Lithuania’s Ministry of Justice submitted a bill on Tuesday that, if passed, would allow creating a system for online voting in elections and referenda. According to BNS, the proposed legislation outlines basic principles of online voting, procedures for voters to verify or retract their votes, measures to ensure secret ballot, voter identification as well as requirements for the would-be online voting software.
How convenient would it be if you could vote from the comfort of your own home, at work or if you were out of the country? According to tech experts if you can file your taxes online there’s no reason Canadians couldn’t cast their ballots the same way. … Both he and Jones still aren’t sure the traditional pencil and paper should be replaced with a more modern approach to voting. For Rayner, the single biggest obstacle has nothing to do with the security of the system if internet voting was made available. “The issue is that it’s fundamental to our democratic system that our ballots should be free, free from influence, free from pressure of any kind and that’s why we go to the polls so we that we can be observed making our vote individually without being pressured by anyone.” For Jones, the biggest con of internet voting would be if the system wasn’t secure and if an election could be swept because a technology compromise.
The Philippine government is aiming for a higher voter turnout among overseas Filipino workers (OFWs), but it has shunned internet and mobile phone voting in the 2016 presidential polls. The situation is likely to result in low participation among the one million registered overseas voters who represent 10 per cent of the country’s 10 million OFWs worldwide. “There is no explicit law that allows internet voting in 2016,” said Arthur Lim, head of the Commission on Elections (Comelec) office for overseas voting. The use of the internet and mobile phones is “being explored for future elections,” Lim said. He did not give details of what process was being carried out to make this modern approach a reality.
Much has been made of the proposal to use local body elections to trial e-voting in 2016. Just this week, Dunedin City Council became the latest local authority to vote not to participate in the experiment. Its withdrawal has reduced the original pool of 13 councils interested in the trial to just eight. The small remaining number has raised questions over the financial viability of the experiment, with calls for the Department of Internal Affairs to finance the project, rather than the local councils themselves. The decision by Dunedin Council to withdraw was based around three main themes – cost (put at $165,000 on top of the price of running a ‘standard’ postal vote election), security and access. Whatever online solution is used, there are remaining fears that security cannot be guaranteed. Indeed, the recent scandal involving Ashley Madison highlights such risks and, internationally, there are a number of countries where e-voting has been banned because of such fears.
B.C.’s municipal politicians were so hotly divided about whether to allow Internet voting for the 2018 local elections that they had to hold an electronic vote to tally the results. In the end, it was a squeaker, with 51.1 per cent of delegates at the Union of B.C. Municipalities convention voting in favour of the resolution and 48.9 per cent against. The resolution calls on the UBCM to request the B.C. government to “initiate analysis and legislative changes” to encourage more voters — especially the elderly, disabled, snowbirds and those working in camp — to participate in the democratic process.
The Commission on Elections (Comelec) has ruled out the possibility of conducting Internet voting for the 2016 presidential elections. “Personally, I favor Internet voting, but unfortunately, our laws at present do not allow it,” Comelec commissioner Arthur Lim said Wednesday. According to Lim, there are two pending bills in Congress on Internet voting. However, current preparations for the 2016 polls are already focused on the automation of the elections.
Dunedin City Council has withdrawn from an online voting trial. Councillors made the decision late this afternoon after a three-and-a-half hour debate. The decision makes Dunedin the fifth and last council to pull out of the internet-based voting trial – being organised for a set of councils – because security risks and the cost. Eight councils including Wellington, Porirua and Palmerston North have agreed to pursue the trial at next year’s local body elections.
Wellington is a town of political junkies and digital hotshots. We are the coolest – and smartest – little capital. So perhaps it was obvious what the Wellington City Council would say about having internet elections here: “Of course.” But in fact the council’s decision is wrong. The risks – hacking, mainly – are too great, and the benefits – internet voting is supposed to boost voter turnout – are small. Software expert Nigel McNie warned councillors against internet voting and cited the problem of the Death Star. It had just one little hole of vulnerability, but it was big enough to let a bomb through. Now of course geeks disagree about the risk from hacking. Some say internet voting can be made safe, or as safe as can be reasonably expected. But everyone knows that no system is guaranteed against hackers.
