National: Study finds vulnerabilities in online voting tool used by several states | Maggie Miller/The Hill

Researchers with the Massachusetts Institute of Technology (MIT) and the University of Michigan found multiple security vulnerabilities in an online voting tool being used by at least three states. The study evaluated Democracy Live’s OmniBallot, a program that Delaware, New Jersey and West Virginia are using to allow military personnel and voters with disabilities to cast ballots amid the COVID-19 pandemic. The company also has a contract with the Defense Department to provide ballots to military personnel overseas. According to the paper published Sunday, the system opens up the voting process to a range of vulnerabilities that could lead to election interference. “We conclude that using OmniBallot for electronic ballot return represents a severe risk to election security and could allow attackers to alter election results without detection,” the researchers wrote.

National: Hackers Are Already Screwing With the 2020 Election | Eric Lutz/Vanity Fair

Donald Trump has spent months promulgating bad-faith attacks on remote voting, masking his fears that high turnout could favor his Democratic opponent with unfounded claims that it would result in widespread fraud. “WE CAN NEVER LET THIS TRAGEDY BEFALL OUR NATION,” he tweeted of mail-in voting last month. But while the president’s attacks on proposals to ensure votes can be safely cast amid the coronavirus pandemic may be obvious lies, some remote voting measures have raised legitimate concerns about the risk of foreign interference. With COVID-19 almost certain to remain an enormous public health issue through election day in November, several states—including ones led by Republicans—have sought to expand access to mail-in voting. A handful are going even further, experimenting with or ramping up online voting. According to the New York Times, the latter is potentially vulnerable to hacking, with researchers warning that online voting could present opportunities for foreign manipulation. “Online voting raises such severe risks that, even in a time of unrest and pandemic, these jurisdictions are taking a major risk of undermining the legitimacy of their election results,” University of Michigan computer science professor J. Alex Halderman told the Times.

National: As states explore online voting, new report warns of ‘severe risk’ | Susan Miller/GCN

As states look for alternatives to in-person voting in the event the coronavirus flares again in the fall, researchers at MIT released a report on the security of OmniBallot, an internet voting and ballot delivery system that been used by the military and overseas and disabled voters in approximately 600 jurisdictions. The platform was developed by Democracy Live, a company providing cloud-based voting technologies, that describes its OmniBallot Online product as an electronic, fully accessible ballot solution for vote-by-mail and absentee voters as well as for those covered by the Uniformed and Overseas Citizens Absentee Voting Act. Qualified voters can use the service to print their ballots, fill them out and mail them or deliver them in person. An online ballot marking version is used by disabled voters who use it to electronically select candidates, print the completed ballot and then mail it in or deliver it. This year, however, three states are allowing some voters to use the web application to return their ballots online, MIT researchers said.

Switzerland: Swiss Post set to relaunch its e-voting system, purchases Scytl | Sonia Fenazzi/SwissInfo

The controversial issue of e-voting is back: Swiss Post, which had halted the development of a project in July 2019, has bought a Spanish-owned system and plans to propose a platform ready for testing by 2021. The purchase was reported on May 17 by the SonntagsBlick newspaper, who wrote that the deal between Swiss Post and Spanish firm Scytl had been settled for an unspecified amount. The deal follows the bankruptcy of the Spanish company, with whom Swiss Post had been working on a system until flaws discovered last year sparked a political debate, which ended in the government dropping e-voting plans for the time being. Swiss Post spokesperson Oliver Flüeler confirmed to swissinfo.ch that last summer, despite the opposition, his company decided to continue developing a system on its own, and “after several months of negotiations” it secured the rights to the source code from Scytl. The aim is now to propose an e-vote system by 2021 that “takes into account various federal particularities” and “responds even better to the high and specific requirements of a Swiss electronic voting system”, Flüeler said.

National: How to Protect Your Vote – a technical report on Democracy Live OmniBallot | Michael A. Specter and J. Alex Halderman/Internet Policy Research Initiative at MIT

See the full technical report on OmniBallot here

Today, MIT and University of Michigan researchers released a report on the security of OmniBallot, an Internet voting and ballot delivery system produced by Democracy Live. This system has been deployed in Delaware, West Virginia, and other jurisdictions. Our goal is to provide election officials and citizens the information they need to ensure that elections are conducted securely. Based on our findings, we have specific recommendations for both governments and individual voters.

