In theory, using the internet or e-mail to vote for the U.S. president sounds like a good idea. It would be easier than rushing to the nearest polling station before or after work, and it might pull in notoriously apathetic younger voters already living most of their lives via screens. But in reality these online channels have proved to be terribly insecure, plagued by cyber attacks and malicious software able to penetrate supposedly well-protected financial, medical and even military systems.
Such security concerns are the most frequent and convincing arguments against online voting—there is no way to fully secure e-voting systems from cyber attack. Online voting systems are also expensive and often require voters to waive their right to a secret ballot.
Still, at least 31 states and the District of Columbia do let military and expatriate voters use the internet to submit marked ballots via e-mailed attachments, fax software or a Web portal according to Verified Voting, a nonprofit organization that studies the security of electronic voting systems. Twenty-one of those states and D.C. let voters e-mail or fax in their ballots, and another five states allow some people to cast their votes via special Web sites. “You can make voting more secret with a Web site because there is no e-mail address to trace a vote back to but the information about a person’s vote and their voter ID number are still out there on a server,” says Jeremy Epstein, a senior computer scientist at nonprofit research organization SRI International.
In 2012 Alaska became the first state to allow internet voting for all residents—roughly 740,000 people spread over about 1.7 million square kilometers. “The motivation to offer internet voting is a good one to make it easier for geographically dispersed people,” Epstein says. But just like military personnel overseas, Alaska online voters also give up their right to a secret ballot. “When returning the ballot through the secure online delivery system, your are voluntarily waiving your right to a secret ballot and are assuming the risk that a faulty transmission may occur,” reads a notice on the state’s Division of Elections Web site. Military personnel often vote online out of necessity, Epstein adds: “They either don’t understand that they’re giving up secrecy to vote online or they would rather compromise that secrecy than not vote at all.”
There are also serious concerns about cyber attackers influencing elections. More use of internet voting would make fear of “rigging” even more of an issue than it has already become during the current election, Epstein says. If an election’s results are extremely unexpected or need to be audited, checking actual ballots is a lot more reliable than checking computer systems for signs of tampering. “Rigging an election electronically would be a lot more likely than someone going from precinct to precinct to tamper with votes,” Epstein says. “We do not know how to build foolproof [online] systems.”
For proof, look no further than the recent large-scale cyber attack that shut down parts of the Web by targeting some of the computer servers running the internet’s infrastructure. Those servers were attacked in part by insecure Web-connected gadgets—such as home-monitoring cameras—that make up the growing Internet of Things. The FBI is investigating how hackers accessed Arizona’s and Illinois’s state election databases earlier this year, and has asked other states to be on alert for similar activity from would-be cyber attackers probing their board of elections Web sites for weaknesses. More than 20 state election systems have been hacked during this election season, according to ABC News.
Security threats have kept large numbers of precincts from investing in online voting systems—but others have enthusiastically pushed forward. Despite having its 2010 pilot e-voting system hacked in less than 36 hours by a team of researchers enlisted to probe for weak security, the District of Columbia opted to move forward with internet voting plans. Concerns have also risen over examples in other countries, such as Estonia’s e-voting systems, which went live in 2005. A May 2014 report from U.S., U.K. and Finnish researchers about Estonia’s 2013 elections found the system highly vulnerable to cyber attack and fraud, and recommended it be shut down until those problems could be fixed. The country ignored the warning and saw an increase in online voting the following year. More than 30 percent of voters in the country’s parliamentary elections voted online in 2015, up from about 25 percent for the May 2014 elections.
“Internet voting is not dead—unfortunately—and keeps coming up,” says David Dill, founder of Verified Voting and a Stanford University computer science professor. “There have been no breakthroughs that would make it acceptably trustworthy, but people are still trying to sell it and a lot of legislators still don't understand why it’s problematic.”
In addition to being insecure, online systems are much more expensive than the voting booths and scanners more widely used to cast ballots. “It’s between 10 and 1,000 times more expensive to set up an internet voting system than it is to use the existing technology,” says Epstein, who served on a Virginia legislative commission that investigated the security of electronic ballots for overseas military voters last year. The commission estimated it would cost about $2.3 million (pdf) to develop and install an internet-based voting system that would serve about 2,000 military and civilian voters. Running it would cost more than $800,000 per election. “That works out to about $1,500 per voter for the first year and $400 per year thereafter, compared to about $4 per year for a paper-based in-precinct system,” Epstein says.
Ultimately Virginia state legislators decided against passing a law they had been considering that would have required the state’s Department of Elections to build an online voting system for deployed military personnel and overseas citizens. These voters can request an absentee ballot via e-mail, but they have to mail it back the old-fashioned way.
There are options for making online voting more secure and less expensive—but for now there is no way to guarantee the integrity of votes while maintaining ballot secrecy, Epstein adds. “I don’t think there’s any really clear path forward,” he says.