Category: Internet Voting

Fax and email voting: Hearing Highlights

With the same success as Rhode Island, perhaps this bill would decrease Connecticut’s failed return rate from 40% to 36.8%.

CT-N has posted the video from the Veterans’ Affairs hearing. About a half-hour to three-quarters of an hour of the four and one-half hour hearing pertained to fax and email voting. Watching the Windows Media Player version, you can see the times and select testimony you would like to watch <video> (click on lower left where it says ‘open in media player’)

Earlier coverage <read>

Overall:

Sadly,  CT has a 40% failure return rate according to the Secretary of the State (SOTS)

 Here are some highlights:

0:34 Town Clerk of Waterbury for the Town Clerks Assn.

0:41 She discusses risks of fraud

0:44 Sen Slossberg the sponsor

0:51 Rep Alexander, a former Adjutant and Voting Assistance Officer

Describes the risks of Fax on the submission end
(Much worse than I had imagined, also where does
the ballot go after faxing? Would a soldier vote
the way he/she thinks higher ups would want,
assuming they might look?)

1:00 Deputy SOTS James Spallone

Good review of OVF data and security concern

1:10 Senator Slossberg
Has info from all 29 states that do email and fax return that there have never been any problems

1:54 Vet that had return problem

Sen Slossberg asks if he is smart enough to waive rights

1:59  Rhode Island SOS Office

         No fraud allegations in all these years

         Less risk in RI as they do centrally

         53/1700 were sent in email/fax

Note: At 53/1700 sent in for RI, even if all those would not otherwise have been counted, then the return rate would only have been increased by 3.2%, after the system has been available since  1999. With the same success as Rhode Island, perhaps this bill would decrease Connecticut’s failed return rate from 40% to 36.8%.

Testimony: Worse than online voting, fax and email voting

I applaud this Committee for holding hearings on this Unconstitutional, Risky, Unnecessary, and Discriminatory bill. Last year, without hearings, this concept it was placed far down in an unrelated emergency bill.

Today we submitted testimony against Senate Bill 647 to the Veterans’ Affairs Committee on a bill to allow email and fax return of votes for Military voters. The bill:

AN ACT CONCERNING VOTING BY MEMBERS OF THE MILITARY SERVING OVERSEAS.

Be it enacted by the Senate and House of Representatives in General Assembly convened:

That sections 9-153e and 9-153f of the general statutes be amended to allow any member of the armed forces who is an elector serving overseas, or the member’s spouse or dependent if living where such member is stationed, to return their absentee ballot by electronic mail or facsimile.

Statement of Purpose:

To allow military persons serving overseas to return their ballot by electronic mail or facsimile.

From our testimony:

I applaud this Committee for holding hearings on this Unconstitutional, Risky, Unnecessary, and Discriminatory bill. Last year, without hearings, this concept it was placed far down in an unrelated emergency bill.

Compared with Online voting email and fax voting is a riskier, cheaper alternative:

Email and Fax Voting Is More Risky Than Online Voting:

  • Every week we hear of the compromise of email, databases, and severs maintained by large businesses and government agencies.
  • We are all familiar with emails and faxes, we send or are sent    to us, never being received. All network communications are subject to interception, substitution, or deletion. Military voters and registrars are not exempt from these problems.
  • ·         President Obama has called the protection of government and private information and communications networks “one of the most serious … security challenges of the 21st century,” (Hartford Courant May 30, 2009.)

Registrars Are Not Equipped To Implement Email Or Fax Voting:

  • Currently some towns do not provide Internet to their registrars and some do not provide email.
  • Frequently, published email addresses for registrars are out of date.
  • To whom would soldiers email votes? The Democratic or Republican Registrar? To a common email account? Who will process that? How can anyone be sure ballots that successfully arrive at an email account are not dropped or changed?
  • Who manages the Fax? Who can see or discard the ballots that come via the Fax?

We quote Governor Malloy’s veto message on the Constitutionality of a similar bill last year:

I agree with Secretary of the State Denise Merrill that this provision raises a number of serious concerns. First, as a matter of policy, I do not support any mechanism of voting that would require an individual to waive his or her constitutional rights in order to cast a timely, secret ballot, even if such waiver is voluntary. Second, as the Secretary of the State has pointed out, allowing an individual to email or fax an absentee ballot has not been proven to be secure. In 2011, the United States Department of Commerce, National Institute of Standards and Technology, issued a report on remote electronic voting. The report concluded that remote electronic voting is fraught with problems associated with software bugs and potential attacks through malicious software, difficulties with voter authentication, and lack of protocol for ballot accountability.

We will be disappointed, but not surprised if the Veterans’ Affairs Committee ignores the discriminatory nature of this proposal, as we said:

This Bill Is Discriminatory: Many overseas voters are veterans but not members of the Military. Some serve in remote areas or challenging conditions. Including: State Department, CIA, and NGO staffs, plus Military Contractors, and Peace Corps volunteers.

