Experts raise warning flags over D.C. Internet voting plan
A national good-government organization and a group of leading computer scientists are raising concerns about a new Internet voting initiative set to debut for District voters in the coming weeks.
Absentee voters living overseas this year have the option of participating in a new "digital vote-by-mail" system. Absentee D.C. residents have been able to cast ballots by faxing them or attaching them to a regular e-mail, with the understanding that their vote would not be private. The new process encrypts the completed ballot and allows blind counting.
The District, like several other jurisdictions across the country, has been struggling to comply with a new federal law that mandates a 45-day period for absentee ballots to make the round trip to voters and back. The tight schedule between the District's primary and general elections makes sending and returning overseas ballots by mail virtually impossible, officials see the digital vote by mail system as a potential solution to the overseas voter problem. About 930 overseas voters are eligible to use the new system for November's election.
But a pair of letters questioning the legality and the security of the process were sent last week to council member Mary M. Cheh (D-Ward 3), the legislator who oversees city elections and who has also been the leading proponent of numerous voting reforms.
Common Cause, the nonpartisan good-government lobbying group, sponsored both letters. The first missive [PDF] questions whether the digital vote by mail system is "voter-verifiable," as required under the city's new election laws. The voter has no way of confirming that the ballot he or she sent is the same one that is counted by elections officials, the letter argues.
The second letter [PDF] raises sharp concerns over the vulnerability to infiltration by hackers, calling the new system a "poorly conceived experiment" that "imperils the overall accuracy of every election on the ballot."
The letter continues: "Return of marked ballots over the Internet is something we simply don't know how to do safely. Exercises such as this are counterproductive, because they will provide a false sense of security to the [D.C. Board of Elections and Ethics], while the real problems lie undetected."
The elections bureau was set to begin a test of the system Friday, one that would have allowed experts to cast sample ballots and test the system's vulnerabilities. But that test was delayed and is now expected to start early this week, concluding before the first overseas ballots are sent out next Monday. But that short test, critics argue, is simply not enough.
The 13 signers of the letter call for "extensive independent expert testing by those not having any financial or administrative interests in the system" before it is deployed.
Among the signers is Ron Rivest, a pioneer in computer security -- the "R" in the Internet-standard "RSA" encryption regime stands for Rivest -- as well as several other experts who have done research on Internet voting.
Alysoun McLaughlin, a spokeswoman for the elections board, says the letters are "missing the point." The digital vote-by-mail system, she says, is intended to improve upon an existing vote-by-e-mail system.
"The only other alternative is to tell voters who don't have time to receive and return their ballot that they can't vote," McLaughlin said. "Anyone who has an alternative solution that is voter-verifiable, secure and private should step forward. Disenfranchising our troops overseas is not an option."
The Board of Elections and Ethics has spent about $300,000 in federal grant money to roll out the system, which has been developed in collaboration with the Open Source Digital Voting Foundation, a California-based nonprofit.
Cheh said Monday that she would examine the program, perhaps at a hearing set for Oct. 8 -- though that is four days after absentee ballots are scheduled to be sent out. "We're not going to do something that jeopardizes the security of the ballot," she said.
Posted by: LutherWeeks | September 27, 2010 8:48 PM | Report abuse
Posted by: voter20 | September 28, 2010 1:45 PM | Report abuse
Posted by: mariangb | September 29, 2010 2:28 AM | Report abuse
Posted by: mariangb | September 29, 2010 3:17 AM | Report abuse