Internet voting is not yet feasible, researchers from the National Institute of Standards and Technology have concluded. “Malware on voters’ personal computers poses a serious threat that could compromise the secrecy or integrity of voters’ ballots,” said Belinda Collins, senior advisor for voting standards within NIST’s information technology laboratory, in an May 18 statement. “And, the United States currently lacks an infrastructure for secure electronic voter authentication,” she added. Collins released the statement in response to an inquiry from Common Cause, a Washington, D.C. nonprofit active in campaign finance and election reform.
Unresolved technological problems means Internet voting should not yet be deployed to U.S. elections, a Homeland Security Department cybersecurity official told a conference of election officials and watchdogs. “It’s definitely premature to deploy Internet voting in real elections,” said Bruce McConnell, a senior cybersecurity counselor, speaking before the Election Verification Network conference in Santa Fe, N.M. on March 29. “The security infrastructure around Internet voting is both immature and under-resourced,” McConnell told the audience, citing National Institute of Standards and Technology internal reports that summarize technical research on particular subjects. NISTIR 7770 (.pdf), which addresses security considerations of remote electronic voting, states that “achieving a very strict notion of ballot secrecy remains a challenging issue in remote electronic voting systems,’” McConnell noted.