Wellington has been warned it faces an Ashley Madison-style election hack as it opts for online voting for 2016. In a split vote, councillors have agreed to join a trial of online voting for next year’s election – despite warnings from IT experts about potential security risks with e-voting. At Wednesday’s extraordinary full council meeting, software developer Nigel McNie said online voting opened up the process to “massive risk”. “Hacking is a risk. Consider the Ashley Madison hack, which I’m sure most of you have heard of.” He said “one small hole” in the adultery hookup site led to its hack, and eventual destruction. In July, it was revealed about 36 million members globally had their details leaked in the 9.7-gigabyte data dump on the dark web.
Estonians can vote over the internet in their national elections. Brazilians vote using electronic terminals that have Braille on the keypads and that have cut the tabulation time from a month to six hours. Some local British elections have let people vote by text message. It’s the year 2015, after all. So why do Canadian elections still happen the centuries-old way — by marking paper ballots and depositing them in a box? Especially when advocates say higher-tech voting methods could make the process more accessible? “There’s a number of reasons,” said Nicole Goodman, research director at the Centre for E-Democracy and an assistant professor at the University of Toronto’s global-affairs school. Goodman has extensively researched internet voting at other levels of government in Canada, particularly municipal elections in Ontario, where in last year’s contests 97 local governments out of 414 offered online voting. At the municipal level, Canada is a world leader in voting via the internet, Goodman says. But so far, no province or federal electoral authority has attempted it even in a small trial. One reason? “Lack of political will,” Goodman said. Elections Canada, by law, has to takes its cues on how to run elections from Parliament, and no recent government has made it a priority to introduce potentially radical new voting methods — especially one such as internet balloting that might get whole new demographics, including traditionally non-voting youth, to suddenly take part. Another concern that has held back any internet voting system is security. “People want 100 per cent assurance that this cannot be tampered with,” said Jean-Pierre Kingsley, Canada’s former chief electoral officer. “I’m absolutely sure that we’ll be able to find something, but at this stage we’re not there yet.”
Fears of voter fraud and security breaches have led the Christchurch City Council to ditch plans to participate in an online voting trial. The council had provisionally registered its interest in being part of an online voting trial the Government is proposing to run at next year’s local body elections, but councillors on Thursday decided they wanted no part of it. Their decision followed a deputation from a group of IT experts who told them the security risks with online voting were too high and could open the election up to fraud. … Group spokesman Jonathan Hunt, who has more than 25 years experience in the IT field, said online voting brought inherent risks compared with postal voting, such as hacking and phishing, and the risks to democracy were too great to attempt it. Overseas experiences with online voting had generally been disastrous and many of the countries that had trialled it had subsequently abandoned it. “Secure online voting is a tantalising mirage,” said Hunt.
Online voting at next year’s local government elections is in jeopardy after the Christchurch City Council today rejected it. The company hired to conduct the online trial said without Christchurch it might not be viable – and it was rushing to try to reassure councillors and others that such voting is secure from hackers. On Monday, Checkpoint reported IT experts held grave fears about online voting, which has already been agreed to by councils in Palmerston North, Porirua, Whanganui, Rotorua and Matamata Piako. Today at a full meeting of the Christchurch City Council, IT experts pleaded with councillors to reject it based on security fears. One of them, Jonathan Hunt, reeled off a list of overseas examples where online voting has failed.
