National: EAC on internet voting funds | Tim Starks/Politico

State election officials can use the grants they received in the CARES Act (H.R. 748) to fund internet voting projects, the Election Assistance Commission confirmed to MC on Friday. The rollout of internet voting is a permitted use of the grants if it is done “in response to [the] coronavirus and the 2020 election,” Mona Harrington, the agency’s acting executive director, said in an email to Eric. News that states can use the grants for internet voting, first reported by MC, comes as three states prepare to let some residents vote online in upcoming contests, with two of them adding the option due to the ongoing pandemic. Election security experts lambasted the decision, saying the government was effectively putting its seal of approval on a technology they consider highly dangerous. “To me, the purpose [of the grants] is to promote safety in elections and security in response to the COVID crisis — which should mean responsible vote-by-mail, early voting, and safe in-person voting options,” said Adam Ambrogi, a former EAC staffer who leads the elections program at the Democracy Fund. “The downside risks of moving in this direction are immense,” said Douglas Jones, a University of Iowa computer science professor who studies electronic voting. Asked about the legislative language, Jones said, “I think there are too few strings.” Congress did not address specific technologies when it authorized $400 million for “election security grants” in the CARES Act, a fact that dismayed a key lawmaker. “It would be a mistake for states to experiment with [insecure] methods of voting when there are time-tested and safer alternatives readily available,” House Administration Chairwoman Zoe Lofgren (D-Calif.), whose committee oversees election policies, told MC in a statement. “Requiring vote by mail paper ballots for all voters who want one and expanding early voting to reduce crowd size on election day, as House Democrats have proposed, will not only produce a verified paper trail that is secure and auditable, but also protect the safety of voters and the integrity of our elections.”

National: Coronavirus boosts push for online voting despite security risks – It’s “the wrong direction to defend our democracy,” one cyber expert says. | Eric Geller/Politico

Three states will let some of their voters cast ballots online in the coming weeks — a trend that has gained momentum from the coronavirus pandemic but threatens to introduce new security risks into the nation’s already vulnerable elections. Delaware said this week that it will allow residents with disabilities to vote online during its June primaries, while New Jersey said it would do the same for this month’s nonpartisan municipal elections. West Virginia, whose primary is also in June, previously announced plans to offer internet voting for overseas residents, military service members and voters with disabilities. The modest increase in internet voting is yet another example of how the pandemic has upended priorities across the United States, four years after Russian hacking inspired a nationwide effort to deploy more secure, paper-based voting machines. Now, the virus is turning in-person voting into a health risk — and some election officials are exploring online voting as one alternative, despite extensive warnings from cybersecurity experts that the technology poses dangers no one has been able to solve. “I hope that other states will exercise caution rather than jumping on the bandwagon,” said Dan Wallach, a computer science professor at Rice University who helps draft federal voting-system standards. “We need to defend our elections against nation-state adversaries. Moving toward online voting is the wrong direction to defend our democracy.”

Delaware: State piloting new internet-based voting system for disabled, overseas voters | Sophia Schmidt/Delaware First Media

Delaware is piloting a new electronic ballot marking and cloud-based storage system for a limited population of voters during its presidential primary next month.  So far more than 700 disabled or overseas voters have cast absentee ballots for the upcoming election using the system — which is made by Democracy Live and stored in an Amazon Web Services environment, according to State Election Commissioner Anthony Albence. A couple hundred more have used the tool to mark their ballots, then submitted them by email, mail or fax. Albence says his Department has been happy with the system’s performance so far. Last week NPR reported Delaware is the second state to try internet- or cloud-based voting for small portions of its electorate. Albence notes the state has accepted votes trasmitted over email before. Still, he rejects the term “internet voting” to describe the new Democracy Live system. Cybersecurity experts disagree. “With any system like what Delaware is doing, the entire voting system now for these voters is taking place online,” said J. Alex Halderman, a professor of computer science and engineering at University of Michigan and co-founder of an internet security company. “That means all of the risks of foreign hacking are unfortunately at play.”

