Venturing to Vote Online
European governments experiment with Internet elections
Who will ever forget the endless examinations of Florida’s paper ballots and the debates over “hanging” and “pregnant” chads after the 2000 U.S. presidential vote? Florida’s saga continued in September as technical glitches with new touchscreen voting machines marred gubernatorial primaries. In this digital age, there would seem to be an obvious fix to the problems created by Florida’s voting machines: Internet voting technology.
But two years later, as the country again goes through an election cycle, talk of modernizing the U.S. system with technologies such as Internet voting has remained just that-talk. The inaction, experts say, is largely a product of inertia, funding shortages, and concerns about privacy and computer hacking. Because the nation’s public computer networks were designed for openness, not privacy and security, “you can’t trust any [election] system on the Internet,” maintains Peter Neumann, a scientist at SRI International in Menlo Park, CA.
Although banks and other businesses have found secure ways to conduct transactions online, Internet voting technologies must really be fail-safe, says Lauren Weinstein, cofounder with Neumann of People for Internet Responsibility. “Banking online has a lot of holes, but when there is an error, it will be revealed.” He explains that customers notice problems on their credit card statements, and they receive a reminder if a bill goes unpaid. Voters, on the other hand, usually have no way to check whether their vote was recorded correctly.
Yet Internet voting is making headway in Europe, where national and municipal governments are pushing ahead with multimillion-dollar projects. “There are issues,” says Paul Waller, director of e-democracy in the United Kingdom’s Office of the e-Envoy, a cabinet office that puts government services online. “[But] the fact that they exist does not stop us from moving ahead and doing lots of research.” In local elections last May, the United Kingdom conducted 16 pilot programs that involved voting or counting ballots electronically. Last year, the Swiss government launched a $20 million initiative to develop electronic voting systems. Three cantons, or states, are experimenting with e-voting, and the canton of Geneva says Internet voting will be available to its citizens next year on a trial basis. Italy, too, is testing a large-scale Internet voting system and will publish a report assessing the experiment early next year.
The European pilot programs are designed to test solutions to a number of the problems inherent in Internet voting, from confirming the identity of voters to guaranteeing voters’ privacy and protecting online systems against hackers. Identifying voters so that no one can gain access to another person’s login and password information and thereby vote more than once is one of the biggest challenges. Geneva officials sent each voter a card with a 16-digit code and six alphanumeric characters under a scratch-off seal; to vote online, residents entered the codes along with their birth dates and municipalities of origin. Because the cards arrive by mail and voters get new codes for each election, large-scale fraud is difficult, according to Michel Chevallier, the project’s communication manager.
Italy expects to use smart cards to identify voters. Plans are already in motion to replace Italians’ national identity cards over the next few years with cards that include a silicon chip that stores personal identification data. A Milan-based partnership sponsored by the European Commission is building an online voting system that will allow Italians to pass their cards through electronic readers, enter their passwords, and vote.
Preventing hackers from gaining access to voting data as it travels over the Internet is another concern, one that banks and e-commerce companies such as Amazon.com know well. Geneva’s system encrypts both votes and voters’ identities to make in-transit data impenetrable to intruders; Italy’s pilot program is using a similar approach. The United Kingdom is considering a different twist: each voter in a test district would receive a unique code for each candidate. Even if hackers intercepted voting data, they would not know how to interpret the codes or adjust them to alter election results, explains Waller.
Once votes arrive and are finally recorded in a central database, they still need protection from hackers who might steal information on who voted for whom or tamper with results. The plan in Geneva is to separate people’s identifying information from their votes and scramble the order of the votes, making it “impossible” to trace how people voted, according to Chevallier. “Safety procedures never link a voter and the content of his or her vote,” he says.
Critics, however, say that the same techniques that safeguard privacy and anonymity can make it difficult to review election results in the case of irregularities. Conventional voting that uses paper ballots, punch cards, optical scanning, and mechanical lever machines guarantees anonymity and also leaves a paper trail that officials can later follow; e-commerce and online-banking transactions also generate copious records. But electronic votes can be altered without leaving any sign of tampering. “There is a conflict between anonymity and auditability,” says MIT computer scientist Ronald Rivest, who is researching the problem.
Indeed, some experts question whether the early results in Europe add up to real progress toward Internet voting. The European tests have involved “inconsequential elections,” says Paul Herrnson, a professor of government and politics at the University of Maryland. “I don’t view that as momentum.” Herrnson believes it will take years to overcome the technology and policy hurdles to Internet voting.
But if the U.S. Congress approves a pending bill* that would give state and local election agencies billions of dollars for new voting technologies, the momentum could pick up quickly. At least two startup companies, VoteHere in Bellevue, WA, and Election.com in Garden City, NY, say they’re ready to help U.S. state and county governments conduct public elections. And online voting in the United States already has gained a foothold in the armed forces: service members around the world were able to vote over the Internet in the 2000 presidential election. “Once the door is open through the military, [Internet voting] is just going to continue. Within 10 years we should have a decent system,” predicts MIT political scientist Stephen Ansolabehere.
As voters in this November’s elections face old-fashioned paper ballots, lever machines, and punch cards, the future of Internet voting in the United States remains too close to call. But Ansolabehere, for one, believes change is likely. And in the end, he predicts, it won’t be driven by academics or policymakers, but by beleaguered U.S. election commissioners who see how much Internet voting could simplify their jobs.
*UPDATE, 10/17/02: The U.S. Senate approved the bill, which had already been passed by the House of Representatives, on October 16. It authorizes $3.9 billion in federal aid for election system upgrades over the next three years. President Bush has indicated that he will sign the bill.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today