A proposal for 10 local authorities to move to online voting at next year’s elections is seriously flawed, an IT expert says. Five councils have already signed up to the trial, with a further five, including Christchurch, Wellington and Hamilton, yet to decide. Local body elections are currently carried out via postal voting. Local Government New Zealand, which proposed the trial, said online voting would future-proof elections from the eventual demise of postal services. President Lawrence Yule said an increasing number of activities were carried out safely online and there was no reason why voting should not be as well. “If we took the worry about fraud or hacking to its logical extreme, then nobody would use online banking for instance, and people do by their millions. So I think it’s a matter of balancing up the risks and the benefits of this.” An IT expert, who has previously advised the Government on security problems with online voting, said the trial carried a lot of risk in return for very few benefits. Dave Lane said there was currently no way to guarantee an online voting system would be safe from a hacking attack. “It is possible, for a trivial amount of money … to engage sufficient computing resources internationally to completely knock over any online or electronic voting system we have, just for fun.”
An election lawyer urged the Commission on Elections (Comelec), on Sunday, to scrap plans of employing Internet voting technology for overseas absentee voting (OAV) in the May 2016 balloting in the absence of clear-cut rules on such a scheme. Laywer Romulo Macalintal said for the May 9 elections in next year, the Comelec should just stick to the existing mode of voting for overseas Filipino workers (OFWs) since some provisions of the Overseas Voting Act of 2013 were vague. “Definitely, the election body should wait for clearer provisions of the law allowing Internet voting and its mechanisms,” Macalintal told reporters, citing that under the law, the Comelec has been merely allowed “to explore” Internet-based technology for OAV.
A recent government decision to deny nine cantons the ability to offer e-voting for the upcoming federal elections has come under fire. Critics say it threatens the broader use of electronic voting in the future. In a press release last month, the government said an audit of the electronic voting system developed by American company Unisys revealed major security flaws in the protection of voting secrecy. The machine was proposed by a consortium of nine cantons to be used in the upcoming elections. The government’s decision means that despite significant progress in introducing e-voting to Switzerland in recent years, just four of 13 cantons that applied to offer e-voting during the October parliamentary elections have been authorised to do so. Critics of the decision say that a large majority of the 142,000 Swiss abroad registered to vote will now not be able to do so by electronic means. “The government’s decision is not only incomprehensible, but it is also likely to call into question the people’s confidence in the credibility of e-voting,” says Peter Grünenfelder, chancellor of Aargau and president of the consortium of nine cantons based in the Zurich region that were refused access to electronic voting. Grünenfelder believes that by rejecting the use of the American-developed technology, the government is hoping to support publicly developed e-voting systems, such as the one used by Geneva, rather than private ones. However, government spokesman André Simonazzi rejects this hypothesis and says the cantons have had 18 months to ensure the electronic voting system met the required security conditions. “In the area of protecting voting secrecy in particular, some serious deficiencies were noted,” Simonazzi said. “In the case of a cyber-attack, hackers would have been able to reveal the electors’ vote, which is not tolerable in a democracy.”
What if a foreign head of state had the power to handpick our next President? It sounds like the plot of a movie, but it actually might be in the realm of possibility.Most people take our elections for granted. The few who don’t often suspect that one party might be trying to steal votes from the other. But they don’t envision that the theft could be coming from outside US borders.What experts are telling us, though, is that our voting machines are so insecure that all elections, whether at the national, state, or local level, are vulnerable to being attacked by hackers in other countries. … Given that the security at some of our most protected institutions can be breached, and given that US elections pose an enticing target for our adversaries, what would prevent a foreign agent from hacking our ballot boxes? The answer: Not much. Experts indicate that the election systems in place today do not provide the adequate protection that would be able to stop a foreign hacker — a hacker anywhere, in fact — from rigging our races. Even worse, these attacks could go undetected.
Last week’s guest commentary by Secretary of State Wayne Williams in The Colorado Statesman obscured some important facts. He was responding to criticism of his new rule establishing criteria for the casting of election ballots by email.