Editorials: Online Voting Is Not the Answer Even in a Pandemic | Hans von Spakovsky/The Daily Signal

What is the best way to conduct elections in a time of epidemic? The simplest and most obvious answer might appear at first glance to be voting over the internet—via email, fax, blockchain, or smartphone apps. While this would certainly seem to fit with our internet-dependent lives as we socially distance, online voting is not a viable or acceptable solution and must not be on the table. No method of casting ballots over the internet is safe, secure, or trustworthy. Period. Votes can be manipulated or changed, recorded and spied on, deleted or cast fraudulently through hacking, viruses, Trojan horses, and other types of malware. The even bigger danger is that these sorts of attacks could succeed and go completely undetected, imperiling the integrity of the election process.
Computer security experts insist that online voting is far too insecure to be used for public elections.

International: Why voting online is not the way to hold an election in a pandemic | The Economist

On May 3rd, months after Bolivia’s former president Evo Morales was forced to resign, the country was supposed to elect his successor. Because of covid-19, that election has been postponed. Bolivians are now stuck with a caretaker president who seems in no mood to relinquish power. They are not alone. The pandemic is playing havoc with elections worldwide. Britain, France, North Macedonia and Serbia have already postponed ballots of various sorts. Opposition politicians in Poland have called for the presidential contest in May to be delayed; some have called for a boycott if it takes place. Eighteen American states have postponed or cancelled presidential primaries, including New York, which scrapped its primary on April 27th. At this rate, scores of elections may be derailed or disrupted, perhaps even America’s polls in November.

National: States Expand Internet Voting Experiments Amid Pandemic, Raising Security | Miles Parks/NPR

Election officials nationwide are preparing for what may the highest election turnout in modern history in the middle of a pandemic. In response, several states will be turning to a relatively new and untested form of internet-based voting to aid the voters who may have the most trouble getting to the polls. In the latest demonstration of the technology, Delaware will allow voters with disabilities to return their ballots electronically in its primary election next month, becoming the second U.S. state to do so. The decision comes despite grave warnings from the cybersecurity community that the technology doesn’t offer sufficient safeguards to protect the integrity of an election. NPR is the first to report the development, which has yet to be announced publicly. Both the state, and the Seattle-based company administering the technology, Democracy Live, confirmed the decision, although they dispute the term “internet voting” for the cloud-based system. Earlier this year, West Virginia passed a bill to allow the use of the technology for disabled voters, after becoming the first state to allow overseas and military voters to use an app to vote in the 2018 midterms. Delaware will also allow overseas and military voters to use the technology.

National: Weighing the Risks of Remote Voting Technology | Council on Foreign Relations

The spread of COVID-19 has raised serious questions about how Americans can vote without jeopardizing their health. The controversial Wisconsin primary held in early April, in which the state’s Supreme Court ordered election officials to proceed with in-person voting over the course of a single day, was plagued with long lines and crowding. This is exactly the opposite of the social distancing measures that have been put in place across the country to control the virus. Moreover, poor and minority communities in particular appear to have been confronted with a choice between voting and risking their health, essentially disenfranchising large groups of voters. While the option of voting at polling stations during the pandemic still seems to be on the table, some have suggested allowing people to vote remotely over the internet instead of casting their ballot in person. Policymakers may want to consider some forms of remote voting, such as vote-by-mail, but remote voting technology poses formidable security risks.

