Sunday, October 18, 2009

Fairness and Security?: Online Voting in Arizona


During the 2008 General Election, the Arizona Department of State opened the option for voting online (election commissioning is a subset of each state’s state department as opposed to a federal responsibility). Despite the Pentagon’s decision to abandon its online voting system for military personnel, the Arizona Department of State became the first state to offer Internet voting in a general election to overseas and civilian families. This poses the question of whether or not individual states ought to possess the power to allow their constituents to use online voting systems in a national election when a) citizens in other states are not permitted to do so and b) when the federal government has not verified the security of the state’s voting system.

Is it fair for citizens of one state to have access to online voting in a national election while those others do not? On one hand, Arizona’s implementation of an online voting system sets a precedent for other states to make voting more accessible for military personnel. Because military personnel are risking their lives under the orders of the executive branch, should they not be entitled to decide on the leaders responsible for those orders? On the other hand, allowing military personnel and overseas citizens from one state to have access to online voting is not considered by the electoral differences between states. That is, even though the Arizona State Department provided overseas citizens and military personnel with voting access and thereby expanding its voting base, the federal government never increased Arizona’s number of electoral votes.

If large security concerns regarding online voting exist, should an individual state be allowed to use an online voting system in a national election while others are not? After all, security lapses will not simply affect votes in Arizona, but in a close general election fraudulent activity could potentially tip the vote in one direction or another. Moreover, because “national news does not cover a lot about what is happening at the state level regarding voting,” there are only few media watchdogs that can scrutinize any irregularities and fraudulent activities in state-run online voting procedures. However, the Arizona Department of State tried to check security issues in a way that even questions whether or not Arizona’s conception of online voting should actually be considered online voting. According to Kevin Poulsen from WIRED,

“In the Arizona system, voters could request an early ballot through a Secretary of State website, and receive it though snail mail. If there’s no time for the postal service, though, the voter gets a PDF of the ballot in e-mail. This is where it gets a little clunky. You can’t fill out the ballot on your computer — you have to print it out, then use your scanner to scan the completed and signed ballot back onto your PC. Then you upload the scanned ballot to the aforementioned “secured system” (it uses SSL).”

Because Arizona’s online voting system is a hybrid of internet and paper use, it is questionable to actually refer to Arizona’s voting system as true internet voting. Poulsen describes how, “Stender, and director of elections Amy Bjelland, said the system wasn’t true internet voting, because you couldn’t just go to a website and click on some radio boxes to choose the next president.” Regardless of what we call the voting system, the fact that it included an online aspect brings into question whether or not the Arizona Department of State can securely implement its voting procedure. Though voters’ handwriting on the PDF provides the department with a way to identify individual voters, there is no solution for the chance that malacious hackers write “a bot that infects unpatched PCs en masse, watches for interactions with the voting website, then changes the votes in the PDF to whatever the malware writer wants.” Consequently, Arizona’s combination of absentee-style paper ballots and online voting serves as a potential way to decrease hacking in online voting, but not to prevent it from occurring on a categorical level.

Works Cited:
Poulsen, Kevin. "Is Internet Voting Safe? Vote Here." Wired. 04 June 09. Accessed 19 October 2009. http://www.wired.com/threatlevel/2009/06/cfp-evote/

3 comments:

  1. Good points. You raise one really basic question, which is that we are one of the few (maybe only) Western democracies that don’t have uniform national voting policies. It comes from our tradition of states rights, and is a huge impediment to voting reform of any kind.

    Electoral votes have never been tied to voting access, or even the registered voting base, but to the overall population. So I don’t think that’s the key issue.

    In assessing whether it is “true internet voting” the question for me would be whether it shares the same benefits and dangers. For example it is possible to hack the scanned in ballots, but presumably much harder than to hack simple vote counts. Also, it changes the convenience factor. Simple versions of Internet voting are much more convenient than absentee ballots. This one sound like it is more or less as much trouble, except cutting down lag times (but requiring your own printer).

    Lots of interesting things to ponder on.

    ReplyDelete
  2. I really like the way that you give background on the information presented. Although initially unfamiliar with Arizona voting, I am intrigued by the trend towards e-voting.

    Something I wonder about too is how to implement a universal system that would allow for secure internet usage, which at this point may be a paradox. The verification method through handwriting is a good point to bring up. It seems as though there is no efficient means to prevent hacks. But, with the development of more and more sophisticated encryption methods the possibility for "true internet voting" in the future.

    Vote counts have evolved into handwritten ballots, which could evolve into encrypted surveys with fingerprint verification. I believe the optimal system would need to make the process more convenient for both the voter and the vote counter. With encrypted fingerprinted surveys, the user could easily make a selection, but would have to still scan a thumbprint. On the other end, the votes could be tallied much faster and the fingerprints presumably recognized quickly by a computer.

    Even this proposition though is not without its flaws. Hackers could forge fingerprints or come up with a clever scheme. It seems as though no method is safe. But, how controlled is traditional voting itself. Every election, it seems as though some organization tries to cheat the system - ACORN in the 2008 election.

    ReplyDelete
  3. Okaloosa, FLA also tried a semi-Internet voting system for its overseas voters in 08. It went off well. I think AZ and FLA worked with the DoD to run their online voting projects.

    The EAC sets standards for voting systems. Companies apply for certification. Then the companies go to state/county officials to try to sell their system. I think that Everyone Counts was the first Internet voting company to be approved.

    They ran an election in Honolulu in 08; again, no problems.(I have no connection with them, or any company.)

    Art 1, sec 4 gives the states authority for conducting elections, inc federal elections. I think that each state can dedcide for itself if it wants Internet voting. No permission from Congress needed. No states have done this yet.

    Alaska Republicans had a straw poll online in 2000. AZ Dems had a primary vote online the same year. But no real votes in any states so far.

    I don't see an issue of "fairness." If one state wants to try Internet voting, I think the other states would be very interested to see what happens. If it proves to be cheaper and have fewer problems, more states would likely try it.


    Are you familiar with the DoD SERVE project in 2003-2004? Click on the first essay listed on my blogspot blog for the history.

    ReplyDelete