Into the (Voting) Wild

We mentioned in our Midterms predictions post that Alaska is likely to get some more, uh, northern exposure on Election Day this year because of its tight U.S. Senate race, but also because of its online voting system. It’s the only state in the union where any absentee voter (many states allow overseas residents and military members serving overseas to file via eMail) can vote by electronic transmission. What Alaska calls its “secure online voting solution” is the closest thing to widespread Internet voting the country has seen yet. 

To shorthand it, you: 

• Receive a link via eMail from the State’s Division of Elections;
• Download a ballot, mark your choices, save it as a PDF; and then
• Upload it (with an affidavit saying you are in fact you) to the Division Office server.  

But here are the concerns. In the fine print on the Elections Division website, it says:

“When returning a ballot through the online secure voting solution, you are voluntarily waiving your right to a secret ballot and are assuming the risk that a faulty transmission may occur.”

Wait, what?! Yep, someone at the Elections Division has to download and print your ballot on special paper so it can be counted via optical scanner, and also verify your “voter I.D. certificate.” So, with a glance they could figure out who you are and how you voted. So, no more “secret ballot” that way.

And more alarmingly – you’re “assuming the risk that a faulty transmission may occur.” Faulty transmission covers a lot of territory, like maybe as big as Denali National Park. That could be anything from one of those 404 Error codes, to malicious hacking, to spam filters to a Palin party gone wild. Your vote doesn’t get transmitted? Too bad, so sad. 

And the problem about the “secure online voting solution,” is that we don’t know much about it. It is a proprietary system built by SOE a U.S. subsidiary of Scytl, the Spanish voting technology firm, in which Microsoft co-founder Paul Allen recently invested $40 million [WSJ]. It is not open-source, it is black box; we can’t see inside it. In its bid and procurement process for the online system, Alaska said “it included a thorough review of Scytl’s technology and security measures.” But Alaska’s system hasn’t been reviewed, to our knowledge, by any outside independent review body (e.g., National Institute of Standards and Technology). We don’t know exactly how it works, so we have no way of knowing how secure it is, or isn’t. That raises our eyebrows here at the TrustTheVote Project.

Maybe the Scytl system for Alaska works superbly, but no one save perhaps some Alaskan government officials and Scytl/SOE really know. And that’s one reason we at The TrustTheVote Project are putting our energies behind an open-source approach to elections administration and voting technologies (and nothing that handles ballot casting over the public Internet) that will be transparent and low-cost for election administrators around the country.