An early adopter of all things high-tech argues against online elections.
I began my college studies in computer science in 1985, and I watched as the Internet transformed the world over the last 25 years. As a computer scientist, I have an acute appreciation for the benefits of our global, interconnected network. I love the Internet.
By all accounts, I am an early adopter. I was the first of all my friends with a cellphone and a mobile email reading device. I was the first to buy an Apple Newton; I hacked my own TiVo when the product was first introduced, and I use a smart doorbell and thermostat at home. I embrace technology and progress. Let’s put it all online. Find a way to automate this. Give me a high-tech way to do that.
I do online banking, store my medical records in the cloud, and use wireless payments at the mall. My car, a 2013 Tesla, has its own Internet connection, and I navigate my boat with my iPad.
So why am I stuck in the Dark Ages when it comes to voting? Why do I believe in paper ballots instead of direct-recording electronic voting machines? And why do I believe that we will not be able to securely vote on the Internet in the foreseeable future?
The answer is that voting is a unique sort of application. The goal in an election is not to perform difficult computations, save time or money, or do something that was never possible before. Rather, the goals in an election relate to security. We would like that:
- The votes are counted fairly and honestly.
- No party can get away with cheating on the vote count.
- Everybody should believe that the election was fair and honest.
- As few people as possible are trusted.
- There is a way to resolve disputes to everyone’s satisfaction.
I believe that there is not a system in the world today that attains these goals. I also believe that the more automated a system is and the less transparent its operations, the further we get from satisfying these objectives.
Internet voting requires trusting the software developers who create the system, trusting the network providers, trusting the network protocols, and trusting the end systems in people’s homes. Over the last decade, we have seen security incidents on the Internet increase exponentially. As attackers grow in sophistication, the systems they are exploiting are growing in complexity. It is the perfect storm for mayhem.
Voting is not like banking. For example, votes must remain anonymous. You cannot audit a system and verify that the votes are correct if you cannot attribute them to specific users. It is the requirement of voter anonymity that makes the problem hard. Would you bank online if the system could not keep track of your identity along with your money?
Imagine that on Election Day, a rogue group of hackers hired by a foreign nation state perform simple degradation of service attacks against a particular set of voters with a specific party affiliation in a battleground state. This type of attack is practical, easy to mount, and only one example of how an online election can be influenced in a meaningful way that would probably go undetected.
So, have your online games, your high-tech toys, your Internet of Things. But keep elections off the Internet. It’s the wrong platform and a dangerous place to entrust our democracy.
Aviel Rubin is a professor of computer science at Johns Hopkins University and the technical director of the Johns Hopkins University Information Security Institute.