Gov Malloy signs bill similar to one he said was risky and unconstitutional last year

Last year in 2012, after several weeks of consideration, Governor Malloy vetoed H.B. 5556 (see Pages 51-55) writing in his veto message:

Upon close examination, however, I find that some portions of this bill likely violate the United States Constitution…I cannot support the bill before me given its many legal and practical problems…
HB 5556 also contains a provision allowing deployed service members to return an absentee ballot by email or fax if the service member waives his or her constitutional right to a secret ballot. I agree with Secretary of the State Denise Merrill that this provision raises a number of serious concerns. First, as a matter of policy, I do not support any mechanism of voting that would require an individual to waive his or her constitutional rights in order to cast a timely, secret ballot, even if such waiver is voluntary. Second, as the Secretary of the State has pointed out, allowing an individual to email or fax an absentee ballot has not been proven to be secure. In 2011, the United States Department of Commerce, National Institute of Standards and Technology, issued a report on remote electronic voting. The report concluded that remote electronic voting is fraught with problems associated with software bugs and potential attacks through malicious software, difficulties with voter authentication, and lack of protocol for ballot accountability. None of these issues are addressed in this bill. To be clear, I am not opposed to the use of technology to make the voting process easier and more accessible to our citizens. However, I believe that these legitimate problems have to be carefully studied and considered before enacting such a provision.

Last year the fax and email voting provisions were a glaring ‘rat’ stuffed into an unrelated emergency bill. Some said the Governor was against the underlying bill, but wanted more cover for the veto. We hoped, that even if that were the case, the accurate analysis of that ‘rat’ would still prevail this year. Apparently not.

There is a distinction without a difference in this year’s bill, S.B. 647, with regard to the elements of the veto message. Last year’s bill specified email or fax return of ballots. This year’s bill requires the Secretary of the State and the CT Military Department to determine a safe method of Internet voting. But all known methods have the same security risks and they all violate the Connecticut and U.S. Constitutions.

We could argue that this year’s bill is worse in at least three regards, requiring two impossible feats by the Secretary of the State, although she will have the help of the CT Military Department the three feats. One which the U.S. Defense Department has found impossible:

  • Develop a secure electronic voting system which does not violate the Constitutions.
  • Have that system transmit results immediately to the appropriate town hall.
  • Develop , implement, and operate such a system at no cost to the state and towns.

Summary Of The Problems With The Bill

  • This bill is a threat to the security, accuracy, and secrecy of the votes of our military members and their dependents, and thus to the certified outcomes of our elections.
  • It is unconstitutional since it violates the Connecticut Constitution, which states: “The right of secret voting shall be preserved.”
  • It requires the Secretary of the State and the Connecticut Military Department to develop a system for secure and private online voting by October 1st. A task that security experts, computer scientists, and experts at Homeland Security, and NIST (The National Institutes of Standards and Technology) believe is technically impossible.
  • It is further complicated by provisions for voting by deployed military dependents. It also is not restricted to deployed military, not even restricted to military actually on duty.
  • It sets a requirement for guaranteed receipt immediately in each voter’s municipality. This cannot be accomplished by either fax or email return.
  • While online voting through a web page might be developed to meet the guaranteed return requirement, it is also insecure, risks the secret vote, and would be very expensive.
  • All known methods of Internet voting would likely violate Connecticut’s Voter Verified Paper Records law established in 2005.

The Requirements of the Bill*
[Our comments in brackets]

  • On or before October 1, 2013, the Secretary of the State, in consultation with the Military Department, shall select a method for use in any election or primary held after September 1, 2014 [After the August 2014 Primary]
  • may be used by any elector or applicant for admission as an elector who is a  member of the armed forces and expects to be living or traveling outside the several states of the United States and the District of Columbia before and on election day, [Any travel or living change would apply, duty related or not. A National Guard member not deployed but on vacation or a business trip could presumably vote under this act]
  • or such member’s spouse or dependent if living where such member is stationed, [It includes spouses and dependents but not those on vacation, at college, or on business trips]
  • gives due consideration to the interests of maintaining the security of such ballot and the privacy of information contained on such ballot, [due consideration’ should include assuring the Constitutional requirement of a secret vote be strictly maintained. It should include evaluation by computer security experts, and effective security testing]
  • and…ensures receipt, prior to the closing of the polls on the day of the election or primary, of such ballot by the municipality in which the member or member’s spouse or dependent is enrolled or has applied for admission as an elector, if such method is properly utilized by such  member or such member’s spouse or dependent prior to the closing of  the polls on the day of the election or primary. [Thus, it must be guaranteed to be received by some official, inbox, or machine in the appropriate municipality by 8:00pm EST, if voted by 8:00pm EST (i.e. this is immediately). And 8:00pm EST could be almost any hour of the 24 hours in a day, depending on the deployment, business, or vacation location(*)]
  • Not later than January 1, 2014, the Secretary of the State shall submit a report, in accordance  with section 11-4a of the general statutes, to the joint standing committees of the General Assembly having cognizance of matters relating to elections and veterans’ and military affairs describing such  method and any legislative changes necessary for its implementation. [But necessary legislation enacted or not, implementation is required by this bill]

* After the bill was passed by the CT House and Senate we sent a letter to Governor Malloy asking for a veto, reminding him of his veto last year.  We made one mistake in that letter – using an older version of the bill, we misinterpreted the time requirement, stating that the bill did not require ‘immediate’ transmittal, but transmittal in four hours, by the close of election day, not the close of the polls. The actual bill creates a tougher, much more difficult barrier to implementation. This post updates portions of the details in that letter to conform to our corrected interpretation.

