“If the software-hardware industry is this bad across the board, this does not bode well for new offerings to magically be highly safe, secure, and robust,” says security researcher Peiter Zatko, better known as Mudge, who has worked for the US government and private sector. “Think about the small organizations trying to trivially solve these basics that the entire field can’t get right yet. And also the intricacies of regional and national voting while retaining secret ballot aspects and without discriminating. Yikes.”
For example, helpful as Democracy Live’s AWS secure cloud and anti-tampering PDF protections may be, they aren’t a security panacea. If voters submit their ballot through the cloud, they have no way of confirming that the subsequent printout made by an election official accurately reflects their vote. And if post-election audits are based on that paper trail, they won’t be able to catch tampering that happened before the printouts were made.
“It’s no different than printing out a ballot image from a paperless direct-recording electronic voting machine,” says Lawrence Norden, deputy director of the Brennan Center’s Democracy Program at New York University School of Law. “It’s meaningless if the electronic record has already been hacked.”
Democracy Live launched in 2008 and has been piloting its ballot return cloud portal since 2010. The company says its secure portal has been used in over 1,000 elections in 96 countries. But security experts emphasize that an organization’s history of participating in uneventful elections isn’t itself evidence that a given system is secure.
Still, Finney argues that a purpose-built cloud voting portal is more secure than the ad hoc digital voting that already exists in the US. And other online voting proponents emphasize this point as well. Nineteen states and the District of Columbia allow a relatively small number of overseas voters to return ballots by fax or email. Seven more states allow returns by fax alone. The patchwork stems from efforts to comply with federal laws designed to give military members and citizens abroad adequate time and opportunity to vote.
“The ballots themselves are still paper ballots which must be printed, completed by hand, and scanned, if they are to be emailed,” says Debra O’Malley, a spokesperson for the Office of the Secretary of State of Massachusetts, which oversees the state’s elections. “Generally, cities and towns receive only one or two such ballots per precinct, if any. Of course, there are always more in presidential elections and in those communities with more military or overseas voters.”
Verified Voting, an organization that promotes election system integrity and best practices, advises against any internet-enabled ballot return method. But even more so than relatively niche cases, the group is concerned about large-scale expansion of internet voting to millions of people with disabilities or all US voters.
Delegate Porterfield of West Virginia says he has faith that Democracy Live’s remote digital voting system is secure, especially given the limited number of people who will use it.
Security professionals “have done an excellent job in trying to keep us secure for the limited amount of votes this should impact with people with disabilities,” he says. “Because let’s be honest, a very small portion of our population do have a significant enough disability where they’re going to vote digitally.”
The organization funding the Democracy Live pilot in West Virginia, though, Tusk Philanthropies, has much more ambitious long-term goals. The charitable arm of venture capitalist Bradley Tusk’s Tusk Holdings, the group has a stated mission “to allow people to vote in elections on their phones.” To do this, it works with state and local election officials around the country to fund mobile voting pilots using vendors and platforms that the officials vet and select. Tusk Philanthropies president Sheila Nix says that realistically she knows the whole country won’t embrace online voting this year. But she hopes to make progress toward the organization’s goal of widespread mobile voting by 2024.