How Come You Can Buy Groceries from Your Fridge, but You Can’t Vote on Your Computer?
Technology sure has come a long way. The rise of computers and the internet has meant that we can conduct so much of our lives online. With Wi-Fi or mobile data, you can work on your laptop by the beach, do the weekly shopping on your phone and even find the life partner of your dreams through an app. One task that is notably absent is voting.
It seems like online voting would be a great idea. You could participate in democracy from the comfort of your couch, rather than having to march all the way down to the polling booth. Many believe that it would increase voter turnout as well, resulting in a more engaged democracy.
Some countries have dipped their toes in the waters of online voting and Estonia has cannonballed in, but why don’t we do it in the US? While it may seem like a relatively straightforward process, online voting presents a range of technological and security challenges that the US isn’t quite ready to deal with.
When you consider how important elections are, as well as how willing other nations are to influence elections, it is best to tread cautiously with online voting. After last years attacks on our election, it has become evident just how vulnerable the voting process is. While online voting may certainly be viable in the future, there are several obstacles that we need to traverse beforehand.
Online Voting Precedents
Online voting isn’t a new thing, and we have even tried it in the US before, but only in certain circumstances. In the early 2000s, the military had a program that allowed personnel who were stationed overseas to vote online. It was ended within four years after a report found numerous vulnerabilities.
In 2010, another notable attempt was trialed in Washington DC for various kinds of absentee voters. Within two days, the system had been hacked and the votes changed by security researchers. Again, the system was scrapped, because it obviously lacked the integrity that is required for online voting. There have been several other US-based attempts that also ran into problems.
There has also been international interest from a variety of countries, such as Australia, Canada, France and Switzerland. Most of these attempts at online voting have been limited in scope and only delivered lukewarm results.
The current world leader in online voting is the tiny European nation of Estonia. Online voting has been possible in Estonia since the 2005 municipal elections. In the 2015 elections, more than 30% of voters cast their ballot online.
Estonia’s online voting is made possible by a chip-and-pin identification system that is part of everyone’s national ID. While the country seems to have had some success with online voting, security researchers have identified several problems.
A 2014 University of Michigan report found that the system architecture was open to attacks form other nations. If this were to take place, it could completely destabilize the democratic process. The researchers also found holes in operational and procedural security.
In addition to security issues such as these, many question whether the approach could be scaled up to the massive population of the US, especially considering that the country lacks such a sophisticated ID system.
What Are the Current Challenges Facing Online Voting?
Keeping the Vote Secure
One of the most prominent issues with online voting is security. If you haven’t noticed, IT systems are hardly bulletproof and massive attacks make the news almost every week.
It is impossible to build an impenetrable system, so companies try to find a balance between the risks that they face and the costs of their defenses. Businesses accept the risk of attacks and their potential impacts and write them into their operating costs. Many even take on cyber insurance to help them recover if they are attacked.
Just as we can’t make business infrastructure completely secure, we can’t make an impenetrable online voting system either. It’s simply impossible. If a group or a nation state is motivated and they have enough resources, they can always find a way to breach your systems.
We can accept that businesses may lose a percentage of their revenue due to online attacks, but to say that there is a chance of the vote being altered goes against the core concepts of democracy. Could we accept the outcome of an election where the victor wins by a 1% margin if perhaps 5% of the vote may have been altered? These kind of situations make it very hard to trust online voting.
Not only would the voting infrastructure itself have to be secure, but so would the devices that people cast their votes with. This is worrying, because security is an afterthought for much of the population.
Almost 60% of the devices running Android are using outdated versions, while the WannaCry attacks have showed that a significant percentage of Windows computers are also unpatched. According to Microsoft, around 30% of computers already have malware, which means that many devices cannot be trusted with something as important as voting.
If a system could be secured to any acceptable level, the implementation costs would be astronomical. It is also likely that the system would be difficult for the voter to use, potentially alienating some demographics.
Authenticating the Vote
Another major challenge for online voting involves authenticating individuals. Estonia does this through chips that are embedded into everyone’s ID card. If they want to vote online, they can plug a card reader into their computers, which verifies their identity. Because the US lacks such an ID system, the government would need to develop a similar kind of infrastructure before they could authenticate the voting process.
Being able to trust the vote is an integral part of democracy. It’s easy to trust paper ballots, because they are tangible and people can physically count them. Once you bring in complex voting software, it prevents the majority of the population from being able to understand the process.
To have trust in a complex system, there needs to be independent bodies who can verify the voting software and the count to ensure that the systems functions fairly. The people also need to have trust in these institutions, so it is best if these processes are transparent.
Auditing the vote tally is particularly problematic. With paper ballots, you can easily recount them to check the result. With current online voting technology, you cannot do this and keep the vote anonymous at the same time.
To be able to recount online ballots, you would have to tie a vote to an individual’s identity. Many believe that being able to vote anonymously is an important aspect of a free democracy, enabling people to choose freely without fear of repercussions. In Estonia, they have argued that anonymous voting is a crucial right, but if voters choose to use less secretive but more convenient means, they should be able to.
Will Online Voting Ever Be Secure Enough?
At the moment, online voting would be a terrible idea for the US. The technology simply isn’t ready, and it could expose the country to even greater interference. Strangely enough, paper ballots are still the best way to go if we want a free and open democracy.
There is ongoing research into various online voting systems, and advanced cryptography could potentially allow proper audits without voter identity being exposed. Unfortunately, it is still not practical at this stage, so it looks like we’ll be stuck lining-up at the polling booth for at least the next few years.
- Can You Save Money by Spending on Security?
- 3 Things You Can Do Now to Protect Against the Latest Hacker Attacks
- Seal the Deal — Certification Seals on your Web Site Instill Confidence
- Does Your Website Have Grown Up Security?
- Why Should You Bother with Information Security? Isn’t Everything Hackable Anyway?