A group of concerned cyber security experts and voting rights advocates released a statement today warning that Internet voting for this year’s Academy Awards must not become a model for public elections. The group includes advocacy organizations Common Cause and Verified Voting and some of the most renowned figures in computer science including Ron Rivest, co-founder of RSA and Verisign and recipient of the Turing Award;[1] and Dr. Barbara Simons, former President of ACM and author of Broken Ballots: Will Your Vote Count? “When the Academy of Motion Picture Arts and Sciences announced that it would be using an online voting system to help its members choose this year’s Oscar nominees and finalists, thereby adding to the “credibility” of online voting, we found ourselves compelled to remind the general public that it is dangerous to deploy voting by email, efax, or through internet portals in public governmental elections at this time,” the experts said. “Public elections run by municipal, local and state governments should not be compared to elections like the one run by the Academy.”
The goal behind the statement was to ensure that lawmakers and election officials do not lose sight of the real risks to election integrity that Internet voting creates for public elections, despite the fact that an entity as glamorous as the Academy is using it for a private election. Private elections may be subject to rules and procedures which may make it possible to mitigate or detect cyber attacks; these conditions do not exist in public elections which require state and local officials to abide by a complex set of state and federal laws such as requiring that the ballot be secret.
“Cyber security experts at the National Institute of Standards and Technology[2] and the Department of Homeland Security[3] have warned that current Internet voting technologies should not be deployed in public elections,” the statement said. “Internet voting systems, including email, fax and web based voting systems in which marked ballots are cast online, cannot be properly protected and may be subject to undetectable alteration.”