And Unnecessary:

This Bill Is Unnecessary: Conventional solutions for effective, safe, and economical Military voting are available and proven. The state with the best results for overseas voting, Minnesota, does not use online voting. Let’s emulate their example.

Among others, we were joined in opposition testimony by Verified Voting:

OPPOSITION TO BILL NO. 647 – Understanding that email and fax voting are forms of internet voting – in fact they are the least secure forms. We dishonor our military by providing them insecure means to vote.
Chairs Leone and Hennessy and Members of the Committee, Verified Voting works tirelessly around the country and in Washington D.C. to support expanded opportunities for our military personnel to vote.However we oppose Bill No. 647 because it would dishonor our military personnel with an insecure means to vote. Email and fax voting are internet voting and are not secure. Those serving to secure our democracy should not be provided an unequally insecure means to participate in that democracy. That is what 647 would do.

Verified Voting was a strong supporter of the federal MOVE Act, passed in October 2009. The MOVE Act continued to show excellent gains in voter enfranchisement amongst military personnel in the 2012 General Election. We are members of the Alliance for Military and Overseas Voting Rights (AMOVR), where we join many military personnel support colleagues to work on their behalf year round.
We take support for military voting seriously and oppose 647 on strict empirical grounds of insecurity.
We strongly recommend against allowing ballots to be cast over the internet, via email, internet?based fax, or through internet portals. Online voting presents a direct threat to the integrity of elections in Connecticut, because it is not sufficiently secure against fraud or malfunction. Cyber security experts with the Department of Homeland Security have publicly warned against internet voting…

Allowing ballots to be cast by email, internet?based fax, or through internet portals ? at least with the current security tools ? is an invitation to partisan operatives and nation?states to tamper with the integrity of our elections. The problem is particularly pernicious because it is unlikely that such attacks will be detected. Attacks on consumer and business bank accounts can be detected because the accounting systems are reviewed by multiple parties and auditable records exist. Bank statements, unlike our voted ballots, are not anonymous. This makes it critical that the physical ballot which the voter inspected is returned for counting. If a purely electronic form is transmitted, that unsecured vote is not verifiable by the voter and does not constitute an auditable record of the vote.

Also see CTNewsJunkie coverage of Sen Slossberg and Rep Morin’s press conference, surrounded by veterans and the Rhode Island Secretary of State. The article includes some of our testimony and a veteran apparently unaware of the free express mail return of voted ballots <read>

Edmonton rejects Internet voting 11-2

It has been a matter of consideral discussion and evaluation in Edmonton, Alberta. Should they jump on the bandwagon and double the cost of elections to accept the risks of Internet voting? For now, Edmonton is solidly on the side of science, rejecting Internet voting for very good reasons.

Like DDT, Nuclear Power, Fast Food, and GMOs, Internet voting has some very attractive, beneficial aspects, yet there are often unknown, overlooked, or downplayed real or potential problems. It takes a lot of careful research and evaluation to determine the net current and future risks and benefits.

It has been a matter of consideral discussion and evaluation in Edmonton, Alberta. Should they jump on the bandwagon and double the cost of elections to accept the risks of Internet voting? For now, Edmonton is solidly on the side of science, rejecting Internet voting for very good reasons.

We have written recently of the debates, the costs, the risks, and the Citizen Jury lacking technical participation.

Like DDT, Nuclear Power, Fast Food, and GMOs, Internet voting has some very attractive, beneficial aspects, yet there are often unknown, overlooked, or downplayed real or potential problems. It takes a lot of careful research and evaluation to determine the net current and future risks and benefits.

http://tinyurl.com/EdRejects

EDMONTON JOURNAL

Edmonton council defeats proposal for Internet voting this fall


– The future of Internet voting in Alberta is unclear after Edmonton city council turned down a proposal Wednesday to allow online ballots as part of October’s civic election.

Although city staff insisted the system was extensively tested over the past year, including a mock “jelly bean” election and confirmation by a citizen jury, councillors worried the process isn’t entirely secure.

“The fact is, if major banks can be hacked, what’s guaranteeing our voting system wouldn’t be hacked?” Coun. Kerry Diotte asked.

There were also fears someone could collect other voters’ email addresses, picture identification and passwords, then cast multiple ballots in a hotly contested race.

“If you want to coerce someone, it’s easier to do that with Internet voting than it is at a voting station,” Coun. Tony Caterina said.

“At this point in 2013, I don’t think you’re ready to answer all these questions.”

There was little support for the initial proposal to permit Internet ballots before the Oct. 21 election in advance polls, which attracted 15,000 people in 2010.

But council voted 11-2 against a compromise motion to allow it just for special ballots, used three years ago by about 800 shut-ins, election workers and people away from Edmonton for an extended period.

Don Iveson and Ben Henderson were the only councillors to favour the move, arguing electronic ballots are as secure as the paper version.

“I think there’s, frankly, some paranoia about the technology because it’s unknown,” Iveson said.

“I understand the instinct to want to test it further, but those risks that people will behave badly aren’t going to go away.”