Editorials: Online voting is my 2020 cybersecurity nightmare | Lee Black/The Hill

COVID-19 social distancing measures will likely continue through 2020 — or should — significantly impacting the November election. One proposed solution has been a shift to online voting — an approach that is the dream of many voting reform advocates and the nightmare of cyber and national security experts. Online voting has an allure, given our pervasive use of the internet: We file taxes online, conduct banking transactions, meet future spouses, buy, and sell houses, and purchase a dizzying array of goods and services. We have shifted so much of our lives and responsibilities online that at times it seems backwards to not digitize every action. So why not voting? There is no room for error with foundational democratic exercises like voting. In this case, the process is more important than the outcome. Trust is a critical element of the system for the winner, but more importantly, for the loser, whose acceptance of defeat based on the will of the people allows for a peaceful transition of power. Many uncertainties surround the technical security needed to ensure confidence in the results of online elections. More troubling still is how foreign governments might seek to deconstruct or disrupt any online voting technology we deploy. Similar efforts are already being reported targeting healthcare and research institutions in the U.S. working on a COVID-19 vaccine. Several threats must be addressed before we ever vote online.

District of Columbia: Some D.C. Residents Were Allowed To Vote By Email. Was That A Good Idea? | Martin Austermuhle/DCist

By Monday, Ward 6 resident Alex Dickson was running out of options. She had requested an absentee ballot for the following day’s primary election, but even after repeated promises from the D.C. Board of Elections that one had been sent, she had yet to receive it. By late that day, election officials offered her another option: She could vote by email. “What? OMG that’s crazy,” wrote Dickson in a Twitter exchange with an election official. But on Tuesday morning, that’s what she did. Faced with what is reported to have been hundreds of complaints from D.C. residents who said they never got requested absentee ballots in the mail, early this week the elections board decided to offer the chance to cast their ballots via email, using an existing service that had been used in the past — but only for a small group of voters with disabilities, and also for those in the military living overseas. The move came in the last-minute scramble to accommodate voters ahead of Tuesday’s primary, which was being conducted largely through the mail because of the COVID-19 pandemic. But the sudden shift in how the election was to be run — announced in late March, two months ahead of the primary — wasn’t without its challenges, leaving the elections board struggling to keep up with a huge number of requests for absentee ballots: more than 90,000 all told, roughly tenfold most normal election cycles.

District of Columbia: D.C.’s use of email voting shows what could go wrong in November | Joseph Marks/The Washington Post

The District of Columbia’s last-minute decision to allow voting by email in this week’s primary is sounding warning bells for election security hawks. The practice puts election results at higher risk of hacking because there’s no way for voters to verify their votes were recorded accurately, they say. And the scramble is a disturbing preview of how election officials beset by challenges may bargain away security if they’re not better prepared by November. “Between now and November, the D.C. board and any other jurisdiction that’s paying attention to what happened [Tuesday] needs to be absolutely focusing their energies on ramping up voting by mail capacities,” Edward Perez, global director of technology development at OSET Institute, a nonprofit election technology organization, told me. “And they need to do it now, now, now. Not in July or August, and definitely not in September.”

Utah: Utah County Clerk Received Campaign Donation from Investor In Voting App The County Now Uses | Sonja Hutson/KUER

Utah County Clerk/Auditor Amelia Powers Gardner received a $1,500 campaign donation from an investor in the blockchain voting app Voatz in 2018, roughly 16 months before the county first used the app in its elections. Utah County started using Voatz for a primary municipal election in August 2019, so military and overseas voters could cast their ballots through an app. The county expanded the pilot program in November 2019 to allow voters with disabilities to use it. In her role, Powers Gardner supervises the county’s elections. When she first ran for the position in 2018, Powers received a campaign contribution from Overstock.com CEO Jonathan Johnson in early April. Johnson is also the president of Medici Ventures, which is a major investor in Voatz. In January 2018, the app announced it had raised $2.2 million in a round of seed funding led by Medici Ventures.

