. The system is a pain sometimes, but better than the damage if our primary checking and savings account were to be compromised.

    I am unalterably opposed to online voting, because I know from three and half decades of up close and personal experience, including PCI compliance security, that it can NEVER be made secure. To think otherwise is completely unrealistic.

  7. Amina.Tomas says:

    weeks and-even more than, usd 10,000 this past munth . this is really the most financialy rewarding I’ve ever had . I actually started 6 months ago and almost straight away began to make over usd

  8. No. Hackers have proven they can get into sensitive government systems. Why would we want them to have a chance to hack our elections?

  9. Indigo says:

    I worry about that because the public was entirely confident of its power in late 19th century Spain. They had no idea what hit them because they were so week until the Spanish-American War took apart the tag ends of the empire. We’re kind of like that, behaving presumptuously and we don’t see it.

  10. Zorba says:

    Well, k, given that the Chinese hacked into government computers and stole the personal data of close to 25 million past and present federal employees, federal job applicants, and holders of federal security clearances, I wouldn’t trust the government to implement any type of secure, online voting.
    And, of course, it’s not just the government, and it’s not just hackers. Last week, on the same day, the computers of the New York Stock Exchange, United Airlines, and the Wall Street Journal all went down, for varying periods of time.
    For crying in a bucket, there are 16-year-olds in this country who are probably more competent and computer savvy than the bozos running the computer networks and cyber-security of our government and large corporations.

  11. 2karmanot says:

    I think the voting public is yet to realized how antiquated and wobbly is our so called advanced nation status.

  12. ComradeRutherford says:

    “there have been a number of elections where exit polls and actual tallied results have gone so far out of alignment as to suggest vote tampering.”

    Which is why the GOP has been getting rid of exit polling. Because it IS accurate and reveals GOP voting fraud.

  13. ComradeRutherford says:

    America is years away from being able to implement online voting…

    Because Republicans haven’t figured out how to game it so they always win, like the do with e-vote machines.

  14. BeccaM says:

    Technically and theoretically, fully online voting is possible. Unfortunately, the way things operate — especially here in America — if such a system were implemented, we would likely have no way of ensuring that the political wishes of whoever runs the system aren’t allowed to corrupt the whole thing.

    Since the mid-1990s, there have been a number of elections where exit polls and actual tallied results have gone so far out of alignment as to suggest vote tampering. The Max Clelland vote. Both of the Dubya elections. And so on. We have the owners of vote tabulation corporations donating to Republican candidates and we’re supposed to believe they’re not even tempted to rig the vote counts?

    As the old apocryphal saying from Stalin goes, “The people who cast the votes decide nothing. The people who count the votes decide everything.”

    Unfortunately, in this country, we have a habit of allowing partisan groups to influence these outcomes.

  15. taserian says:

    Implementing Internet voting is much more complex than just satisfying verification of individual votes; it also has to maintain a separation between the voter’s identity (for verifying that they are in fact a valid voter), the fact that they voted in this election (to prevent duplication of votes), and their specific vote (which should be secret from everyone except for the voter). And consider that auditability of an election can involve verifying that each person that cast a vote is in fact a valid voter, and that a group of voters may want to verify that their their votes were tabulated correctly (Candidate A only has 30 votes at final tally, when 50 people are willing to admit that they voted for that candidate, and can go through their personal vote verification process to demonstrate that what they say is true).

  16. Indigo says:

    It could work but given a government computer system that the Chinese hack with impunity, I’m not convinced it’s a good idea. Not at this time. And then there’s the question of obsolete operating systems (Windows 7, to name one) in government offices and the astonishing ignorance of our government representatives vis-a-vis the operation of their desktop Turing Machines. I think for now the idea of computer-based voting can only lead to a vote of No Confidence. Not yet. Not until computer-savvy Americans infiltrate our government bureaucracy.

  17. Hue-Man says:

    I skimmed through the linked Estonian materials (in English) and have the following non-specialist observations.
    1. The set-up is similar to mail-in ballot systems – a secret ballot inside an envelope which is mailed to the polling station.
    2. If the polling station, including scrutineers from the interested candidates, printed off the secret ballot, I would have faith in the integrity of the system.
    3. Instead, the secret ballot is submitted to the vote counting application which verifies that the ballot isn’t a duplicate and tallies the results. This is where my faith in the process fails; unless humans tallied the secret ballots before they were submitted to the counting program, it would be possible to program the “right” result into the counting program. Similarly, there would be no audit trail from the results through the counting program back to the secret ballot.

    The Estonian materials didn’t address the secret part of the secret ballot. If the vote counting program CAN be audited, does it necessarily lead back to how each individual actually voted?

    Maybe we just stop at (2) above and do a manual count of printed secret ballots (or the equivalent using a scanner). I’m further ahead than when I started this morning but still need to be convinced about the vote counting program.

  18. FLL says:

    I don’t know whether any online system will be “perfectly secure and functional.” I love the idea of online voter registration, which could be implemented now.

© 2020 AMERICAblog Media, LLC. All rights reserved. · Entries RSS