Editorials: Why can’t we just vote online? Let us count the ways. { The Washington Post

Elections in the United States have been thrown into disarray by a pandemic that makes packing into polling places a risk the country cannot afford to take. Why, some are asking, isn’t voting over the Internet the smartest option in the modern age? Let us count the ways. The greatest threat to democracy on Election Day is hacking, and cybersecurity experts have long agreed that the intelligent response is to take as much cyber out of the security equation as possible. Pen-and-paper ballots let officials count hard copies and compare them with electronic tallies after the fact. Critical infrastructure that’s disconnected from the Web keeps systems further from adversaries’ reach. Putting voting online, of course, follows the precise opposite of this advice. An Internet election presents plenty of penetration points for an enemy to attack. Election officials must figure out how to ensure the security of individuals’ personal devices (many of which are already infected by some sort of malware) as well as how to keep remote adversaries away from a server that’s necessarily connected to the Web. Then there’s the trouble of guaranteeing voters are who they say they are. This task is easier for, say, the Estonian e-government, which issues ID smart cards with advanced authentication capabilities to every citizen — but researchers say even that nation’s vaunted I-voting system is all too vulnerable.

National: Voting in the pandemic: Why mobile applications are not the answer | Brent Hansen/GCN

As we all sit together in isolation, it seems only natural to begin to ask the question of how voting for public office will take place across the U.S.  The prevailing sentiment indicates that some type of new online system in place of in-person or current absentee methods may offer a solution. Popular media is giving voice to opinions from election officials and political leaders that some extraordinary measures must be taken to ensure elections can continue despite shelter-in-place directives. These opinions are tempered with the acknowledgement that such extraordinary measures must have equally extraordinary security safeguards to protect both the integrity of the votes and the personal information of the voters. That’s sensible, but at the same time we must acknowledge that mobile application safeguards are not yet ready.

Utah: Cybersecurity experts warn Utah about vulnerability of online voting | Connor Richards/Herald Extra

As election officials throughout the country prepare to hold elections in the midst of a pandemic, dozens of cybersecurity and computer science experts from various universities and institutes are warning about the insecurities of online and blockchain voting. In a letter sent on Thursday to governors and state elections directors, including Gov. Gary Herbert and Utah Elections Director Justin Lee, experts said that “all internet voting systems and technologies are currently inherently insecure” and that “no mobile voting app is sufficiently secure to permit its use.” “Internet voting is not a secure solution for voting in the United States, nor will it be in the foreseeable future,” the letter reads. “We urge you to refrain from allowing the use of any internet or voting app system and consider expanding access to voting by mail and early voting to maintain the security, accuracy, and voter protection essential for American elections in the face of this public health crisis.”

National: Internet Voting Is ‘Not Secure’ and Blockchain Won’t Help, Warns Scientific Body | Yael Grauer/CoinDesk

As the coronavirus pandemic continues to roil elections and voting officials look for solutions, scientific experts are warning against the dangers of voting online. The American Association for the Advancement of Science’s Center for Scientific Evidence in Public Issues has written an open letter to U.S. governors, secretaries of state and state election directors to express concern about the security of voting via the internet or mobile apps. The AAAS letter has been signed by renowned cybersecurity and computing experts and organizations. It reflects research from the National Academies of Science, Engineering and Medicine, the National Institute of Standards and Technology and other organizations. “At this time, internet voting is not a secure solution for voting in the United States, nor will it be in the foreseeable future,” the letter reads, pointing to undetected manipulation of votes, privacy violations, malware intrusions, and the potential for denial-of-service attacks and other vulnerabilities. Internet voting, which includes voting via email, fax, web and mobile app, has no meaningful voter-verified paper record, the letter states, which makes it impossible to conduct a valid audit of the results.

National: States plan to expand mobile voting amid coronavirus pandemic, despite security concerns | oseph Marks/The Washington Post

Some states are planning to dramatically expand their use of mobile voting in response to the coronavirus pandemic – even as cybersecurity experts warn such systems are unproven and too vulnerable to hacking. Two states will soon announce that they’ll offer voters who have disabilities the option to cast ballots using mobile phones in upcoming primary elections so they don’t have to risk going into polling places, said Sheila Nix, president of Tusk Philanthropies, which is funding the efforts. The option will extend to voters in the military or state residents who are based overseas. “With coronavirus and the uncertainty about what the situation will be in November, a lot of states and jurisdictions are looking for a solution,” Nix told me, but declined to name the states or the mobile voting vendor they’ll be using, because memorandums of understanding aren’t complete yet. Those states will join West Virginia, which became the first to try statewide mobile voting for military and overseas voters in 2018 and has already announced it will expand to voters with disabilities during its upcoming primary June 9. Nix said she’s also talking with about half a dozen other states about potentially using mobile voting for some residents, which would be a significant expansion for a system that has otherwise been tried for just a handful of counties since 2018 and typically just for military and overseas voters.