City clerk Alayne Sinclair said an outside consulting company was hired to try to breach the jelly bean election system, but along with a NAIT computing class and 10 other hackers, they didn’t succeed.

While one computer programmer says he cast two ballots in the mock election, showing it’s vulnerable to fraud, he appears to have done this by registering twice, which wasn’t being controlled, Sinclair said.

“We were told by the professionals that for all of the time people say they can penetrate the system, there’s no example anywhere that anyone has.”

Providing Internet ballots would have cost $400,000.

The city has already paid $400,000 to test the system developed by Spain’s Scytl, but Coun. Linda Sloan had philosophical as well as money concerns.

“Do we really want to configure a system where people can vote in their pyjamas? … Voting is an act of civic engagement,” she said.

“I’m not convinced this is a direction we want to take, particularly because it privatizes both the act and the system of voting.”

The province has been working with Edmonton, St. Albert and Strathcona County since last year on how to introduce Alberta’s first Internet voting, already used in dozens of centres in Ontario and Nova Scotia.

Grande Prairie, the Regional Municipality of Wood Buffalo, Airdrie, and Lethbridge were also studying the idea.

Officials in the two capital region municipalities don’t know what will happen now that their largest partner has backed out.

“The intention of the pilot was to have the three of us do it together,” said Jacqueline Roblin, Strathcona County’s manager of legislative services.

“Now that Edmonton is no longer on board, I’m not sure how this will proceed.”

But Kalina Kamenova, who spent months working on public consultation for the scheme as research director at the University of Alberta’s Centre for Public Involvement, said she thinks city council made the wrong decision.

Most councillor concerns were already addressed by the 17-member citizen jury, which after days of discussions and hearing from experts supported online voting, Kamenova wrote in an email.

“It is surprising that councillors went against the verdict of the citizen jury and overlooked Edmontonians’ overwhelming support for this innovative voting option,” she wrote, emphasizing this is her opinion.

“It makes you wonder why so much money is being spent by the city for public involvement when citizens’ input doesn’t really have any impact on decision-making.”

© Copyright (c) The Edmonton Journal

Testimony: Polling Place Posting, Enforcement, Early Voting, and Internet Voting

Yesterday, in the midst of the gun control hearings drawing a couple thousand, we spent an hour in a snowy entrance line to testify on two bills before the Government Elections and Administration Committee. We had planned on testifying on H.B. 5600, however, with many testifying on H.J. 16, I offered additional information to the Committee on that bill and on Internet voting, which was also discussed.

Yesterday, in the midst of the gun control hearings drawing a couple thousand, we spent an hour and a half in a snowy entrance line to testify on two bills before the Government Elections and Administration Committee. We had planned on testifying on H.B. 5600, however, with many testifying on H.J. 16, I offered additional information to the Committee on that bill and on Internet voting, which was also discussed.

H.B. 5600, generically titled “AN ACT CONCERNING THE REGISTRARS OF VOTERS” dealt with three items:

  • Requiring towns to provide Internet access for all Registrars of Voters
  • Requiring the posting of voter ID requirements at all polling places
  • Increasing the authority of the Secretary of the State by making procedures and directives enforceable by the State Elections and Enforcement Comission

We testified in favor of all three concepts. <testimony>.

  • Hard to imagine it, yet some towns do not provide Internet access in this day and age, even with it is available town staff.
  • Posting voter ID requirements is to provide uniformity such that voters are not illegally turned away or illegally allowed to vote. I suggested that lists of registered write-in candidates should also be posted.
  • In general we welcome more enforcement, yet the text of the proposed bill is in some areas two broad and in others too narrow. I also needs some further work to assure clarity and transparency. (Read the testimony)

H.J. 16 is the Constitutional Amendment from last year that needs to be approved again by this Legislature and then Connecticut voters in 2014 “RESOLUTION APPROVING AN AMENDMENT TO THE STATE CONSTITUTION TO GRANT INCREASED AUTHORITY TO THE GENERAL ASSEMBLY REGARDING ELECTION ADMINISTRATION.”

The amendment would allow the Legislature to specify early voting such as in-person early voting or no-excuse absentee voting. We assumed, incorrectly, that there would be little discussion and that major debates would occur in 2015 if the amendment passes.

Secretary of the State, Denise Merrill, made a brief statement summarizing and supporting the bill which lead to perhaps forty-five minutes of pro and con questioning by the Committee, which also included questions on the largely unrelated topic of Internet voting for the Military. Others added testimony on the bill as well.

Scrapping most of my prepared remarks, I dedicated about half of my allocated three minutes to H.J. 16 and Internet voting. I provided the committee with information on the risks, costs, and value of various early voting methods, Internet voting, and how Connecticut might best serve all Overseas voters, including the Military.

The Committee was very attentive and open to considering my testimony: <testimony>

  • Especially the sources of the information that all forms of early voting decrease turnout. I promised to followup with links to the references.
  • I suggested following the example of Minnesota which had the greatest success in serving overseas voters, without risky, expensive, and ineffective Internet voting.
  • I reaffirmed my support of polling place Election Day Registration (EDR), its potential to increase turnout, while also reaffirming my prediction of disappointing results and concerns for very long lines.