New Jersey: Division of Elections spent $89,000 for one online voter | David Wildstein/New Jersey Globe

New Jersey spent $89,000 to test online voting, but just one voter used the system in the May 12 non-partisan municipal elections. New Jersey Division of Elections director Robert F. Giles awarded the contact, obtained by the New Jersey Globe,  to Seattle-based Democracy Live, Inc. on April 27 to test an electronic ballot delivery system that would allow voters needing special assistance to vote online using their computer or mobile device. The contract was not publicly bid. “This was all very hush-hush,” a county clerk, speaking on the condition of anonymity told Globe.  “They didn’t want this heavily publicized.  They were just testing it and didn’t want people to know about it in case something went wrong.” The contract, which had been in the works, was not finalized until after ballots for the all-VBM May 12 elections had already been printed and mailed. Several election officials told the Globe that Giles instructed them to include an insert with the ballots that included vague language saying that a disabled voter needing assistance should call the county clerk’s office. One election official described the process as an “honor system” that would allow a voter to supply them with an e-mail address to send a link for online voting without any effective verification process. “We were told to just ask for an email address,” the official said.

Voting Blogs: Why Online Voting Isn’t the Answer to Running Elections During Covid-19 | Lawrence Norden/Brennan Center for Justice

There has been growing buzz around the potential for internet voting as states struggle with preparing to conduct safe and fair elections during the Covid-19 pandemic. Companies selling online voting systems promise a “silver bullet” to deal with voting during the pandemic: a new technology that will allow people to vote from their homes, a safe distance from others. Unfortunately, there is no magical solution for running elections during a pandemic. Ensuring voters and election workers can be safe will require money, work, and time. States and localities need substantial resources to ensure they can handle more mail balloting and keep polling places safe. Indeed, given all the other changes election officials and voters are facing this year, there couldn’t be a worse time to try to add a risky, unproven technology like internet voting into our elections, particularly when we know that hostile actors have not given up on disrupting our democracy.

New Jersey: New Jersey abandons internet voting, for now | Tim Starks/Politico

New Jersey has decided not to repeat its recent experiment with internet voting during its July 7 presidential primary, the state told MC on Wednesday. “Given Gov. [Phil] Murphy’s announcement on how the primary will be run, it was determined that we don’t need the technology,” said Alicia D’Alessandro, a spokesperson for Secretary of State Tahesha Way. New Jersey allowed voters with disabilities to cast ballots online during May 12’s municipal elections, becoming one of the first states to test the technology as the coronavirus pandemic prompts in-person voting fears. That decision quickly drew a lawsuit from residents seeking to enforce a 2010 court order prohibiting any voting equipment connected to the internet. The Garden State’s decision comes as activists urge election officials to heed the overwhelming expert consensus: Internet voting is fundamentally insecure. Warnings from multiple federal agencies and independent experts “should be enough for New Jersey should to immediately ban all internet-based voting systems for all future elections,” said Penny Venetis, the director of Rutgers University’s International Human Rights Clinic, who wrote a letter supporting the recent lawsuit. (Only one person used the internet voting platform in the May 12 elections, according to Venetis.)

New Jersey: Emergency Motion to Stop Internet Voting in New Jersey | Penny Venetis/Freedom to Tinker

On May 4th, 2020 a press release from mobilevoting.org announced that New Jersey would allow online voting in a dozen school-board elections scheduled for May 12th. On May 11, the Rutgers International Human Rights Clinic filed an emergency motion to stop internet voting in New Jersey. During a conference on May 18 with Superior Court Judge Mary Jacobson, the State notified the court that it had abandoned its plans to use internet voting for the upcoming July 7 primary election.  The Clinic, led by Rutgers Law School professor Penny Venetis, argued that the Democracy Live online voting system (that New Jersey planned to use) violated a broad court order issued in March 2010 by Judge Linda Feinberg.  That order was issued in the Clinic’s case Gusciora v. Corzine, which challenged paperless voting machines as unconstitutional.   The March 2010 court order stated clearly and unequivocally that no part of any New Jersey voting system could be connected to the internet, under any circumstance.  New Jersey has a continuing obligation to ensure that the order is followed, and that all voting-related software is “hardened” on a regular basis.