National: HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers | Sean Lyngaas/CyberScoop

HackerOne, a company that pairs ethical hackers with organizations to fix software flaws, has kicked mobile voting vendor Voatz off its platform, citing the vendor’s hostile interactions with security researchers. It’s the first time in its eight-year existence that HackerOne, which works with companies from AT&T to Uber, has expelled an organization from its bug-bounty-hosting platform, a HackerOne spokesperson said. The decision comes after Voatz assailed the motives of MIT researchers who found flaws in the company’s voting app. “After evaluating Voatz’s pattern of interactions with the research community, we decided to terminate the program on the HackerOne platform,” a HackerOne spokesperson told CyberScoop. “We partner with organizations that prioritize acting in good faith towards the security researcher community and providing adequate access to researchers for testing.” It is the latest security-related setback for Voatz, which is trying to make inroads in a market dominated by traditional voting machine manufacturers. In the last two years, a smattering of U.S. counties have used the Voatz smartphone app in elections to try to improve turnout.

National: Cybersecurity Experts Say Hacking Risk Is High for Mobile Voting | Kartikay Mehrotra/Bloomberg

While Senators Amy Klobuchar and Ron Wyden push to expand vote-by-mail programs, a small group of companies argue for an alternative, one they claim will boost voter participation nationwide: mobile voting. Jurisdictions in at least 15 states are planning to use mobile balloting in a limited capacity in 2020 to account for overseas voters and those with disabilities. Proponents of a digital electorate hope the coronavirus spurs adoption of their technology. The virus has provided an “opportunity,” says Bradley Tusk, chief executive officer of Tusk Holdings and a supporter of mobile voting: “People are being told by the government not to congregate, and that’s a pretty clear directive not to go vote.” Tusk, who says he hasn’t invested in any mobile voting companies, has spent “in the low seven figures” helping local governments cover the costs of adopting the systems. Massachusetts Institute of Technology doctoral student Michael Specter describes Tusk’s position as a “false dichotomy” that ignores postal ballots. He and his colleagues say mobile voting technology is unproven and opens the door to cyber risks. A mobile voting app called Voatz has already been used in federal, local, and partywide elections in Denver, Oregon, Utah, and West Virginia. In a paper published in March, cybersecurity research firm Trail of Bits discovered 79 flaws in the Voatz system, including one that allows someone armed with the proper credentials to alter votes. The paper, funded in part by Tusk and Voatz, expanded on findings published in February by Specter and his MIT colleague James Koppel.

National: Audit finds severe vulnerabilities in Voatz mobile voting app | Benjamin Freed/StateScoop

An extensive audit published Friday of Voatz, the mobile app that’s been used to collect live ballots from overseas voters in multiple states since early 2018, revealed 16 “severe” technical vulnerabilities. These include sensitive user data being exposed to the company’s developers and improper use of cryptographic algorithms, a blow to a company that has staked its reputation on its use of blockchain technology. The audit confirmed the findings revealed last month by researchers at the Massachusetts Institute of Technology who found, among other flaws, that Voatz’s use of third-party vendor to authenticate the identity of its users could compromise the anonymity of ballots the app collects. But unlike other reviews of Voatz’s technology, including the MIT study, the new audit, which was prepared by the cybersecurity firm Trail of Bits, was authorized by the company and Tusk Philanthropies, the venture capital-backed foundation that’s been promoting online voting by funding pilot uses of Voatz around the United States for nearly two years. Among the most glaring vulnerabilities Trail of Bits found was that Voatz had been storing authentication key passwords, which are required to release new versions of the app and could give an attacker an opening to masquerade as Voatz to distribute malware. Researchers also criticized Voatz for its reliance on unvalidated client data and weak security procedures, including a lack of insufficient continuous monitoring and risk-assessment plans. The audit’s executive summary chalks up Voatz’s flaws as a result of the company’s rush to get its app to market.

