Connecticut lawmakers are considering legislation to allow military voters to cast ballots over the Internet. The intention of this legislation is well-meaning — Connecticut does need to improve the voting process for military voters — but Internet voting is not the answer.
Every day, headlines reveal just how vulnerable and insecure any online network really is, and how sophisticated, tenacious and skilled today's attackers are. Just last week, we learned that the U.S. has already experienced our first-ever documented attack on an election system, when a grand jury report revealed that someone hacked into the Miami-Dade primary elections system in August 2012.
A chilling account in The Washington Post recently reported that most government entities in Washington, including congressional offices, federal agencies, government contractors, embassies, news organizations, think tanks and law firms, have been penetrated by Chinese hackers.
They join a long list that includes the CIA, FBI, Department of Defense, Bank of America, and on and on. These organizations have huge cybersecurity budgets and the most robust security tools available, and they have been unable to prevent hacking. Contrary to popular belief, online voting systems would not be any more secure.
Not surprisingly, a senior cybersecurity official with the Department of Homeland Security warned election officials last year that online voting is premature and not advisable at this time. The National Institute of Standards and Technology (the federal body tasked with researching Internet voting) issued a statement shortly after, warning that secure Internet voting is not feasible with the tools currently available. Because the agency determined that Internet voting cannot be done securely, it has not developed testing or certification standards for systems.
So why are state lawmakers considering online voting for the military?
First, there is a mistaken perception that because we can shop and bank online, we should be able to vote online securely. But shopping or banking online are far from secure. Banks and online merchants lose billions every year to online fraud. They factor this into the cost of doing business.
There is, however, no acceptable level of vote fraud or manipulation. Moreover, elections have unique properties that are unlike banking or e-commerce. In a financial transaction, both parties can check each online transaction by reviewing a statement or receipt. But we vote by a secret ballot. Neither the voter nor the election official can verify that a ballot has been received the same way it was sent. This makes online voting especially susceptible to undetected hacking.
Second, we have seen a big push for Internet voting (including via email and digital fax) because the vendors of online voting systems have targeted state lawmakers and election officials with aggressive marketing and sales campaigns. The vendors have made extraordinary claims of security and auditability — all of which are unsubstantiated by any publicly reviewable research or documentation. None of these systems are subject to any standardized security testing or certification and claims of security are backed only by the vendors' words.
There are things we can do to improve the voting process for our military voters without risking the integrity of their ballots or the security of our elections.
1. Move registration deadlines closer to the election. Virginia did this in 2012 and it paid big dividends, allowing service members to receive and return their ballots up to Election Day.
2. Allow our troops to use the Federal Write-In Absentee Ballot to register and vote. Many states now allow service members to do both. It's the military voter equivalent of Election Day Voter Registration. This widely used, practical reform would make absentee voting much easier for service members stationed outside of Connecticut.
3. Count military ballots postmarked by Election Day, and received seven days after. This would still give election officials enough time to count the ballots before certification, and would give our troops an opportunity to vote on Election Day.
Our legislators are right to act to improve voting for our brave men and women in uniform, but online voting is not yet the answer. Instead, the General Assembly should look to make the voting process easier and more accessible with some simple, common-sense improvements.
Pamela Smith of Old Saybrook is the president of Verified Voting, a nonpartisan organization dedicated to preserving the integrity of elections.
Reprinted with permission of the Hartford Courant.
To view other stories on this topic, search the Hartford Courant Archives at