Tuesday, January 25, 2011

Are we ready for online voting?

Are we ready for online voting? It's an idea that's on the table for debate in British Columbia, where BC Liberal leadership candidate Christy Clark put it forward recently as something we should consider and discuss, with several of the other candidates quickly agreeing its an idea worth exploring:

Online voting sounds like a nice idea in theory. You'd obviously still have physical polls, but online voting would make it a lot easier for people to vote, would encourage young people that live online to vote, and could well increase voter turnout.

Nice in theory, but I have some serious concerns I'd need satisfied before I'd ever consider supporting online voting.

We actually had a debate on this at the last federal Liberal biennial in Vancouver during the constitutional plenary, when the delegates considered an amendment that would have opened the door to online voting for nomination races.

I went into the debate supporting the amendment from the perspective of someone who grew up in a massive rural riding, where we either had to run multiple polls or ask people to drive for hours to cast a vote. But during the debate the nays had me reconsidering.

Online voting is so anonymous. How do we do who is sitting at that computer, and that they actually are who they say they are? Someone could have gathered-up a bunch of PINs and be voting them. Maybe someone moved, the new residents got their PIN in the mail and is casting their ballots.

How do you guard against persuasion and intimidation? In a physical polling place, unless they need assistance a voter must go to the voting screen alone, and can cast a secret ballot. What's to stop an abusive spouse or partner from standing over the computer and making sure they "vote correctly?"

And then there's the IT security issue. How long before someone hacks the system, destroys or compromises records, and puts the integrity of the result into question? As a journalist my day job is covering the technology sector, and I'm not confident of its ability to keep a system safe and secure.

The beauty of our current system is its simplicity. We go to the voting place, show our id, and get a ballot. We mark an X for one person, and put it in a box. The staff count up all the ballots, the results are tabulated, and a winner declared. If there's a discrepancy or a challenge, we go back to the physical ballots and re-count them. There's virtue in that simplicity. Technology doesn't make everything better.

And not for nothing, but how easy do we really need to make it to vote? Is taking 30 minutes out of your life every couple of years to go to an elementary school gymnasium and mark an X really that much of a sacrifice to make for our democracy? Shouldn't voting require some level of commitment, of engagement, of effort?

As I said, I like the theory of online voting. I'm glad we're having the debate, and that the BC Liberal race is seeing a lot of interesting ideas put on the table. But they've got a long ways to go to convince me online voting could be viable, practicable, and desirable.

Recommend this Post on Progressive Bloggers


Dan F said...

This is a really really bad idea. I love technology and the internet as much as any geek, and I cannot emphasize enough just what a monumentally stupid idea this is.

The whole point of the secret ballot is so that your boss at work (or a mob boss, or a union boss) can't watch over your shoulder as you vote, and make sure you're voting the right way.

In the extreme, elections as we know them would cease, and they would simply become a contest to see which party could collect the most voter passwords to log in and cast ballots on their behalf. All those non-voters (who don't really care)? Suddenly we would find their votes being cast, and if anyone investigated a bit more closely, we might find that many of those votes were cast from the same IP address. (of course, any investigation into such activities would be shut down by the first government elected under such a system).

This is the biggest threat to our democracy ever.

JimBobby said...

You and Dan both bring up some serious objections. Some may be surmountable. If I have a boss telling me to vote a certain way, I can tell him it's too late, I already voted. IP numbers? Even mickey mouse online polls have some controls that disallow too many votes from the same IP. If my household has 2 members, only 2 votes from my IP are allowed.

Collection of PINs? That seems like proxy voting to me. Should proxy voting be allowed? Arguable.

Hacking? Already an issue wrt Diebold voting machines in the US. A serious concern, IMO.

Lack of secrecy/anonymity is also a serious issue. If the online system knows THAT you voted, it also knows HOW you voted.