National: Our Full Report on the Voatz Mobile Voting Platform | Trail of Bits Blog

Voatz allows voters to cast their ballots from any geographic location on supported mobile devices. Its mobile voting platform is under increasing public scrutiny for security vulnerabilities that could potentially invalidate an election. The issues are serious enough to attract inquiries from the Department of Homeland Security and Congress. However, there has been no comprehensive security report to provide details of the Voatz vulnerabilities and recommendations for fixing them—until now. Trail of Bits has performed the first-ever “white-box” security assessment of the platform, with access to the Voatz Core Server and backend software. Our assessment confirmed the issues flagged in previous reports by MIT and others, discovered more, and made recommendations to fix issues and prevent bugs from compromising voting security. Trail of Bits was uniquely qualified for this assessment, employing industry-leading blockchain security, cryptographic, DARPA research, and reverse engineering teams, and having previously assessed other mobile blockchain voting platforms. Our security review resulted in seventy-nine (79) findings. A third of the findings are high severity, another third medium severity, and the remainder a combination of low, undetermined, and informational severity.

Read our Voatz security report and threat model for full details.

Philippines: Comelec to test mobile voting app in the Netherlands, Spain | Leslie Ann Aquino/Manila Bulletin News

Aside from San Francisco in the United States, the Commission on Elections (Comelec) will also test the mobile voting application in the Netherlands and Spain for possible use in future polls. The Comelec was initially planning to conduct the test run in San Francisco, Singapore, and Middle East but decided to drop the last two due to the spread of the coronavirus disease (COVID-19) there. “We will be testing this mobile voting app in San Francisco (United States), Amsterdam (the Netherlands), and Spain,” Comelec Commissioner Rowena Guanzon said in an interview Thursday. “During the test run we will see how fast it is and also the problems before we make a recommendation to the Senate, House of Representatives and the JCOC (Joint Oversight Congressional Committee),” she added. Guanzon believes having a mobile voting app system would be very helpful especially in situations where there is a disease outbreak or natural calamity.

Washington: Senate committee reviewing Secretary of State’s election security bill | Northern Kittitas County Tribune

Secretary of State Kim Wyman’s election-security legislation, Senate Bill 6412, received a hearing in the Senate State Government, Tribal Relations and Elections Committee recently. The bill aims to bolster election security on four fronts — eliminate cyber threats by removing risky electronic ballot-return methods, improve third-party ballot collection, provide post-election security through statistical audits, and appropriate $1.8 million in order to draw nearly $9 million in federal matching funds to augment security. Sen. Hans Zeiger, R-Puyallup, is sponsoring the bill. “These critical election security improvements cannot wait. Cyber criminals are relentless, and in this upcoming, momentous election cycle, voters need to have confidence that our systems are secure and their information will remain protected,” said Wyman. “The race to secure our elections has no finish line, but Senate Bill 6412 propels elections officials in the right direction for 2020 and beyond.” Testifying in support of the bill was Kirstin Mueller, election-security issue chair for the League of Women Voters of Washington. “Over the last few years, detailed cybersecurity reports have been released, outlining what each state can do to improve the security of their elections. These reports have many recommendations in common – ensure a secure chain of custody of voted ballots, require paper ballots that voters have marked by hand or with the use of an assistive device, perform statistically based post-election audits that can catch and correct incorrect election outcomes, and keep all elements of voting and tabulation away from the internet. This legislation improves Washington’s election security in all of these critical areas,” Mueller said. “We believe this bill provides the right balance of access and security, and it protects organizations like the League, who want to help, by providing a way to track ballots.”

