There has been growing buzz around the potential for internet voting as states struggle with preparing to conduct safe and fair elections during the Covid-19 pandemic. Companies selling online voting systems promise a “silver bullet” to deal with voting during the pandemic: a new technology that will allow people to vote from their homes, a safe distance from others.
Unfortunately, there is no magical solution for running elections during a pandemic. Ensuring voters and election workers can be safe will require money, work, and time. States and localities need substantial resources to ensure they can handle more mail balloting and keep polling places safe.
Indeed, given all the other changes election officials and voters are facing this year, there couldn’t be a worse time to try to add a risky, unproven technology like internet voting into our elections, particularly when we know that hostile actors have not given up on disrupting our democracy.
Not during a crisis
Leading experts in cybersecurity, computer science, and election infrastructure agree that current technology cannot guarantee secure and reliable voting online. Many states, along with the Department of Defense for service members overseas, have experimented with internet-based voting platforms only to have abandoned them due to security vulnerabilities and ballooning implementation costs.
On May 7, a group of scientists reiterated these concerns in a letter to the Department of Homeland Security. The following day, DHS, the FBI, and the Election Assistance Commission issued guidance to states warning about the “significant security risk” of internet-based voting systems.
Many of the existing pilot programs have only involved a very small number of voters. West Virginia’s program in 2018 tallied just 144 ballots, with the secretary of state extolling its success, and leading the governor to permit election officials to create an electronic voting system for people with physical disabilities this year. Such limited results are insufficient to justify large expansions.
Yet a spokesman for the state of New Jersey said that a limited rollout of internet voting in its summer primary could be “essentially a pilot for if we need to use it more broadly in the future.” (After a lawsuit and opposition from election integrity groups, the state dropped plans for internet voting this summer, but left open the possibility of using it this November.)
During the best of times, implementing fundamental security practices for election system technologies continues to be a challenge. Amid a pandemic and presidential election is not the time to try out this unproven technology.
Limited resources
When state and local budgets are so strained, funding online voting pilot programs isn’t a good use of government funding. The Brennan Center has recommended that Congress allocate $4 billion to help state and local governments implement the necessary upgrades just to protect voters from both the coronavirus and cyberattacks this year. That’s where all available resources need to go.
And IT personnel in these jurisdictions are already under pressure to maintain existing election systems. Rolling out and supporting a brand new one would be an unnecessary distraction that would weaken the entire system overall.
Hostile actors have not stopped threatening our elections
It may be difficult to remember now, but a few months ago, one of the biggest threats to safe elections was from hostile nations like Russia, which engaged in a widespread attack against our election infrastructure in 2016. That threat hasn’t disappeared merely because we’re in the middle of a pandemic.
Indeed, Federal intelligence agencies continue to warn that “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process.” As Sen. Richard Burr (R-NC), then chairman of the Senate Intelligence Committee recently noted after the committee put out its April 2020 assessment of Russian interference in American elections, “With the 2020 presidential election approaching, it’s more important than ever that we remain vigilant against the threat of interference from hostile foreign actors.”
Online criminals have also been busy exploiting vulnerabilities resulting from the displacement caused by Covid-19, such as targeting people working from home. Hacking into an internet voting system to hold it for ransom or simply to sow chaos is a serious danger.
The need for federal leadership
The short-term problem of running an election during a pandemic and the longer-term problem of ensuring states and localities do not embrace insecure internet voting schemes hawked by private vendors both require federal solutions.
Right now, states need billions of dollars to ensure voters and election workers can participate safely in the 2020 elections. That includes everything from buying enough personal protective equipment and sanitizers at hundreds of thousands of polling places — for voters who choose to or must vote in person — to creating the infrastructure to securely and efficiently handle tens of millions of extra mail ballots.
In the longer term, the push for internet voting by vendors selling new systems to the public will continue. Strapped state and local election officials shouldn’t be left on their own to figure out whether a system is secure and reliable.
It is possible that one day, we can develop such a system. But currently, there are no generally accepted benchmarks to evaluate the security of online voting pilots that jurisdictions occasionally try. When this year’s elections are over, Congress should consider how key federal agencies, in partnership with the elections community and technology providers, can establish a risk management framework specifically for online voting systems that would allow election officials to rely on something more than the promises of private vendors looking to sell their product.
Until that happens, no one should be using such systems, especially as a knee-jerk response to a pandemic.