It wasn't too many years ago that nearly everyone I know vowed they'd never, ever use their credit card to buy anything on the internet. Now, I don't know too many people who have never made an online purchase.

Here in my little burg, the polling place is usually the Legion Hall. In their quest for cheap land and ample parking, the local Legion built their hall at the outskirts of town. The nearest residence is a 10 minute walk but for most people, it's at least a 40 minute walk. There's zero public transit here. Many in the EDA live in the surrounding rural area. City dwellers may not fully realize the challenges that present themselves to rural and small town voters. If my 85 YO mother didn't have me to drive her to the polling place, she wouldn't vote. It's not always the case that people who fail to vote don't really care.

I see some serious problems with the methodology. I cannot go so far as to see online voting as "the biggest threat to our democracy ever," though. Prorogation, the overriding of the HoC by an unelected Senate, >40% non-voters, G20 style police state tactics, corporate sponsorship of candidates & parties, security certificates and rendition are all big threats, too, and most of them already exist.

The Pundits' Guide said...

I agree with your take as well, Jeff. I attended a day-long seminar organized by Carleton University with folks who were very familiar with the systems in place in Europe, and came away more concerned about it than when I went in.

You haven't touched on the scrutineering issue, either. You can either have scrutineering, or voter privacy, but probably not both, a point made very ably by the publisher of the BC2013.com blog, Sacha Peter. Recounts would be either a nightmare or wind up in endless litigation.

I'm inclined to support the federal government's proposal to increase advanced voting days, and I would also support some pilots of electronic voting for overseas voters, using the existing secure networks of our embassies and military.

One day, a creative thinker will find some solutions to the bigger problem, but we're not there yet.

There is a blog being maintained by Richard Akerman with resources about the perils of online voting:


Now, if you've written about this topic at all, you'll soon be inundated with emails from various anti-internet voting activists in the States, who come from (shall we say) a variety of points of view. There are a lot of conspiracy theories about it, but as with all conspiracy theories, the kernel of truth to them is what keeps them going.

If your readers are interested, here are some posts of mine on the topic that contain further resources for study. In the second one I asked for feedback from readers, and across the political spectrum it was pretty leary.




Thanks for raising this important issue, Jeff.

lance said...

I run systems for a living, my job is compromising security, safety and ease of use so that others can do their job.

This will not work well.

This is a very dangerous idea.

This will not bring get more people to vote.

- The confidentiality of the vote is paramount. This proposal eliminates any trust of confidentiality by virtue of requiring a valid login. Even something like the IP address mentioned above is traceable. A ballot can't every be linked back to the person unless they're in a poll of 1 person.

- Poll data is very important to all sorts of people using the stats. Voting on-line effectively nullifies the absolute data by poll.

- The only secure system is unplugged in a vault, underground, with no map and a lost key. According to the FBI, 38% of personal computers are infected with viruses every year. Want you vote key-logged? Didn't think so.

- Business networks experience break-in attempts every day. Most are script-kiddie stuff. However there are massive incentives to organized crime and foreign powers to game the system using previously discovered and unused cracks which administrators may not be prepared for.

- As Jeff mentioned, voting is _not_ a hassle. Anyone who uses that as an excuse won't vote anyway. Anyone advocating this is a fringe supporter (Hi JimBobby) who mistakenly thinks that 60% of voting public isn't an accurate sample size.

In short, anyone advocating this is an attention seeker who obviously doesn't understand the first thing about the internet, security, or How Things Work (tm).


lance said...

As an aside to address JimBobby's point about IP addresses.

You can not adequately ensure security by relying on information from the client, ever.

The IP address example you used is inadequate for at least four reasons.

1. It may rely on cookies on the browser which are easily deleted.

2, It may rely on a directly connected computer. If so then it is trivial to change the IP address.

3. A household or business may rely on a single DHCP assigned address shared by multiple users.

4. That DHCP assigned address is simple to game by just changing the MAC address of the interface connecting to the Cable/xDSL modem.