Outlining a possible rigirous evaluation of Internet voting. And the ATM Fallacy, once again.

On August 5th and 6th, the third FVAP UOCAVA workshop on was held in San Francisco, a couple of days prior to the EVT/WOTE workshop in that I attended.  I talked to many of the participants in both conferences. They all reported that the workshop ended with a general agreement on a plan to move forward with a substantial project to evaluate the potential and security issues with Internet voting.

We are fortunate that one attendee, Jeremy Epstein has written a post outlining the proposal on the Freedom To Tinker blog: A review of the FVAP UOCAVA workshop <read>

We have nothing much to add to the Freedom To Tinker post, it is well worth the read. There are details to be worked out. At the minimum the outline suggests the types of rigorous open review and testing that should be required of such a critical system, especially one where this is wide disagreement between officials, advocates, and members of the technical community. We especially agree that states are moving much too fast with a lack of rigor:

In the meantime, there’s little doubt that some states will continue to move forward on the existing insecure solutions. We believe, and expect that most other computer scientists will agree, that this is a case to let science take its course before moving into implementation. We hope that FVAP will speak out publicly against such ill-advised experiments.

As a bonus we also recommend  the same author’s recent post on the ATM fallacy : Yet again, why banking online .NE. voting online <read>

One of the most common questions I get is “if I can bank online, why can’t I vote online”.

He examines a recent report on banking security, providing its implications for online voting, concluding:

Unsaid, but of course implied by the financial industry list is that the goal is to reduce fraud to a manageable level. I’ve heard that 1% to 2% of the online banking transactions are fraudulent, and at that level it’s clearly not putting banks out of business (judging by profit numbers). However, whether we can accept as high a level of fraud in voting as in banking is another question.

None of this is to criticize the financial industry’s efforts to improve security! Rather, it’s to point out that try as we might, just because we can bank online doesn’t mean we should vote online.

For other answers, read our classic posts on the same subject:
FAQ: We all trust ATM’s. Why don’t you trust voting machines?
E-Voting Is Very Different From E-Banking
Or as it is known around here, Myth #8


Leave a Reply

You must be logged in to post a comment.