Voting in West Virginia just got a lot more high-tech—and experts focused on election security aren’t happy about it. This fall, the state will become the first in the US to allow some voters to submit their federal general election ballots using a smartphone app, part of a pilot project primarily involving members of the military serving overseas. The decision seems to fly in the face of years of dire warnings about the risks of online voting issued by cybersecurity researchers and advocacy groups focused on election integrity. But even more surprising is how West Virginia officials say they plan to address those risks: by using a blockchain. The project has drawn harsh criticism from election security experts, who argue that as designed, the system does little to fix the problems inherent in online voting. We first heard of the West Virginia pilot in May, when the state tested a mobile app, developed by a startup called Voatz, during primary elections. The test was limited to overseas voters registered in two counties. Now, citing third-party audits of those results, officials plan to offer the option to overseas voters from the whole state. Their argument is that a more convenient and secure way to vote online will increase turnout—and that a blockchain, which can be used to create records that are extremely difficult to tamper with, can protect the process against meddling.
But that premise has been controversial from the start. After two fellows from the Brookings Institution penned an essay praising West Virginia for pioneering the use of blockchain technology in an election, Matt Blaze, a cryptography and security researcher at the University of Pennsylvania, pushed back hard. It’s not that blockchains are bad, said Blaze, who testified (PDF) before Congress last year on election cybersecurity. It’s that they introduce new security vulnerabilities, and securing the vote tally against fraud “is more easily, simply, and securely done with other approaches,” he said.
Blaze and many other election cybersecurity experts oppose online voting of any kind because, they feel, it’s fundamentally insecure. Although a number of countries have embraced the practice, in 2015 a team of cryptographers, computer scientists, and political scientists looked closely (PDF) at the prospect of internet voting in the US and concluded that it was not yet technically feasible. Protecting connected devices against hacking is hard enough, and, even if that could be achieved, developing an online system that preserves all the attributes we expect from democratic elections would be incredibly difficult to pull off.