Network News

X My Profile
View More Activity

Experts raise warning flags over D.C. Internet voting plan

A national good-government organization and a group of leading computer scientists are raising concerns about a new Internet voting initiative set to debut for District voters in the coming weeks.

Absentee voters living overseas this year have the option of participating in a new "digital vote-by-mail" system. Absentee D.C. residents have been able to cast ballots by faxing them or attaching them to a regular e-mail, with the understanding that their vote would not be private. The new process encrypts the completed ballot and allows blind counting.

The District, like several other jurisdictions across the country, has been struggling to comply with a new federal law that mandates a 45-day period for absentee ballots to make the round trip to voters and back. The tight schedule between the District's primary and general elections makes sending and returning overseas ballots by mail virtually impossible, officials see the digital vote by mail system as a potential solution to the overseas voter problem. About 930 overseas voters are eligible to use the new system for November's election.

But a pair of letters questioning the legality and the security of the process were sent last week to council member Mary M. Cheh (D-Ward 3), the legislator who oversees city elections and who has also been the leading proponent of numerous voting reforms.

Common Cause, the nonpartisan good-government lobbying group, sponsored both letters. The first missive [PDF] questions whether the digital vote by mail system is "voter-verifiable," as required under the city's new election laws. The voter has no way of confirming that the ballot he or she sent is the same one that is counted by elections officials, the letter argues.

The second letter [PDF] raises sharp concerns over the vulnerability to infiltration by hackers, calling the new system a "poorly conceived experiment" that "imperils the overall accuracy of every election on the ballot."

The letter continues: "Return of marked ballots over the Internet is something we simply don't know how to do safely. Exercises such as this are counterproductive, because they will provide a false sense of security to the [D.C. Board of Elections and Ethics], while the real problems lie undetected."

The elections bureau was set to begin a test of the system Friday, one that would have allowed experts to cast sample ballots and test the system's vulnerabilities. But that test was delayed and is now expected to start early this week, concluding before the first overseas ballots are sent out next Monday. But that short test, critics argue, is simply not enough.

The 13 signers of the letter call for "extensive independent expert testing by those not having any financial or administrative interests in the system" before it is deployed.

Among the signers is Ron Rivest, a pioneer in computer security -- the "R" in the Internet-standard "RSA" encryption regime stands for Rivest -- as well as several other experts who have done research on Internet voting.

Alysoun McLaughlin, a spokeswoman for the elections board, says the letters are "missing the point." The digital vote-by-mail system, she says, is intended to improve upon an existing vote-by-e-mail system.

"The only other alternative is to tell voters who don't have time to receive and return their ballot that they can't vote," McLaughlin said. "Anyone who has an alternative solution that is voter-verifiable, secure and private should step forward. Disenfranchising our troops overseas is not an option."

The Board of Elections and Ethics has spent about $300,000 in federal grant money to roll out the system, which has been developed in collaboration with the Open Source Digital Voting Foundation, a California-based nonprofit.

Cheh said Monday that she would examine the program, perhaps at a hearing set for Oct. 8 -- though that is four days after absentee ballots are scheduled to be sent out. "We're not going to do something that jeopardizes the security of the ballot," she said.

By Mike DeBonis  | September 27, 2010; 4:26 PM ET
Categories:  DCision 2010, The District  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: DeMorning DeBonis: Sept. 27, 2010
Next: DeMorning DeBonis: Sept. 28, 2010

Comments

As a veteran and technologist, I believe or soldiers serve to protect the integrity our our democracy which is dependent on the integrity of everyone's vote. Ms. McLaughlin misses the point. You don't improve on an internet voting system with another internet voting system -- it's the internet part of it that's the problem. The letters' authors want soldiers overseas to have their votes counted as cast; this technology fails to assure that and puts their ballots at risk. The answer is in DCBOEE's hands already: use technology responsibly for instantaneous delivery of blank ballots and other voting related purposes, but not for hazardous electronic return. Accept all ballots that were voted timely (by Election Day) when they arrive. The Military and Overseas Voter Empowerment Act did not require electronic return of voted ballots, with good reason.

Posted by: LutherWeeks | September 27, 2010 8:48 PM | Report abuse

I agree with Luther Weeks. Deliver the ballot by email but accept the filled out ballot by regular mail. That should speed up the process and make it safe and effective for overseas voters. Cheh does not think through her legislation to the practical problems of actually implimenting the legislation.

Posted by: voter20 | September 28, 2010 1:45 PM | Report abuse

Absolutely fearful thing to consider internet voting! Do not do it!

They say this is "just for" some voters. Our experience has been down that track - it is the opening of the gate for surreptitious control of election outcomes, thus the loss of our democracy, by eventually using the internet for all casting of ballots.

My county uses paper ballots, hand-marked by the voters. And a Citizens' Observer group is established, who can enter the offices and watch everything that is going on, including selection of ballot batches for triple-checking of the counts (Once by OpScan equipment, and twice by hand-counting in public.)

There can be no Observation of internet voting - and just consider the number of virus and hacking incidents on the internet.

Internet voting cannot be trusted, and

"If you cannot trust the way your votes are counted, nothing much else in politics matters!"
- Marian Beddill, 2003
http://NoLeakyBuckets.org

Posted by: mariangb | September 29, 2010 2:28 AM | Report abuse

So, the first post was my concern. I can suggest a solution - notably based on our real-life experience in the other Washington - State.

As others wrote - send the blank ballot by whatever means, including internet delivery OUT. Require that a voter-verified paper ballot (v-v-p-b) be returned.

And move the Primary to an earlier date. WA did this, precisely for this reason (and others related to the rush to get ready.) That squashes the straw argument that there's not enough time.

Finally, accept overseas ballots if they were dispatched by the voter in time, for full processing until the day of the Certification of the election.

But the most important, is a system of management of the paper ballots which allows public oversight (that requirement cannot be met with computer-only systems), and the double-triple checking of the primary counting system. That counting can be by scanner-computer, but only if there is the external random "mini-audits".

A related idea, which we implemented years ago, is a CEAC - a Citizens' Elections Advisory Commission. We have 9 members, one for each party and related interests (like LWV), and others for specific interest groups. Meets monthly, asks questions of the Elections staff, and serves as a public information channel both ways.

Posted by: mariangb | September 29, 2010 3:17 AM | Report abuse

Post a Comment

We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.




characters remaining

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company