West Virginia: Secretary of State opts for different voting application for electronic absentee ballots | Chris Lawrence/WV MetroNews

The Secretary of State’s office will go with a different vendor as they work to expanded electronic absentee voting in West Virginia during the 2020 election cycle. Secretary of State Mac Warner has announced that for the upcoming primary election, West Virginia will use the Democracy Live electronic voting system after testing the Voatz app in the last election cycle. “They’ve been around for a decade. They’ve participated in elections throughout the United States since 2010 and they have a fully compliant A-D-A functionality in their system which allows a voter who is blind or visually impaired to mark their ballot without assistance,” Deak Kersey, general counsel for the West Virginia Secretary of State’s office said. West Virginia was part of a pilot program in 2018 and allowed members of the military stationed overseas to vote via the Voatz App.The Voatz App was on a mobile phone whereas Democracy Live is on a fixed server. According to Kersey, only 144 voters used the App in West Virginia’s 2018 general election and only 13 during the primary. It was a pilot project and a test.

West Virginia: State will NOT use controversial voting app Voatz during primary elections | Internewscast

West Virginia has announced it will not be using the voting app Voatz app after researchers found it is ‘riddled with vulnerabilities’. The US state employed the technology in 2018 to troops overseas and was also set to implement it in the upcoming primary elections for residents with disabilities  However, the flaws, uncovered earlier this month by MIT engineers, give hackers the ability to alter, stop or expose how an individual users has voted. Secretary of State Mac Warner said on Friday that disabled and overseas voters will now use a service by Democracy Live which lets them log in to fill out a ballot online or print an unmarked ballot and mail it in. West Virginia has announced it will not be using the voting app Voatz app after researchers found it is ‘riddled with vulnerabilities’. The US state employed the technology in 2018 to troops oversease and was also set to implement it in the upcoming primary elections for residents with disabilities  The US state was set to employ Voatz following a new bill that requires counties to provide certain individuals with a type of online ballot-marking device that can be used with a smartphone.

West Virginia: After damaging report, West Virginia moves away from Voatz internet voting app | Anthony Izaguerre/Associated Press

West Virginia is opting not to use a widely criticized voting app in the state’s coming primary elections after a blistering report found potential security flaws in the platform. Donald Kersey, general counsel in the West Virginia Secretary of State’s office, said Monday that an MIT analysis of the Voatz app “gave us enough pause” to instead use a different system for the May elections. The decision came as state officials had to choose an online voting system to comply with a new law requiring electronic ballots for people with physical disabilities. Last month, an MIT study found that Voatz, which has mostly been used for absentee ballots from overseas military personnel, has vulnerabilities that could allow hackers to change a person’s vote without detection. The researchers said they were forced to reverse engineer an Android version of the app because the company hasn’t allowed transparent third-party testing of the system. The Voatz app was used to tally fewer than 200 ballots in West Virginia’s 2018 elections and didn’t have any problems, state officials said. The app has also been used in pilots in Denver, Oregon and Utah.

National: MIT Professor: Blockchain is good in itself, but not good for votes | Jonita Singh/Wink Report

Computer scientist Ronald Rivest has said that blockchain is not the right technology to vote, although it may find the right application in a number of other areas. Rivest gave his opinion at the RSA Security Conference, held earlier this week in San Francisco, reported technology-focused news broadcast ITWire on February. 28. Rivest – who is a cryptography expert and professor at the Massachusetts Institute of Technology – called voices an interesting problem that requires a stricter approach compared to many existing security applications. He said:

“Blockchain is the wrong security technology to vote. I like to bring a combination lock to a kitchen fire or something. It is good for certain things in itself, but it is not good to vote. “