Philippines: Comelec to push test run of mobile voting app | Leslie Ann Aquino/Manila Bulletin

The Commission on Elections (Comelec) is pushing through with the plan to test run the mobile voting application for possible use in future poll exercises. Poll Commissioner Rowena Guanzon said they will hold the test run as soon as it is safe to conduct it. “We have to choose countries where there are very low risk of contamination,” she said. “We have to find ways to test it without personal contact with the providers,” she added. Guanzon, Comelec – Office for Overseas Voting (OFOV) commissioner-in-charge, said with the COVID-19 pandemic, there is more reason to push for mobile app voting by Filipinos overseas especially those in the United States and seafarers. The Comelec en banc had earlier approved the test run of the mobile voting application overseas for possible use in the May, 2022 polls.

National: Risks Overshadow Benefits with Online Voting, Experts Warn | Lucas Ropek/Government Technology

Government officials have expressed mounting concerns for how the COVID-19 virus could diminish voter turnout during the 2020 presidential election. As a partial solution, a handful of states have turned to Internet voting pilot programs: New Jersey, Delaware and West Virginia have all recently launched pilots, most of which are limited in scope and focus mainly on alleviating barriers for disabled and overseas voters. However, the computer science community — long critical of internet voting — sees the programs as a slippery slope towards a looming security risk. David Dill, a computer science professor at Stanford University, is one of the prolific naysayers. Having spent much of his career researching holes in software code, Dill said that there is just simply no way to ensure that devices and apps are free of malware that might manipulate a voter’s choices. Similarly, a hacker from an adversarial foreign government could always theoretically hack their way into these systems and change or manipulate votes. “Between your keyboard and your vote going into an electronic ballot box on the other end of the Internet, there are a lot of bad things that could happen,” he said. “This problem is not fixable, at least not in practical terms.”

New Jersey: Lawsuit aims to halt any more online voting in New Jersey | Sara Swann/The Fulcrum

New Jersey piloted a new online voting system for people with disabilities this week, but a lawsuit could stop the state from using it again. Human rights activists and law school students are challenging the new voting system, arguing it’s unfair to expose only one category of voters to significant risk their ballots will get hacked with impunity. Using a special app to vote over the internet is denigrated by most cybersecurity experts, who say the threat of votes being compromised is hardly worth the convenience. Four federal technology, law enforcement and election agencies united behind a report this month bluntly warning states against adopting online voting because “ensuring ballot integrity and maintaining voter privacy is difficult, if not impossible, at this time.” New Jersey ran its first test of online voting in 33 local elections Tuesday. The system was only available for people with disabilities, who would have had difficulty casting ballots in contests that were otherwise conducted entirely by mail because of the coronavirus pandemic.

New Jersey: Lawsuit tries to block Internet voting in New Jersey | Joseph Marks/The Washington Post

Human rights activists and New Jersey law students are suing to block the state from using Internet-based voting systems, which security experts say are fundamentally insecure against hacking. The effort is a shot across the bow for the online systems, which some states have embraced as a solution for people who have trouble voting by mail during the pandemic despite widespread security concerns. New Jersey piloted an app-based system on Tuesday in a collection of 33 small elections for people with disabilities that make it impractical for them to vote by mail. Everyone else had to vote by mail and there was no in-person voting option. New Jersey officials haven’t said whether they plan to repeat the pilot in the state’s July primary or the general election, but the lawsuit is trying to stop those plans before they start. It’s essentially an offshoot of an earlier lawsuit that challenged the security of the state’s voting machines and also dealt with the danger of voting systems going online. “It’s critical that voting be accessible for everybody but not at the expense of security and the risk of a group of people having their votes manipulated,” said Penny Venetis, director of Rutgers University Law School’s International Human Rights Clinic, which is challenging the use of online voting on behalf of Coalition for Peace and its New Jersey division as well as a state legislator.