Update: CT-N video, my testimony is about 75% of the way in <watch>

If it feels good, do it! – Oh! No! Canada!

Based on the theory that if voters like Internet voting and nobody has recognized a problem, it should be implemented, no matter what the cost, no matter what risks identified by experts. The voting version of unhealthy living, If it tastes good, eat it!. Technically know as common sense, that works sometimes, and at other times brings us common sense ideas like the earth revolving around the sun.

A couple of years ago we posted: Damn the science; Damn the integrity; If it feels good do it. Based on the theory that if voters like Internet voting and nobody has recognized a problem, it should be implemented, no matter what the cost, no matter what risks identified by experts. The voting version of unhealthy living, If it tastes good, eat it!. Technically know as common sense, that works sometimes, and at other times brings us other commons sense ideas like the earth revolving around the sun.

Our neighbors up to the north in Warterloo and Edmonton are using that common sense to justify Internet Voting:

From the Waterloo Record: Waterloo to look into online municipal election voting <read>

WATERLOO — The City of Waterloo will investigate using online and telephone voting for the 2014 municipal elections.

Council went against the best informed person it had at the table and voted Monday to look into internet and telephone voting for the 2014 municipal election. The city will seek proposals from companies with voting technology, and wants the cities of Cambridge and Kitchener to consider using it as well.

Coun. Jeff Henry grew up in Markham which has used internet voting for several years and also been part of University of Waterloo student elections where electronic voting was used.

“My skepticism comes with knowledge,” Henry said.

He raised issues with security and democracy, similar to concerns expressed by Kitchener politicians when they debated the idea. For more than a year the city studied the process and found issues with security, cost, democracy and guideline issues.

I think this is a great idea,” Coun. Karen Scian said. “I think if we can figure out how to do it securely and figure out how to engage more people to vote and make it easier for people to vote then the whole community benefits.

Tim Jackson, a member of the Barnraisers council, urged councillors to take the jump, earning himself a spot on a committee that will review the request for proposals.

“As the most intelligent community in the world it’s almost a given that we should be embracing the concept of electronic voting,” Jackson said.

City clerk Susan Greatrix said it is expected online voting would add costs to the election process.

“I don’t anticipate there would be a reduction in election costs,” Greatrix said. “It would be much more expensive than traditional voting.”

Kitchener’s last election cost about $400,000. Adding online voting could add more than $300,000 to those costs.

Coun. Henry and Coun. Scott Witmer voted against the idea, but the proposal passed.

Nothing has been decided on which voting method will be used. That decision is expected later this year when staff have evaluated proposals on the idea.

Edmonton Journal: Internet voting option proposed for Edmonton civic election <read>

Edmonton should allow Internet voting for advance and special ballots in next October’s civic election, a report released Thursday recommends.

The proposal, following more than a year of study that included a test “jelly bean election” and the verdict of a citizen jury, would make Edmonton the first western Canadian city where candidates can be chosen online…

But the province and the 17-member citizen jury suggested allowing anyone who wants to take part in the advanced poll, starting almost two weeks before the Oct. 20 election, to register and pick their candidates online.

There were about 6,000 advanced votes in the last election out of a total 199,000 ballots cast, a turnout of 33 per cent.

“We wanted to honour the citizen jury process, and the citizen jury told us they wanted to have at least 10 days of voting,” Sinclair said.

“I guess from everyone’s perspective it’s a voting option. We want to make sure there are no barriers.”

Checks done by an outside company during last fall’s jelly bean election, which asked people to select their favourite candy colours, food and other preferences, showed the system is secure from hackers, the report said.

To ensure the process isn’t rigged, at least four out of seven members of an electoral board must produce their digital key cards and passwords to open or close the ballot box, and recounts are possible.

“Because we demonstrated it was safe and secure, the province is OK with us proceeding,” Sinclair said…

An online city survey done last fall showed three-quarters of the 400 respondents agree Edmonton should provide the option of Internet voting.

More than nine out of 10 people who opposed it were concerned about security.

We commented on  the Edmonton system as part of a final exam for the Coursera course, Securing Digital Democracy. Since the course is complete and all exams graded, I can provide my answer:

1.         Threat – Imposter Sites

Someone could create a site that could easily be confused with the actual site, act like that site to provide information, register voters and accept their votes, then act like the voter to register that voter and vote on the actual Edmonton system. Reference the following FAQ:

23. How can I verify that I am accessing the actual voting system(no phishing)?

When accessing the voting system, ensure that you are accessing the following website:  https://internetvoting.edmomton.ca. The voting system website will have the ‘s’ following ‘http’ indicating that the connection is encrypted and secure

1) The FAQ highlights how important it is to interact with the system through a specific URL starting with ‘https’. 2) Yet, the FAQ page itself is an ‘http’ not a ‘https’ page so that it is itself not protected and could be intercepted, to lead the unsuspecting voter to a fake site for instruction, registration, and voting. 3) This version of the FAQ above is actually a fake with the city name in the URL changed, to lead the unsuspecting voter to a criminal relay site.