Last week’s guest commentary by Secretary of State Wayne Williams in The Colorado Statesman obscured some important facts. He was responding to criticism of his new rule establishing criteria for the casting of election ballots by email.
In it, Secretary Williams implies that the federal government expanded voting by email. He writes, “The federal government, along with the Colorado General Assembly, expanded the electronic ballot transmission for military and overseas voters.” In fact the federal government has neither endorsed nor expanded the return of marked ballots over email. The Military and Overseas Voter Empowerment, or MOVE Act of 2009 (a bill we proudly supported) only directs states to send blank ballots to military and overseas voters electronically, not return of voted ballots That’s because voted ballots could be manipulated or deleted in transit — undetectably. Due to such unsolved security issues, last year Congress eliminated a Defense Department online voting project. The federal agency tasked with helping enfranchise military voters has stated that ballot return by postal mail is the “most responsible” method. In no instance does the federal government encourage states to offer electronic ballot return for military and overseas voters.
In 2006 the Colorado General Assembly passed legislation to permit online ballot return for military voters, but only under the most restricted circumstances. And it did so before most of the public was aware of today’s cybersecurity risks and of attacks in which data and sensitive information of millions of Americans had been compromised.
Aucklanders won’t be able to choose their next council at the click of a mouse. Local Government Associate Minister Louise Upston confirmed that the country’s biggest city wouldn’t feature in a trial of online voting for next year’s local body elections. Officials from the Super City are some of the biggest supporters of a digital voting revolution, but Auckland Council’s catchment has been deemed too big. “A trial that includes all of Auckland and its approximately 1 million electors is simply too large to adequately mitigate these risks,” she said. Stung by a dismal 36 per cent voter turnout in the 2013 elections, Auckland Council has lobbied hard to introduce internet voting. But its campaign has failed. Applications are now only being sought from smaller councils to provide a range of voting systems.
The Mayor of Haaspalu constituency here, Mr Umas Sukles, has appealed to Tanzanians to ensure the October 25 general election is held in a democratic manner for the good of the nation. He made the call here when addressing Tanzanian journalists touring the country. “There is also need for Tanzanian politicians to accept election results once they are defeated,” he said, adding that the majority of politicians have tendencies of not wanting to be out of government leadership even once they have been defeated in elections.
The Swiss cabinet has given the green light for the cantons of Geneva, Neuchâtel, Basel City and Lucerne to offer electronic voting to registered citizens abroad. But proposals by nine other cantons were rejected due to security concerns. Around 34,000 Swiss citizens living abroad who are registered with the four cantons will be able to vote electronically in the federal elections scheduled for October 18. The voting systems in place will allow individual verification of votes and a personalised code provided to voters will help them verify if their vote has been recorded correctly or not.
Colorado is poised to reject the best advice of the Department of Defense, the National Institute of Standards and Technology, U.S. Vote Foundation and almost every nationally known expert as the state expands Internet voting. Although voters read daily headlines of breaches of government and commercial computer systems and emails, Colorado’s email balloting expansion ignores the experts and defies common sense and lawmakers’ directives. Yet Secretary of State Wayne Williams seems determined to use Colorado voters as guinea pigs who will learn what the experts already know — Internet voting is a needless threat to voter privacy and election security. Williams received input from legislators, experts, political parties, non-profit organizations and many individual voters. Feedback has been almost universally negative, except for the Colorado Democratic Party and the Colorado Clerks Association. Scores of voters and organizations, including the Colorado Republican Party, Common Cause, Verified Voting, and the Colorado Voter Group oppose the expansion. Yet proposed Colorado rules will likely permit the expansion of Internet voting for military voters, overseas civilians and military families, regardless of their location or access to mail ballots or polling places. Skiers at Whistler, Air Force Academy professors’ kids at a coffee shop, and officers at the Pentagon could vote over the Internet if they conclude postal mail ballot delivery “is not certain.”