National: Why A Voting App Won’t Solve Our Problems This November | Kaleigh Rogers/FiveThirtyEight

At 106, MacCene Grimmett is one of the oldest voters in the state of Utah. Though women didn’t have the right to vote when she was born in 1913, by the time she was of voting age, the 19th Amendment had passed. She has voted in every election since, she told her local Fox affiliate, including the Utah County municipal general election last November. But that time, the centenarian cast her ballot in a novel way: She voted via an app. America is 174 days away from a presidential election. It’s also in the middle of a pandemic that upended normal life, requiring mass shutdowns and social distancing. Those two things don’t exactly jive. Having millions of Americans stand in crowded polling places for hours to cast a ballot on Election Day sounds like the makings of a public health disaster — especially if there is a second surge of COVID-19 infections in the fall, as some experts predict. So now, election officials are looking for ways to hold elections remotely. One option that has been proposed is voting via an app on a smartphone or electronic device, just like Grimmett did last fall (though so far, states seem to only be considering this option for certain groups of voters, such as voters with disabilities).

National: Experts sound alarms about security as states eye online voting | Maggie Miller/The Hill

Experts are sounding alarms about potential security risks as several states consider allowing online voting amid the COVID-19 pandemic. Delaware, New Jersey and West Virginia are planning to allow overseas military personnel and voters with disabilities to return their ballots electronically for elections this year amid concerns about voting during a pandemic. But federal officials and cybersecurity experts are strongly urging states to stay away from online voting, arguing that it could open up new avenues for interference less than four years after Russia meddled in the 2016 elections. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) joined a group of federal agencies in condemning the idea of online voting in guidelines first reported by The Guardian last week. The guidelines, sent to states privately, described online voting as “high risk.” “Electronic ballot return, the digital return of a voted ballot by the voter, creates significant security risks to voted ballot integrity, voter privacy, ballot secrecy, and system availability,” the agencies wrote in the guidelines. “Securing the return of voted ballots via the internet while maintaining voter privacy is difficult, if not impossible, at this time.”

National: Experts say mobile voting tech isn’t the answer to COVID-19 | Alexander Culafi/TechTarget

Despite a need for alternatives to in-person voting during the COVID-19 pandemic, experts say mobile voting will not be ready for this year’s general election. Nearly a dozen pilot programs for mobile voting apps and internet voting portals have been launched across the U.S. in the last few years. And that was prior to the coronavirus pandemic, which postponed some state and primary elections this spring and caused concern over the safety of potentially crowded polling locations. “It’s pretty obvious that the coronavirus is making it difficult to have our standard election. That’s having an even bigger impact in urban centers where voting lines can already last for hours and be quite packed. And people are looking for other ways we can have the constitutionally mandated vote without putting people at risk,” said Jim Hendler, artificial intelligence researcher at Rensselaer Polytechnic Institute as well as a fellow at the Association for Computing Machinery (ACM).

West Virginia: Online Voting Has Worked So Far. That Doesn’t Mean It’s Safe | Lily Hay Newman/WIRED

West Virginia state delegate Eric Porterfield is blind and usually votes at a polling place using an accessible voting machine. He would need assistance to fill out a regular mail-in paper ballot, reducing his ability to keep his votes private. But thanks to a state law passed in January to address accessible remote voting, Porterfield has a new alternative for his state’s June 9 primary. For the first time, he plans to submit his absentee ballot online. “The gold standard for you or me or anyone is to be able to fulfill our constitutional right to vote by private ballot,” Porterfield says. The Covid-19 pandemic has made internet voting options more tempting than ever for election officials across the US. But election integrity advocates and security experts continue to warn that remote digital voting systems, whether mobile apps or cloud portals, do not have strong enough security guarantees for prime time. On Friday, a group of federal agencies including the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the Election Assistance Commission sent a risk assessment to states, warning that “electronic ballot return technologies are high-risk even with controls in place.”

National: Internet-based voting is the new front in the election security wars | Joseph Marks/The Washington Post

Voting systems that rely on the Internet are fast becoming a major conflict zone in the battle to secure the 2020 election against hacking. The development comes as states are scrambling to revamp their voting procedures to respond to the novel coronavirus pandemic. In some cases that means allowing digital voting to play a more prominent role, despite persistent warnings from experts that it’s highly insecure and often unverifiable. The Department of Homeland Security, the FBI and the Election Assistance Commission jumped into the fray on Friday, sending guidance to states warning about the major security challenges posed by all voting systems that use the Internet in some way. The guidance covers ballots sent digitally to voters; ballots sent and marked online but printed out and returned by physical mail; and ballots that are received and returned entirely digitally. The agencies warned about dangers related to all three systems but especially the third, which they say poses “significant security risks.” Among those risks: Hackers could change large numbers of votes, block votes from being recorded or undermine ballot secrecy.

