A controversial change in Maryland Gov. Martin O’Malley’s otherwise popular bill to expand early voting could lead to voter fraud and expose the state’s elections to cybersecurity threats, according to a voting group and election technology experts. The provision, sought for more than a year by Maryland’s State Board of Elections, would allow any Marylander to receive a password by e-mail to download and mark a ballot at home before mailing it back to elections officials. But the problem, critics warn, is that the e-mail system lacks basic protections and there would be no signature verification or other means to ensure that the person for whom the ballot is intended is actually the person who casts it. Experts have also warned that the proposed online ballot delivery system could be hacked on a massive scale because of a second and related vulnerability that still exists with the state’s new online voter registration system. Maryland residents can register to vote online with a driver’s license number. But in Maryland, that number is a formula of a resident’s name and birth date that can be found online.
Rebecca Wilson, co-director of the nonprofit SAVE Our Votes, testified before state lawmakers Thursday that any hacker who pays $125 for Maryland’s publicly available database of voter records and who is adept at scouring Facebook or other social media sites for birthdays could easily assume voters’ identities and compromise a state election.
“By taking the voter history file, it’s pretty easy to see who votes and who doesn’t. A hacker could target those who don’t vote and request absentee ballots on the behalf of tens of thousands, and there would be no way for the State Board of Elections to determine that,” said Wilson, a chief elections judge in Prince George’s County.