The announcement of this year’s Best Picture winner on Sunday will culminate an experiment unprecedented in the 85-year history of the Academy of Motion Picture Arts and Sciences. For the first time, Oscar winners will be determined largely by votes cast online. At a time when New Jersey and other states are considering holding more consequential elections over the internet, we should ask: How did the Oscar experiment go? Unfortunately, it went poorly, for reasons that shed light on the inherent difficulty of conducting secure, accessible, credible elections online. Problems for Oscar voters began at the beginning: logging in. Voters were required to create special, complex passwords, but when they tried to log in to the Oscar website, many found their passwords rejected. After re-entering passwords several times, voters were locked out of the site entirely and forced to call a help line. Many then had to wait for new passwords, delivered by snail-mail. Even relatively young and tech-savvy voters weren’t immune. As 42-year-old documentarian Morgan Spurloch told the Hollywood Reporter, “There’s even some young farts like myself that are having problems.”
These problems should sound familiar in New Jersey. Our state just conducted its own ad hoc experiment with online voting: Days before November’s election, as many of us struggled to recover from Hurricane Sandy, voters displaced by the storm were told they could vote by e-mail. The result was chaos. Election clerks reported e-mail systems that were overwhelmed. In one county, voters were instructed to e-mail ballot requests to a Hotmail account. Many didn’t know that, by law, their e-mail vote was only a placeholder and that they also had to mail a paper ballot. Others didn’t fully understand that, because their ballot needed to be linked to their e-mail address to verify eligibility, voting online meant sacrificing the right to a private ballot. Ultimately, election officials postponed the voting deadline beyond Election Day to give voters time to overcome unpredicted obstacles.
Problems encountered by Oscar voters or Sandy victims might be dismissed as peculiar consequences of ill-thought-out systems, but, in fact, difficulties such as these are inherent to all forms of internet voting.
The fundamental problem is that online election systems must serve many contradictory ends. The system must be easily accessible to every registered voter, yet prevent unauthorized access by hackers. The system must credibly determine a voter’s identity, yet maintain the anonymity of each ballot. The system also must be accessible to a variety of computer hardware and software, yet not be vulnerable to malware or bugs on any user’s computer. The system must use cutting-edge cryptographic tools, yet be simple enough that my 99-year-old mother can use it. And it must be accessible 100 percent of the time, though it will be a tempting target for denial-of-service attacks.
… As a senior adviser at the National Institute of Standards and Technology, which evaluated internet voting at the request of the Election Assistance Commission, has said, “Internet voting systems cannot currently be audited with a comparable level of confidence in the audit results as for those for polling place systems. Malware on voters’ personal computers poses a serious threat that could compromise the secrecy or integrity of voters’ ballots. And the United States currently lacks an infrastructure for secure electronic voter authentication.”