National: DHS memo: ‘Significant’ security risks presented by online voting | Sean Lyngaas/CyberScoop

The Department of Homeland Security has told election officials and voting vendors that internet-connected voting is risky to the point that ballots returned online “could be manipulated at scale” by a malicious attacker. The advisory that DHS’s Cybersecurity and Infrastructure Security Agency sent states on Fri ay is perhaps the federal government’s sternest warning yet against online voting. It comes as officials weigh their options for conducting elections during a pandemic and as digital voting vendors see an opportunity to hawk their products. While the risk of election officials delivering ballots to voters via the internet can be managed, the return of those ballots by voters “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” CISA said in the guidance, which CyberScoop reviewed. “These risks can ultimately affect the tabulation and results and, can occur at scale.” The guidance, which is marked “For Official Use Only” and is not public, cites a theoretical “man-in-the-middle” attack, in which a hacker intercepts and alters data, as one risk to voters who return ballots electronically. Other federal agencies involved in election security — the Election Assistance Commission, the FBI, and the National Institute of Standards and Technology — signed off on the document.

National: Federal Agencies Warn States Online Voting Is ‘High Risk’ | Miles Parks/NPR

The federal government is letting states know it considers online voting to be a “high-risk” way of running elections even if all recommended security protocols are followed. It’s the latest development in the debate over Internet voting as a few states have announced they plan to offer it to voters with disabilities this year, while security experts have voiced grave warnings against doing so. An eight-page report distributed to states last week recommends mail-in ballots as a more secure method of voting. It was co-authored by four federal agencies, including the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. “We recommend paper ballot return as electronic ballot return technologies are high-risk even with controls in place,” says the document, according to a copy obtained by The Wall Street Journal. A source with knowledge of the document confirmed its authenticity to NPR. West Virginia, Delaware and New Jersey all have confirmed plans to pilot a system provided by the Seattle-based company Democracy Live in upcoming elections to allow military and overseas voters as well as some voters with disabilities the option to vote online.

National: US government plans to urge states to resist ‘high-risk’ internet voting | Kim Zetter/The Guardian

The Department of Homeland Security has come out strongly against internet voting in new draft guidelines, breaking with its longstanding reluctance to formally weigh in on the controversial issue, even after the 2016 Russian election hacking efforts. The move comes as a number of states push to expand the use of ballots cast online. The eight-page document, obtained by the Guardian, pulls no punches in calling the casting of ballots over the internet a “high-risk” endeavor that would allow attackers to alter votes and results “at scale” and compromise the integrity of elections. The guidelines advise states to avoid it altogether or restrict it to voters who have no other means of casting a ballot. The document primarily addresses a type of internet voting called electronic ballot delivery and return – where digital absentee ballots counties send to voters overseas via email or a web portal are completed and returned via email attachment, fax or direct upload – but it essentially applies to all forms of internet voting. No states currently offer full-on internet voting, but numerous states allow military and civilian voters abroad to receive and return ballots electronically, and some of these voters use an internet-based system that allows them to mark their ballot online before printing it out and mailing it back or returning it via email or fax.

National: Agencies Warn States That Internet Voting Poses Widespread Security Risks | Dustin Volz/Wall Street Journal

Several U.S. government agencies told states on Friday that casting ballots over the internet poses high levels of cybersecurity risk and is vulnerable to disruption, a warning that came as some states consider expanding online voting options to cope with challenges created by the coronavirus pandemic. The unusually stark, eight-page federal risk assessment, sent to states privately, said that electronic delivery and return of ballots could be manipulated at a scale that allows for the wholesale compromise of elections, unlike the tampering of physical mail ballots, which is difficult to achieve and limited in its potential size or impact. But attacks on internet voting “could be conducted from anywhere in world, at high volumes, and could compromise ballot confidentiality, ballot integrity, and/or stop ballot availability,” the advisory, which was reviewed by The Wall Street Journal, stated. It rated the electronic delivery of blank ballots to voters as a low risk, but said allowing voters to return completed ballots electronically was high risk. While government officials previously have said internet voting poses risks, the new assessment contains the most direct language yet from federal authorities who typically avoid specifically instructing state and local election officials on how to carry out their elections. Some election officials have resisted calls for federal limitations on internet voting or voting machines that allow for wireless internet connectivity. But the assessment makes clear that vote-by-mail options are preferred to internet voting. “While there are effective risk management controls to enable electronic ballot delivery and marking, we recommend paper ballot return as electronic ballot return technologies are high-risk even with controls in place,” the document said.