2.         Threat – Coercion

A coercer could watch a voter vote under threat. One way to reduce that threat would be provide the opportunity for a voter to subsequently vote again and have that vote count, not the observed coerced vote, however, this system only allows one vote, according this FAQ:

28. Once a vote has been cast, can it be changed?

No. Once a vote has been cast [i.e. you confirm your vote] it cannot be changed. This process is the same as dropping the ballot into the ballot box in a traditional paper-based election, ensuring complete voter anonymity and secrecy of the ballot.

Ironically, this attribute which facilitates coercion is touted as related to protecting secrecy.

3.         Threat – Malware, Client Side Attack

The system provides for use of a variety of browsers and operating systems, including older windows versions, XP, and Vista, initial versions of which were subject to many security issues. Perhaps we need to ask more questions: What precautions or methods are employed to prevent or recognize client side attacks?  What testing on each browser/operating system combination? Was there any open-ended testing? If so, who performed that testing? What were the results?

I am skeptical that there is any awareness of such client side or other threats. None of the FAQs address the possibility of client side or server side threats. The whole thrust of the test is voter satisfaction, not on assessing the security of the test. The public test makes no mention of testing security, makes no offer to the public to attempt to break the system, there is no guarantee that anyone successfully compromising the test will be exempt from civil or criminal penalties. This view is reinforced by noting that the research team associated with the project includes several professors of political science but none with apparent expertise in computer science, security or related fields.

An Oscar Performance: Blame the Customers and Users.

Unprofessional systems “professionals” often resort to blaming the users for systems that are difficult to understand and use. Similarly, software vendors blame their customers for the inadequacies of the systems they have sold to or implemented for those customers.

Wired: E-Voting Snafu Pushes Back Oscar Nomination Deadline <read>

This year, Oscar voters are getting a deadline extension, giving members an extra day to vote on the nominees for this year’s Academy Awards after technical issues plagued the first attempt by The Academy of Motion Picture Arts and Sciences to allow online voting.

The Academy announced in early 2012 that it would be making e-voting available to members, and as is often then case in the move from analog to digital, the transition to the new voting platform hasn’t been without hiccups. In a recent Hollywood Reporter analysis, many Academy voters complained of issues with logging in to the voting site — something an Academy representative attributed to voters “forgetting or misusing passwords” – difficulty navigating the site once they were logged in, and even the potential for hackers to infiltrate the website and influence the vote.

“They should have had more lead time than, ‘Here you go; this is what we are expecting now,’” one Academy voter told THR. “We’re talking about many elderly people who are not that computer literate. They might think that it’s simple, but the simplest thing isn’t simple to many people…. There will probably be a large percentage of people who will just say, ‘Screw it’ and not even vote this year.”
Documentary filmmaker Morgan Spurlock tweeted just last week that “the password they sent didn’t work for my log in – and they couldn’t e-mail me a new log in, only snail mail.” Some even called it a “disaster” and expressed worry that the website would be susceptible to hacking. Others worried that frustrations with the new system could lead to low voter turnout.

Unprofessional systems “professionals” often resort to blaming the users for systems that are difficult to understand and use. Similarly, software vendors blame their customers for the inadequacies of the systems they have sold to or implemented for those customers.

However, Lori Steele, the CEO of the company that developed the electronic voting system for the Academy, said that despite those reports, the majority of the feedback her firm Everyone Counts had received was positive and that voters had access to a 24-hour telephone support line and assisted voting stations in Los Angeles, New York and London. She also added that the deadline extension was the result of the Academy simply wanting to give voters more time and not because of any particular issue with the e-voting site.

“Voting through our platform has gotten really rave reviews from most members and the user experience went through multiple levels of user testing with members and the satisfaction rate is extremely high,” Steele said in an interview with Wired. “There have been some issues — as you’ve read — with passwords and that simply means the system is working, so those wouldn’t be the reasons that this would be extended.”

Goodbye Sandy, Goodbye Science, Goodbye Secret Voting

Like other disruptive events, storm Sandy is being used to justify very questionable emergency voting changes in New Jersey. The Lieutenant Governor of New Jersey has announced virtually unlimited fax and email voting – some would say this is the camel’s nose in the elections tent – I would say it is more like the other end of camel.

The Patriot Act was justified and passed quickly after 911. It contained many legally questionable items that law enforcement had wanted for years. Crises are used for that. Fortunately we have avoided mercenaries securing the Northeast, like BlackWater securied New Orleans after Katrina. Hopefully our schools will not be transformed like those in New Orleans.

Like other disruptive events, storm Sandy is being used to justify very questionable emergency voting changes in New Jersey. The Lieutenant Governor of New Jersey has announced virtually unlimited fax and email voting – some would say this is the camel’s nose in the elections tent – I would say it is more like the other end of camel.

