Online Voting Continues to Rear Its Ugly Head

From an editorial in the Cape Breton Post:

Elections Nova Scotia also touts “a dozen ways to vote.” But that’s a little misleading. Nine of those “ways” involve a write-in ballot.

Conspicuously, none include electronic voting. The significance of Doiron’s claim that Elections Nova Scotia’s changes will make it easier for people to vote fizzles when we consider the fact that electronic voting allows people to vote from virtually anywhere.

The Cape Breton Regional Municipality successfully implemented e-voting during the last round of municipal elections in 2012, with 26,949 — or 32.8 per cent — of CBRM electors voting electronically.

And as Postmedia News recently reported, Elections Canada has been touting Internet voting since 2008, although budget cuts put the kibosh on plans to introduce online voting in byelections held this year. But at least Elections Canada acknowledges the potential value of e-voting.

So, what are the chances of an elector voting electronically in a provincial election anytime soon?

“The registration and voting and the security — maintaining the integrity of the election — is still a very tricky game,” Doiron told the Globe and Mail. “And that’s one of the reasons that no provincial or federal authority has online voting yet because it’s just not secure enough for the kind of integrity we have to deliver.”

The CBRM had e-voting success. And at the federal level, barriers to implementing electronic voting seem to be more fiscal in nature than about security.

I’m curious as to how the author of this opinion piece concludes that fiscal issues are more significant than security issues. I presume that they are referring to Elections Canada’s decision to scrap an e-vote test, but despite not running the test the federal agency recognized that security was an issue with online voting.

These security challenges have been highlighted repeatedly: a recent election in Nova Scotia used online voting, and officials cannot guarantee that votes were recorded properly based on significant technical deficits. Similarly, voting events during the NDP Leadership election in 2012 suffered from third-party interference, which ultimately caused people to not vote. Moreover, even if the servers that recorded votes in both situations were secured all of the intermediary systems were not; consequently it is functionally impossible to assert that the malware-ridden computers that people vote on or intermediary network points didn’t alter voting outcomes.[1] This isn’t to say that malware or intermediary interference did affect the outcomes, but that the authoritative conclusions of online votes are much, much weaker than those reliant on paper ballots.

Voting matters. A lot. And folks that insist that we can ignore the security and privacy issues either don’t care enough to learn the detailed problems of online voting, or don’t seem to care that most verifiable online voting mechanisms enable the tracking of how people vote. That kind of tracking is something that a large number of people fought hard to excise from our democratic electoral systems. We invite it back in at our peril.

For more on this point, see “Online Voting and Hostile Deployment Environments”  ↩