Analysis of the three known options: Email, Fax, and Online Voting

  1. Email is (1) of course, not secure with the NSA listening in, interceptable by bad external actors, and directly accessible by insiders such as email vendors, insiders at data centers all along the way from personal computers or military computers, state computers, local town computers, and every stop along the way. (2) Email cannot meet the mandated fimmediate delivery requirement – often emails take much longer to traverse the Internet, presumably especially from remote locations the military must protect (3) Email frequently is not delivered at all. Several times a year we become aware of emails sent to us that never arrive. (4) Email schemes we are aware of, in other states, all require that an individual in an elections office or town hall receive and print the “ballot” for counting – a clear violation of the secret vote. (5) Email would have to cover personal computers for spouses and dependents, not military computers. And the military member might be on vacation or business in an area where no military computer access is available.
  2. Fax, (1) like email is subject to interception in transmission (2) and like mail is subject to individuals in town hall or state government viewing the fax as it is received. (3) Subject to viewing and potential viewing by multiple members of the military as it is passed up the chain-of-command and to the Voting Assistance Officer, as articulated by Representative Alexander. (4) We cannot expect the chain-of-command to pass votes and wake Voting Assistance Officers to pass votes along at all hours and within four hours, nor to provide services to dependents – Note the deployed military chain-of-command also has a war to fight and enemies that might not avoid attacking during that critical four-hour period.
  3. Online Voting – By online voting we mean some interactive means of voting on a web page or sending a .pdf ballot under the control of a webpage, not via email. (1) Online voting can be more secure that email or fax voting, yet is still not secure as confirmed by NIST and Homeland Security. And no online voting system has proven secure by sufficient evaluation and testing – in fact, the only system subject to some public testing quickly failed spectacularly and another was broken by an average citizen, while vendors refuse to open their systems to scrutiny.  (2) Online voting may be difficult to administer and use, when the system is too hard to use vendors often blame the voters. (3) Online voting is expensive! Will the state and local officials making home-grown solutions, do better than highly funded vendors or turn to the vendors expensive, ineffective solutions? Such a system would have cost just Edmonton, Alberta $400,000. (4) Online systems entail emailing or paper mailing IDs to the voters – email can be compromised, and avoiding especially slow and unreliable outgoing mail to deployed military is a major motivation for this bill. (5) Once again, online voting cannot be restricted to military computers and serve dependents or serve soldiers away from home, not on Military business.

Another Miracle for the Secretary, Military Department, and Local Officials

The Legislature requires that the report, voting implemented, and run at no cost! It was passed with a note from the Office of Fiscal Analysis stating: “NO FISCAL IMPACT”. Note: A similar, yet less challenging task for the Secretary of the State to evaluate in another proposed bill this year, was estimated at $150,000. (See the Fiscal Note for S.B. 777).

Additional Documentation

Bruce McConnell Expert from the Department of Homeland Security
 Online Voting ‘Premature,’ Warns Government Cybersecurity Expert

Warnings about the dangers of Internet voting have been growing as the 2012 election nears, and an especially noteworthy one came Thursday from a top cybersecurity official at the U.S. Department of Homeland Security.

Bruce McConnell told a group of election officials, academics and advocacy groups meeting in Santa Fe, N.M., that he believes “it’s premature to deploy Internet voting in real elections at this time.”

McConnell said voting systems are vulnerable and, “when you connect them to the Internet, that vulnerability increases.” He called security around Internet voting “immature and underresourced.”

McConnell’s comments echo those of a number of computer scientists who say there’s no way to protect votes cast over the Internet from outside manipulation.

NIST: Internet Voting Not Yet Feasible

Internet voting is not yet feasible, researchers from the National Institute of Standards and Technology have concluded. ”Malware on voters’ personal computers poses a serious threat that could compromise the secrecy or integrity of voters’ ballots,” said Belinda Collins, senior advisor for voting standards within NIST’s information technology laboratory, in an May 18 statement. ”And, the United States currently lacks an infrastructure for secure electronic voter authentication,” she added. Collins released the statement in response to an inquiry from Common Cause, a Washington, D.C. nonprofit active in campaign finance and election reform.