Andrew Appel has written a post describing some of the problems with this: NJ Lt. Governor invites voters to submit invalid ballots <read>

We see already one problem:  The loss of the secret ballot.  At many times in the 20th century, NJ political machines put such intense pressure on voters that the secret ballot was an important protection.  In 2012 it’s in the news that some corporations are pressuring their employees to vote in certain ways.  The secret ballot is still critical to the functioning of democracy.

But there’s a much bigger problem with the Lt. Gov. Kim Guadagno’s directive:  If voters and county clerks follow her instructions, their votes will be invalid.

Her directive reads,  “Any voter who has been displaced…is hereby designated an `overseas voter’ for the purposes of the Overseas Residents Absentee Voting Law, N.J.S.A. 19:59-1 et seq.”   But the New Jersey Statute (at 19:59-15.4) requires an additional step that Lt. Gov. Guadagno omitted from her directive:

“N.J.S.A. 19:59-15.4(a):  Immediately after a copy of the voted overseas ballot or federal write-in absentee ballot has been transmitted by electronic means to the appropriate county board of elections, as permitted pursuant to section 3 of P.L.1995, c.195 (C.19:59-14), the overseas voter shall place the original voted ballot in a secure envelope, together with a certificate substantially the same as provided for in section 9 of P.L.1976, c.23 (C.19:59-9), and send the documents by air mail to the appropriate county board of elections.

According to the update at the bottom of the post, that the directive may be corrected or clarified so that the paper ballot is required to be submitted, possibly disenfranchising voters who do not learn of the added requirement in time. Yet at least several problems remain:

  • Are voting officials really able to comply with the directive and handle the volume and votes properly?
  • The security of Internet voting is highly questionable, with email and fax voting among the most questionable methods.
  • The secret ballot should not be waived by individual voters, or its purpose will be lost.

As I commented on the Appel post:

The Secret Ballot was implemented to avoid selling votes and coercion of votes. It should be a right for all voters that no vote can be sold or coerced. A single voter cannot in reality waive all the other voters’ rights that every ballot be secret or the purpose is lost.

And as Barbara Simons commented:

I agree that these ballots might end up in court, especially if the election is close. Since not everyone has equal access to the Internet, and people without power won’t have any, Bush v. Gore might be used to challenge the results. In addition, it’s not clear that the Lieutenant Governor has the authority to create a new class of voters by designating displaced voters to be in effect overseas voters. Finally, it will be impossible to recount votes cast over the Internet unless the Lieutenant Gov. acts on the recommendations in this article. And even then, as Andrew has noted, the situation will be murky.

FEMA needs to create contingency plans so that when emergencies occur before or during an election, there are securely stored backup paper ballots and provisions for producing new ones as needed.

Barbara Simons, co-author “Broken Ballots: Will Your Vote Count?”

We have many posts covering the risks of Internet voting, but now we can also refer to an excellent peer reviewed article by Barbara Simons and Doug Jones: Internet Voting in the U.S. <read>

The assertion that Internet voting is the wave of the future has become commonplace. We frequently are asked, “If I can bank online, why can’t I vote online?” The question assumes that online banking is safe and secure. However, banks routinely and quietly replenish funds lost to online fraud in order to maintain public confidence.

We are told Internet voting would help citizens living abroad or in the military who currently have difficulty voting. Recent federal legislation to improve the voting process for overseas citizens is a response to that problem. The legislation, which has eliminated most delays, requires states to provide downloadable blank ballots but does not require the insecure return of voted ballots.

Yet another claim is that email voting is safer than Web-based voting, but no email program in widespread use today provides direct support for encrypted email. As a result, attachments are generally sent in the clear, and email ballots are easy to intercept and inspect, violating voters’ right to a secret ballot. Intercepted ballots may be modified or discarded without forwarding. Moreover, the ease with which a From header can be forged means it is relatively simple to produce large numbers of forged ballots. These special risks faced by email ballots are in addition to the general risks posed by all Internet-based voting schemes.

Many advocates also maintain that Internet voting will increase voter participation, save money, and is safe. We find the safety argument surprising in light of frequent government warnings of cybersecurity threats and news of powerful government-developed viruses. We see little benefit in measures that might improve voter turnout while casting doubt on the integrity of the results.

Almost all the arguments on behalf of Internet voting ignore a critical risk Internet-based voting shares with all computerized voting—wholesale theft

The cost of Internet voting, especially up-front charges, can be steep. For example, 2009 cost estimates from Internet voting vendor Everyone Counts were so large that a legislative proposal in Washington state to allow Internet voting for military and civilian voters was killed in committee. The estimated costs, obtained by John Gideon of VotersUnite, included proposed up-front costs ranging from $2.5 million to $4.44 million. After that, each county would have been hit with an annual license fee of $20,000-$120,000, plus $2-$7 per overseas voter…

Internet voting does not necessarily increase turnout. Everyone Counts ran an Internet-based election in Swindon, U.K., in 2007 and a local election in Honolulu, HI, in 2009 where votes were cast only by Internet or telephone. The Electoral Commission, established by the U.K. Parliament, determined that Internet voting in Swindon had a negligible effect on turnout; meanwhile, in Honolulu there was an 83% drop in turnout compared to a similar election in 2007. We know of no rigorous study of the impact of Internet voting on turnout; conducting such a study would be difficult, since turnout can vary enormously from election to election. But even if Internet voting could increase turnout, the increase would be irrelevant if the election results were at risk of corruption by insecure Internet use.