If we can bank and shop online, why can’t we also vote online? This once-common refrain — I certainly used to ask the question — has been answered in recent years by revelations that hackers have penetrated some of our largest financial institutions, retailers, entertainment studios and, of course, the federal government. We can do our banking and shopping online because, as Lawrence Livermore computer scientist David Jefferson said earlier this year, “Financial losses in e-commerce can be insured or absorbed, but no such amelioration is possible in an election. And, of course, the stakes are generally much higher in a public election than in an e-commerce system.” Jefferson’s view that online voting — and especially e-mail — is extremely vulnerable to being hacked, intercepted or manipulated is shared by many experts, including those at the National Institute of Standards and Technology and the U.S. Election Assistance Commission.
“Internet voting” means different things to different people. To many folks, it might mean “click a button, submit, done.” To some—and for our purposes—it means anytime a voted ballot is transmitted in any way, shape or form via the Internet. Whatever the definition, computer scientists tell us that secure online voting is still many years, or even decades, away. For now, they say, using the Internet to return voted ballots can’t be done with confidence. Like it or not, Internet voting is on the minds of legislators and other policymakers. We say that, based on the 13 states that have had legislation in 2015 that deals in some way with permitting Internet voting. Only one has been enacted, Maine SB 552. So voters’ needs and technical expectations may push policymakers toward Internet voting—and at the same time security concerns are holding it back.
A team of researchers in Athens say they’ve designed the world’s first encrypted e-voting system where voters can verify that votes cast actually go to the intended candidate. The process happens on a distributed, publicly-available ledger, much like the blockchain — the peer-reviewed software architecture that underpins bitcoin. The digital ballot box, called DEMOS, decreases the probability of election fraud as more voters use the system to verify their votes. The voting system starts by generating a series of randomized numbers. Each voter gets two sets of numbers, or ‘keys’: a key corresponding to the voter, and a key that corresponds to the voter’s preferred candidate. This is akin to the blockchain’s private and public key combination which authenticates bitcoin transactions.
Why don’t more people vote? Only about 36 percent of the voting population turned out for the 2014 midterm elections, the lowest turnout election since 1942, according to stats from the United States Election Project. That’s a big problem and a group of experts in technology, journalism, civics and elections met at the Belo Center for New Media at the University of Texas at Austin campus last week to discuss how to get more people civically engaged. They participated in an invitation-only daylong conference hosted by the Annette Strauss Institute for Civic Life focused on increasing civic engagement before, during and after elections. The conference featured speakers from Google, Microsoft, Code for America, Rock the Vote, Vox Media, Texas Tribune, the clerk of Travis County and many more.
“Your vote counts” is a snappy slogan just short enough to fit on a lapel button, but snappy is not the same as “secure.” As the 2016 campaign unfolds, there’s renewed interest in enabling voters to vote over the Internet. The notion that choosing a president could be as easy as using a smartphone to order a pizza is tempting to some, but until cybersecurity wizards prove that a vote cast is a vote counted, Internet balloting is unreliably risky. Internet voting has its passionate advocates. One California pundit argues that since his bills, banking, shopping, even the data on his children’s homework is on the Internet, why shouldn’t his voting be there, too. It’s not safe to vote where he shops? Exactly, says David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who was the chairman of the technology committee of the California Internet Task Force.
Those who believe that “voting online is the future” or that it is “possible given current technology” to create a secure online voting system are dangerously mistaken.[1] According to computer experts, Internet voting is vulnerable to cyber-attack and fraud—vulnerabilities inherent in current hardware and software, as well as the basic manner in which the Internet is organized. It is unlikely that these vulnerabilities will be eliminated at any time in the near future. State legislators and secretaries of state who are considering implementing Internet voting, or even the delivery by e-mail of voted ballots from registered voters, should reconsider such measures. These programs would be vulnerable to a variety of well-known cyber-attacks, any of which could be catastrophic. Such attacks could be “launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of U.S. law.” They also “could result in large-scale, selective voter disenfranchisement,” privacy violations, vote buying and selling, and vote switching “even to the extent of reversing the outcome of many elections at once….” The biggest danger, however, is that such attacks “could succeed and yet go completely undetected.”