National: States worried about mail-in ballot access consider online voting options | Matthew Vann/ABC

Some states, predicting challenges around expanding paper ballot access in time for the November general election amid the COVID-19 pandemic, are weighing the use of Internet-based voting platforms. The considerations come as election officials across the country brace for what will likely be a record year of mail-in paper ballot usage amid the ongoing COVID-19 pandemic. ABC News has confirmed that Delaware, New Jersey and West Virginia will permit groups of eligible voters across their states to use online voting platforms for upcoming local elections and presidential primaries as several other states consider wider usage for elections this fall. The use of online and mobile based voting platforms introduces significant cybersecurity risks, that many election experts warn have the potential to be used by foreign actors looking to influence election outcomes. Ahead of the 2020 primary season, former senior government officials and private sector executives warned of computerized voting equipment as particularly vulnerable at a House Cybersecurity, Infrastructure Protection and Innovation subcommittee hearing in 2019 leading some states to drop plans they may have had in motion.

Ohio: Democratic Lawmakers Propose Blockchain Voting in Elections Overhaul Bill | Danny Nelson/Yahoo News

Democrats in the Ohio House of Representatives have proposed launching a blockchain voting pilot for overseas military voters registered in the Buckeye State. Introduced Tuesday as part of the Democrats’ elections law overhaul, the bill calls on Ohio Secretary of State Frank LaRose to “establish a pilot program” of blockchain voting specifically for uniformed service members stationed outside the U.S. The bill was introduced by Reps. Beth Liston and Michele Lepore-Hagan, and cosponsored by 16 other Democrats. The proposal is unusually detailed on blockchain’s role. If passed, it would see military members transmit their ballots to election officials via “encrypted blockchain technology” that “protects the security and integrity of the process and protects the voter’s privacy.” The receiving board of elections would then print out that ballot “for counting purposes.”

National: Is online voting the answer during a pandemic? Cybersecurity experts say no | Brooke Wolford/McClatchy

The coronavirus pandemic has created a need for a new way to hold elections, and while many states are considering vote-by-mail, some states are experimenting with “internet voting.” But some experts and officials from both parties worry that could put the security of the country’s elections at risk, according to NPR. Two states will allow some to vote online, both using technology from the Seattle-based company Democracy Live, NPR reported. Delaware became the latest state to allow voters with disabilities, voters overseas and military voters to use the cloud-based system, according to NPR. West Virginia passed a bill earlier this year allowing voters with disabilities to use the technology, following its decision to allow overseas and military voters to use an app to vote in the 2018 midterms, NPR reported. New Jersey is reportedly considering allowing it under the same circumstances, according to NPR. Eugene Spafford, Purdue University’s director emeritus of the Center for Education and Research in Information Assurance Security, released a statement expressing his concern about the growing list of municipalities choosing to use online voting software, according to a release from the university.

National: Some States Dabble in Online Voting, Weighing Pandemic Against Cybersecurity Concerns | Alexa Corse and Dustin Volz/Wall Street Journal

A few states are allowing some voters to cast ballots over the internet in coming elections, overriding concerns from cybersecurity experts about tampering or technical glitches as election officials grapple with voting amid the coronavirus pandemic. At least three states—Delaware, New Jersey and West Virginia—will allow small slices of their electorates to use an online voting tool in presidential primaries or local elections. Those eligible chiefly include voters who are overseas, in the military, or sick or disabled. Particularly for those overseas and in the military, they would ordinarily vote by mail but that option could be hindered by the pandemic’s disruptions to postal services. At least two of these states looked into the option before the pandemic, and supporters say their efforts could promote wider adoption of online voting, particularly as states grapple with containing the pandemic. The move, if limited, shows how the pandemic is forcing some election officials to weigh protecting public safety along with cybersecurity in ways that seemed far-fetched a few months ago.