Still not convinced? We suggest reading the entire article, we have highlighted just a few points.

What We Worry? What Could Go Wrong On Election Day?

America’s elections are run entirely on the honor system. What could possibly go wrong?

Detroit News op-ed: BenDor and Stanislevic: What could go wrong on Election Day? <read>

We worry that the nation will end up with no confidence in the election results, regardless of who wins.

That’s because we have no systematic way to detect malfunctions in the voting machines or tabulators on Election Day…

We worry that there could be widespread fraud in the sending of voted military and overseas ballots by fax, email or other vulnerable internet methods…

We fear that close elections will go to the courts without any prospect of credible numbers. This is because of two widespread conditions that preclude complete, meaningful recounts: no paper ballots and no manual counts….In states that do allow a hand recount, like Michigan, the burden is often on the apparent losing candidate, not only to pay for the recount, but also to bear the stigma of “poor loser.” The voting public has no say.

We lose sleep over the prospect of the ultimate disenfranchisement of thousands of voters…

America’s elections are run entirely on the honor system. What could possibly go wrong?

And from the New York Times some “bad news/it could be worse news” if we had the risky National Popular Vote Agreement: Disruption From Storm May Be Felt at the Polls <read>

Some New Jersey voters may find their hurricane-damaged polling sites replaced by military trucks, with — in the words of the state’s lieutenant governor, Kim Guadagno — “a well-situated national guardsman and a big sign saying, ‘Vote Here.’ ” Half of the polling sites in Nassau County on Long Island still lacked power on Friday. And New York City was planning to build temporary polling sites in tents in some of its worst-hit neighborhoods.

Mayor Bill Finch of Bridgeport, Conn., with Secretary of the State Denise Merrill at the Longfellow School, a closed polling place.

The aftermath of Hurricane Sandy is threatening to create Election Day chaos in some storm-racked sections of New York, New Jersey and Connecticut — and some effects may also be felt in other states, including Pennsylvania, where some polling sites still lacked power on Friday morning.

Disrupted postal delivery will probably slow the return of absentee ballots. And with some polling sites likely to be moved, elections officials were bracing for a big influx of provisional paper ballots — which could delay the vote count in places.

Weary local elections officials vowed that the vote would go on. “Come hell or high water — we had both — we’re voting on Tuesday,” William T. Biamonte, the Democratic commissioner at the Nassau County Board of Elections, said in an interview…

With turnout projected to be down in all these states, Mr. Obama could see his share of the national popular vote reduced.

Caltech/MIT: What has changed, what hasn’t, & what needs improvement

The Caltech/MIT Voting Technology Project has released a thorough, comprehensive, and insightful new report timed to the 2012 election. We find little to quibble with in the report. We agree with all of its recommendations.Several items with which we fully endorse were covered in this report which sometimes are missing from the discussion or often underemphasised.

The report itself is 52 pages, followed by 32 pages of opinions of others, including election officials, advocates, and vendors, some of whom disagree with some aspects of the report. Every page is worth reading. The report is not technical. It covers a wide range of issues, background, and recommendations.

The Caltech/MIT Voting Technology Project has released a thorough, comprehensive, and insightful new report timed to the 2012 election: VOTING: What has changed, what hasn’t, & what needs improvement <read>

The report itself is 52 pages, followed by 32 pages of opinions of others, including election officials, advocates, and vendors, some of whom disagree with some aspects of the report. Every page is worth reading. The report is not technical. It covers a wide range of issues, background, and recommendations.

We find little to quibble with in the report. We agree with all of its recommendations although we might place different emphasis in particular areas:

As we have studied the areas where progress has been made since 2001, and where progress has stalled, we have developed the following recommendations. All have been discussed earlier in our report, and we summarize them here. They are not in priority order. First, regarding voting technology, we recommend:

  • Legislation mandating effective election auditing, which at a minimum would require post-election auditing of all voting technologies used in an election.
  • Continued strong support for voting systems security research, emphasizing auditing and the verifiability of election outcomes.
  • A movement toward mandating statistically meaningful post-election audits, rather than setting security standards for election equipment, as the primary way to safeguard the integrity of the vote.
  • A new business model led by states and localities, with harmonized standards and requirements.

Second, regarding voter registration, we recommend: » Streamlining the provisional balloting process in many states and the creation of common best practices and voluntary standards across states.