With the release of The Future of Voting: End-to-End Verifiable Internet Voting Specification and Feasibility Assessment Study by US Vote Foundation, a new reference has been established for the security, usability and transparency requirements essential to the US in any consideration of Internet voting for public elections. Developed by a team of the nation´s leading experts in election integrity, election administration, high-assurance systems engineering, and cryptography, the report starts from the premise that public elections in the US are a matter of national security. The authors assert that Internet voting systems must be transparent and designed to run in a manner that embraces the constructs of end-to-end verifiability — a property missing from existing Internet voting systems.
A push to allow Internet voting in elections is growing stronger along with advances in the underlying technology, but systems are not yet secure enough to use with relative certainty that the vote counts will be accurate, according to a new report. Still, while “no existing system guarantees voter privacy or the correct election outcomes,” election officials could take several steps to significantly improve the security and transparency of Internet voting systems, said the report, commissioned by the U.S. Vote Foundation, an organization that helps U.S. residents vote. Election officials considering Internet voting must embrace an end-to-end verifiable Internet voting system, or E2E-VIV, said the report, released Friday. An E2E-VIV would be difficult to build, but it would allow voters to check that the system recorded their votes correctly, to check that it included their votes in the final tally and to double-check the announced outcome of the election, the report said. An Internet voting system must be transparent, useable and secure, said the report, echoing some recommendations security groups have made about other electronic voting systems. “An Internet voting system must guarantee the integrity of election data and keep voters’ personal information safe,” the report said. “The system must resist large-scale coordinated attacks, both on its own infrastructure and on individual voters’ computers. It must also guarantee vote privacy and allow only eligible voters to vote.”
We are pleased to provide testimony and remarks regarding proposed rule changes to Colorado’s Rules Concerning Elections 8 CCR 1501-5. We appreciate the effort of your office to solicit preliminary comments from the public to inform the draft of the proposed rule changes and were happy to participate in the process. We remain in opposition to Rule 16.2.1(c). However, before addressing Rule 16.2.1(c), we would first like to address proposed new Rule 16.2.8 prohibiting Internet voting because it is inextricably linked to proposed Rule 16.2.1(c).
Public comments voiced significant objection to Internet voting. The Secretary has proposed Rule 16.2.8 which states:
New Rule 16.2.8:
16.2.8 NOTHING IN THIS RULE 16.2 PERMITS INTERNET VOTING. INTERNET VOTING MEANS A SYSTEM THAT INCLUDES REMOTE ACCESS, A VOTE THAT IS CAST DIRECTLY INTO A CENTRAL VOTE SERVER THAT TALLIES THE VOTES, AND DOES NOT REQUIRE THE SUPERVISION OF ELECTION OFFICIALS
Proposed new Rule 16.2.8 unfortunately fails to recognize that email and fax return of voted ballots (permitted and expanded in Rule 16.2.1(c)) is Internet voting and includes all of the inherent security risk of Internet voting. In fact, email (and digital fax) are considered by voting system experts at both the National Institute of Standards and Technology and the U.S. Election Assistance Commission to be even less secure, [1. “E-mails are significantly easier to intercept and modify in transit than other forms of communication.” NIST IR 7551 A Threat Analysis of UOCAVA Voting Systems http://www.nist.gov/itl/vote/upload/uocava-threatanalysis-final.pdf], [2. “Email is about the least secure method of ballot delivery,” Brian Hancock The Canvass – “Internet voting, not ready for prime-time?” Feb 2013 http://www.ncsl.org/Portals/1/Documents/legismgt/elect/Canvass_Feb_2013_no_37.pdf] than the type of Internet voting system described in proposed Rule 16.2.8.