“This statement should serve as a blunt warning that we just aren’t ready yet and proves that we can’t trust the empty promises of ‘secure Internet voting’ from the for-profit vendors,” said Susannah Goodman, head of Common Cause’s Voting Integrity Project. ”We urge election officials and state and federal lawmakers to heed NIST’s warning and step back, support further research and STOP online voting programs until they can be made secure,” Goodman added…

Secretary of the State’s Symposium on Online Voting

An exceptional panel of experts on voting technology and the challenges of overseas voting. Credit is due to the panelists, the Secretary, and those who contributed behind the scenes in making this event possible. John Dankowski, of Connecticut Public Broadcasting did an exemplary job of moderating a very civil, thorough debate. Video:

Secretary of the State Denise Merrill’s testimony on S.B. 283, 2/22/2013:

Now, Senate Bill 283 concerning — AN ACT CONCERNING ON-LINE VOTING FOR MILITARY PERSONNEL SERVING OUT OF STATE. Again, I think everyone in this room supports the ability of our brave men and women in uniform, especially those serving overseas in places like Afghanistan, to vote and have their ballot counted.

I still have two, major concerns with this bill that prevent me from supporting it at this time. I mean, first, it talks about on-line voting. There — you should be aware, there’s a lot of different versions of what that actually means. So I’m presuming here it would mean developing an on-line application where the Soldier, Sailor, Airman or Airwoman or Marine can, again, have a secure log-in and — and actually select their ballot choices on the computer through a web-based application, which is different than some other proposals that have been made with electronic transmission.

This system, again, would be very costly, very expensive; and I’m talking millions of dollars to develop. My main objection to this, besides the cost which is significant — and, again, I’d like to make sure we have a problem before we spend that kind of money — but my main objection is that we simply — I don’t think we have the technology to guarantee the security, integrity of that ballot and prevent tampering or hacking these votes that are submitted on-line. It’s the same objection we have to any ballot submitted on-line at this time.

We had a — we convened a public forum on this topic with foremost experts in this field, last year at CCSU. The forum was televised; we have it on our web site; you can see what was said by these people. We asked one of the top computer science experts in the country what it would take to make on-line voting secure, and he said, Let me put it this way, saying you can have secure on-line voting is like saying you can have safe smoking.

Many people say, well, we can do bank on — banking on-line; why can’t we vote on-line? Again, I posed that exact question to the experts at that forum, and the answer was that the banking industry builds into their revenue forecast a two-to-three percent loss of funds every year due to fraud and hacking through on-line banking. I don’t think we can afford to have that kind of leeway, shall we say, in our election system. I don’t think we can adopt that kind of a model. And I, certainly, would never be able to accept the loss of a number of votes due to fraudulent hacking, just in the name of convenience. So I just don’t think we’re ready to go there.

Who knows; in the future, this may change. But I would just need to be assured before we came up with any system like that for any voter, that no one could tamper with the ballots. And I think right now, as you all know, if you have an e-mail system, yourself, I’m sure every one of us have had our e-mails hacked in some way or another or gotten or not received mail because it went into the wrong folder or whatever. It would be very difficult to design that kind of a system, so I’d be able to — I’d be — want to be able to look every Connecticut military person and their family in the eye and tell them that the vote is secure. And I don’t feel I can do that at this time.

From Representative Alexander’s Statement in Veterans Affairs Committee Hearing 2/19/2013:

REP. ALEXANDER: Thank you, Mr. Chair. I’ll be real quick. I appreciate the Clerk’s position in trying to make it easier to have servicemen and women vote any where deployed or — or in a unit wherever, and have a Voting Assistance Officer. I really took that to heart myself. But did you ever think of possible fraud when it comes to allowing military men and women to fax in their ballot, where, you know, as someone who — who was an Adjutant and ran an S1 in a battalion, the — the way usually squadrons and battalions work, you know, you’d have a Lance Corporal, a 19 or 20-year-old, fine, outstanding young man or woman who wanted to vote fill out the ballot, and then bring that piece of paper to the S1 office to be faxed. He or she doesn’t fax it themselves. Another clerk does.

ANTOINETTE SPINELLI: Oh, is that right?

REP. ALEXANDER: That — that would probably be the very common way this is implemented in most units, at the unit level, where you have a 19-year-old individual, a 20-year-old person, a Lance Corporal wants to vote — good on him for wanting to do that — brings that to their Platoon Sergeant up the chain. That Platoon Sergeant maybe, or a Squad Leader, facilitates the Lance Corporal to go to the S1 office. He submits that, and that will get faxed with a whole stack of other faxes that are going to go out in the office. And as someone that was an Adjutant, I was running an office like this day in and day out. And as an Adjutant, I would worry, as being sort of the person who is managing this type of office, that I would have a fellow maybe Lance Corporal faxing this information, where you might have someone that, being 19 or 20 years old, didn’t realize that, oh, changing it from, you know, Senator McCain, to President Obama is not a serious felony offense, which it is, and because of that chain of custody in — in reality, and — and the way maybe the military works in — in professional office spaces, I would just worry that during this handover to the fax, that you’re opening the door for potential fraud.

But the individual’s not, themselves, faxing it. Most likely, and most of the times in squadrons, you’re going to have a third party doing it, usually a 20, 21, 22-year-old Corporal or Lance Corporal doing that. And as an Adjutant running an S1, I’d be very concerned about this, and — and monitoring this very carefully, but — but that is something that would really concern me, and — and trouble me. Have the clerks thought of it from — from that angle at all? Where you could have potential voter fraud coming out of this?



Leave a Reply

You must be logged in to post a comment.