  • The development of voter verification systems in which states bear the cost of stringent voter ID regimes, in those states that desire to increase ID requirements for in-person voting.
  • Continued standardization of voter registration databases, so that they can be polled across states.

Third, with respect to polling places and pollworkers, we recommend:

  • Continued improvement of pollworker training and more reliance on network technologies to facilitate pollworker training.
  • Development of applications deployed on mobile devices that bring more information to pollworkers, and transmit real-time data about Election Day workloads back to the central voting office and the public at large.
  • Increased functionality of electronic pollbooks and their wider adoption.
  • Development of applications that gauge how long voters are waiting in line to vote, so that wait times can be better managed and reported to the public.

Fourth, regarding absentee and early voting our first two recommendations repeat those we issued a decade ago; the third is new:

  • Discourage the continued rise of no-excuse absentee balloting and resist pressures to expand all-mail elections. Similarly, discourage the use of Internet voting until the time when auditability can be ensured and the substantial risks entailed by voting over the Internet can be sufficiently mitigated.
  • Require that states publish election returns in such a way that allows the calculation of the residual vote rate by voting mode.
  • Continue research into new methods to get usable ballots to military and overseas civilian voters securely, accurately, and rapidly and to ensure their secure return in time to be counted.

And, finally, regarding the infrastructure and science of elections: » Continued development of the science of elections.

  • Continued, and expanded, support for the research functions of the Election Assistance Commission.
  • Development of an Electoral Extension Service, headquartered in each state’s land-grant colleges, to disseminate new ideas about managing elections in the United States.

Several items with which we fully endorse were covered in this report which sometimes are missing from the discussion or often underemphasised:

The Risks of Mail-in and No-Excuse Absentee Voting

The report thoroughly covers the disenfranchisement risks of mail voting which are about double polling place voting. Such voting does not increase turnout significantly, except in local elections. We would have liked to seen more coverage of the organized fraud, vote buying, and coercion frequently occurring via such voting. These are  not just theoretical risks. New to us was the surveys showing that the public at some level recognizes the risks and show less confidence in elections with expanded absentee or mail-in voting.

The Emphasis on Election Auditing over Machine Testing and Certification

It is theoretically impossible to develop or test a completely safe voting technology. Extreme testing and slow certification requirements stifle innovation, add costs, delay improvements and are ultimately ineffective. High confidence, efficient statistical audits, paper ballots, combined with a strong chain-of-custody are a necessary solution that eclipse the elusive pursuit of technical perfection.

The Need and Value of Quality Voter Registration Combined with Online Voter Check-in

The report points to the fallacy of votER fraud. Yet there are efficiencies and enhanced enfranchisement available from better, more accurage voter registration databases. There are solutions with online check-in that also provide voter-id without the disenfranchising aspects of the currently proposed voter-id laws.

The Challenges of the Election Technology Industry

My years of experience in the software industry always lead me to the conclusion that the election technology industry is a losing business proposition. While I am not enamored with any of the current voting technology vendors, there is little incentive for them or new players to enter the field. The closest analogy is the defense industry. That industry is not fragmented, has essentially one customer, which designs products and pays for research and development. The voting technology industry is fragmented and has a fragmented customer base, with varying demands, coupled with a very difficult sales environment.

Recognition of One of the Risks of the National Popular Vote Agreement

  • The proposed National Popular Vote (NPV) may have negative security implications, since the opportunity to perform proper post-election audits appears to be considerably diminished.

CTVotersCount readers know that we would go farther and cover the risks of a national popular vote in our current state-by-state fragmented system, not designed to provide an accurate national popular total. Alleged popular totals cannot be audited, cannot be recounted, and electors must be chosen before an official count is available. The National Popular Vote agreement does nothing to address the existing risk issues with the Electoral College and, in fact, adds to the risks.

Big Bird and Charlie Rose know what the CT Legislature does not!

See Charlie Rose interview Dr. Barbara Simons, co-auther of Broken Ballots. <view>

Big Bird and Charlie Rose now know that Internet voting, email voting, Virgina elections, and inadequately audited elections – do not merit our trust.

See Charlie Rose interview Dr. Barbara Simons, co-auther of Broken Ballots.  <view>

Big Bird and Charlie Rose now know that Internet voting, email voting, Virgina elections, and inadequately audited elections – do not merit our trust.

Unfortunately the Connecticut Legislature completely trusts the internet with our votes.

In 2011 the Legislature was about to pass online voting despite the science, ignoring our testimony. Fortunately, they stopped, but only after the Secretary of the State, Denise Merrill convinced them to only require a report on online voting, resulting in a symposium with nationally know computer scientists and a former sports reporter and team mascot Secretary of State from West Virginia.

In 2012, we could have told them that email voting over the internet was even more dangerous, but there were not public hearings – they stuffed email voting into a campaign finance reform bill. Passed by both Houses, we warned the Governor about email voting and the unconstitutional provisions of the bill, claiming voters could waive our right to a secret vote. The Governor vetoed the bill, partially because of email voting.

Perhaps our Legislature will understand this clip from Charlie Rose,