Sign In

Communications of the ACM

Letters to the editor

Online Voting Still Security Pipedream


View as: Print Mobile App ACM Digital Library Full Text (PDF) In the Digital Edition Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Letters to the Editor, illustration

Credit: Getty Images

The viewpoint in the September 2019 issue "Online Voting: We Can Do It! (We Have To)," while interesting, was flawed and failed to justify the claims made.

First and foremost, adoption targets are sensible only for mature, reliable technologies that solve clear public problems and where the harms, such as they are, can be mitigated. This is not true for online voting. As Hilarie Orman concedes, we don't know how to build secure online voting systems. And as the critical iOS flaw and state-level attacks recently discovered by Google illustrate, critical security holes can linger unknown for years even on well-tested platforms.

Second, the technical measures proposed do not present a solution to the unique needs of elections. Voting is a two-party semi-anonymous transaction. Voters must be able to vote without revealing how they voted (known as the Australian Ballot) lest they be subject to intimidation or vote selling (such as beatings or bribes). Elections must be secure en masse lest honest votes be drowned by dishonest ones. Any system that allows outsiders to connect a voter to a vote, or to intercept and alter votes, gives that up. This is what allowed the man in the middle attack that took place in North Carolina.

This is fundamentally different from online shopping where the shopper, the vendor, and the financial service are each known, and transactions are independent. While the technologies involved are opaque, users can almost always follow the money. Despite this, online fraud still costs companies and individuals millions each year. Ultimately, online transactions are not so much secure as they are insured by parties who make enough to cover their losses. That is not possible with voting.

Third, it makes sense to adopt a fundamentally conservative view of election technology. The decisions of elections officials, decisions the author unfairly dismisses as "draconian, discriminatory, and unsafe" are often driven by legal mandates and hard-won experience that have been crafted over decades. Relevant laws in most jurisdictions mandate public access. If anything, it is the rise of e-voting that has hidden the process from the general public. This is why many good government groups back paper ballots with electronic tabulation. Paper, when properly secured with a clear chain of custody, provides a public, machine-independent check on otherwise opaque systems.

Fourth, the column argues for Internet voting based upon the assumption that it would increase turnout. However, there is little guarantee of that. Indeed, one recent study of Internet voting by Micha Germann and Uwe Serdült entitled "Internet Voting and Turnout: Evidence from Switzerland" concluded that Internet voting did not increase turnout over traditional methods.

Elections are an essential public process. As David Eckhardt of Carnegie Mellon University has noted, voters must have a clear method to publicly verify that things are working as they should. Absent that, the system is both illegitimate and insecure. Any model that cannot provide that is unacceptable, and the premise that we will figure it out over time is never good enough.

Collin F. Lynch, Raleigh, NC, USA

Back to Top

Author's response

Access to voting is a fundamental democratic principle. The use of mail-in ballots sent to all voters increases turnout, showing that in-person voting inhibits participation. Moreover, mail-in ballots reduce the cost of holding an election. These factors are even more favorable for Internet voting. Any technology that increases convenience and cost savings consistently upsets established norms, and that will be the case with voting.

Hilarie Orman, Woodland Hills, UT, USA


©2019 ACM  0001-0782/19/12

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and full citation on the first page. Copyright for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or fee. Request permission to publish from [email protected] or fax (212) 869-0481.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2019 ACM, Inc.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
Article Contents:
  • Introduction
  • Author's response
  • ACM Resources