West Virginia: State backtracks on using Voatz smartphone voting app in state primary | Kevin Collier/NBC

In a surprise turnaround, voters with disabilities in West Virginia won’t be voting with their smartphone the state’s primary in May. They’ll instead be able to use a system that prints out their completed ballot, which they can then mail in. Friday afternoon, West Virginia Secretary of State Mac Warner announced that disabled and overseas voters will be able to use a service by Democracy Live, which lets users log in to fill out a ballot online or print one out and maig it in. It’s a sudden pivot from the state’s embrace of Voatz, a smartphone app that aimed to boost turnout by letting people vote from their phone but that has been heavily criticized by cybersecurity experts. A handful of counties across the U.S. have offered Voatz to overseas and military voters in federal elections, as the city of Denver did in its 2019 mayoral election. But West Virginia offered it to counties statewide. On Feb. 5, the state passed a law requiring its counties to give voters with disabilities the option of eceiving ballots electronically, starting with the May 12 primary elections.

Canada: Security issues stymie online voting | Constantine Passaris/Winnipeg Free Press

The recent Iowa caucuses debacle reminded me of two things. First, my about-face as a member of the New Brunswick Commission on Electoral Reform with respect to electronic voting. Second, further confirmation that the electronic infrastructure continues to be an impediment in advancing digital democracy. The 21st century has empowered humanity with electronic connectivity and digital dexterity. The information technology revolution has been a catalyst for the kind of transformation that happens at most once every century. Internetization, in the form of global outreach and electronic connectivity, has proven to be a game-changer for society. It has precipitated transformation on practically every aspect of human endeavour. The way we bank, travel, communicate, educate and entertain ourselves, to name but a few, have been profoundly and positively impacted by internetization.

Virginia: Mobile Voting Proposal Has Lawmakers Worried | Danny Bradbury/Infosecurity Magazine

Mobile voting is coming to the US, but is that wise? A proposed Senate bill in West Virginia will introduce electronic voting for people with disabilities, enabling them to cast their vote in the 2020 US election even when they can’t get to a voting station. According to local media, local officials are likely to use an existing mobile tool called Voatz, which allows people to place electronic votes using their smartphones. It’s an app that officials in Virginia already use to register votes for overseas military personnel. However, the use of any Internet-based voting tool goes directly against the advice of the National Academies of Sciences Engineering and Medicine. In September 2018, it published a report that said: “At the present time, the Internet (or any network connected to the Internet) should not be used for the return of marked ballots. Further, Internet voting should not be used in the future until and unless very robust guarantees of security and verifiability are developed and in place, as no known technology guarantees the secrecy, security, and verifiability of a marked ballot transmitted over the internet.”

Editorials: As Washington State’s chief elections officer, I don’t think electronic voting is worth the risk | Kim Wyman/The Seattle Times

The integrity of our elections and our democracy is under attack. Bad actors — both foreign and domestic — seek to damage election infrastructure, manipulate results and sow discourse. Washington has made critical strides in shoring up security for upcoming elections and beyond, but safeguarding our elections is a race without a finish line. With cybersecurity experts warning of the severe vulnerabilities with online or mobile voting, including electronic ballot return methods, I am recommending the Legislature act on a bill I requested to protect Washington voters from cyber intrusion. Currently, Washington allows military and civilian overseas voters to return their ballots by email or fax. Cybersecurity experts, including the Department of Homeland Security, the Federal Bureau of Investigation, the National Security Agency and the Massachusetts Institute of Technology, are imploring states to eliminate these glaring vulnerabilities. Heeding their warnings, I partnered with a bipartisan group of legislators to eliminate email and fax ballot return options for voters serving or living overseas.

Canada: Nova Scotia could see limited internet voting for military with proposed changes | Keith Doucette/The Canadian Press

Limited internet voting for the military and financial reimbursement for candidate expenses related to family care feature in a series of proposed changes to Nova Scotia’s Elections Act tabled Friday. Justice Minister Mark Furey said the changes would reduce barriers to running in elections and make voting easier for members of the military who are serving elsewhere in Canada or overseas. Under the changes, candidates would be reimbursed for extra expenses such as child and spousal care, elder care or care for a person with a disability. “Public service is foundational to our democracy, and my hope is that these changes will reduce barriers to running, especially for women who are primary care givers in so many elements of their family,” Furey said.

Nevada: Will there be more presidential caucus chaos? ‘Nevada is just praying’ | Seema Mehta and Matt Pearce/Los Angeles Times

Dozens of Democratic volunteers scurried around Doña Maria Mexican Restaurant in polite pandemonium last week as they staged a mock caucus to prepare for the real thing on Saturday in Nevada. A dining area filled with cries of “Salma Hayek!” “Jennifer Lopez!” “Salma Hayek!” as the volunteers playfully grouped themselves by favorite celebrity rather than by favorite candidate to familiarize themselves with the state’s caucus process. That was the fun part. But when it came time to actually count votes — not a mere act of addition but a whole range of subtraction, multiplication and division to award delegates — the room fell quiet as participants stared at a whiteboard spreadsheet more than eight columns wide. The complexity of Nevada’s new rules, which now include adding absentee early voters to the mix, had set in. Democratic officials and campaigns in Nevada are desperately hoping to avoid another caucus meltdown like the one this month in Iowa, where campaigns devoted millions of dollars and deployed hundreds of volunteers in the hopes of emerging as clear winners, only to see the results delayed, misreported and still under challenge of recount. In recent weeks, the Nevada Democratic Party ditched a new app it had planned to use to report results and trained caucus volunteers on new procedures. Meanwhile, campaigns pressured party officials behind the scenes to release more information about how, exactly, the state planned to avoid a retread of the Iowa fiasco. “Everybody in Nevada is just praying and focused on not being Iowa,” said Tick Segerblom, a commissioner in Clark County, which includes Las Vegas. “I think we’ve learned our lesson.”

Nevada: ‘A complete disaster’: Fears grow over potential Nevada caucus malfunction | Laura Barrón-López

The process will break down like this: On caucus day, each precinct chair will be given a party-purchased iPad that will have a link to a Google form — dubbed a “caucus calculator” — saved on it. Pre-loaded on the form will be the early vote total from that precinct. The precinct chair will then input vote totals after the first and second votes. Under caucus rules, voters choose their preferred candidate at the outset, known as the first alignment. But if their candidate fails to reach 15 percent, they can switch to a different candidate, or seek to persuade supporters of another candidate who fails to reach 15 percent to help their candidate clear that threshold during the second alignment. The prompts on the Google form are expected to look similar to how they appear on the physical caucus reporting sheet. When the first and second alignments are completed, the totals will be relayed over the cloud to the Nevada Democratic Party via the Google form, which on the back end appears as a Google spreadsheet. Separately, the precinct chair or site lead will take the printed caucus reporting sheets — each campaign must sign off on them first — and call the Nevada Democratic Party boiler room via a secure hotline. (Site leads oversee multiple precinct chairs in caucusing at a single large location.)

Editorials: There’s always a threat to voting online | Huntingdon Herald-Dispatch

It shouldn’t take an MIT genius to figure out that any internet-based voting system can be hacked, but apparently it did. Last week researchers at the Massachusetts Institute of Technology said the Voatz app, which has been used in West Virginia and elsewhere by absentee voters and military personnel, has vulnerabilities that could allow hackers to change a person’s vote without detection. The Voatz developer said the analysts used an older version of the app. It accused them of acting in “bad faith.” So far the app has been used by fewer than 600 voters in nine pilot elections. Voatz was used in West Virginia’s elections in 2018 by fewer than 200 voters. No problems were reported. Last month, the Legislature approved a bill that would allow voters with physical disabilities to use the Voatz app in this year’s election. The bill awaits the governor’s signature or veto.