Internet voting is a terrible idea, an invitation to all kinds of voting fraud. There are limitless ways of intercepting and corrupting signals en route to, and within, polling stations. Given any scheme for safeguarding such transmissions, clever hackers can devise techniques to circumvent them (not to mention corruption by insiders). Note how even carefully guarded governmental and financial systems on the internet are often penetrated. The battle between pernicious hackers, spammers, and computer-security people is unending.
Also bad is voting by mail, and other forms of early voting. These are seldom, if ever, implemented with proper attention to chains of custody, and also facilitate intimidation and bribery of voters.
DRE (touchscreen) e-voting machines are vulnerable to fraud and error, and there is no reliable paper ballot back-up. While optical scan e-voting machines do have the advantage of voter-marked paper ballots, they too have been shown to be highly vulnerable to rigging. There is no feasible way of ensuring that the machine-reported results are not fraudulent. Hand recounts of the paper ballots are rarely used to verify machine results.
The great majority of e-voting machines are made by one of just a few companies, none of which are renowned for either competence or integrity. They make every effort to keep the machine designs and programs secret. For example, click here.
No effort is made at any level of government to ensure that e-voting machines are not rigged for cheating. So-called "certification" of e-voting machines of the types now in use is carried out by private companies that report to the vendors. Their stated function is to look for faults that would affect the accuracy of the outputs. They do not even pretend to look for surreptitious software or hardware features.
Indeed, while careful testing might detect many cheating schemes, the possibilities for fraud are boundless. There are no practical approaches that could truly ensure that a particularly machine is clean in this respect.
Comparisons with automated teller machines are meaningless. It would be easy to determine if such a machine cheated you. Count the money, look at your monthly bank statement. But there is no way for you to verify that your vote was actually counted as cast in an e-voting system.
Almost all public discussion of e-cheating--and there isn't much of it--is about software, usually source code. There is little mention of assemblers, loaders, object code. Almost none about cheating schemes involving hardware, or even BIOS.
There are e-voting schemes that make it possible to detect problems after the polls close, but none of these have been thoroughly implemented. The simplest idea is to have the results from some randomly chosen subset of machines hand-counted (of course this can be done only for optical-scan systems, where there are hand-marked paper ballots; the paper ballots printed by touch-screen machines cannot be assumed to be valid). If the results don't match the machine count, then there could be a recount of all the ballots for the election. This should be done by hand, publicly, under the eye of independent observers and representatives of competing political entities.
The value of this method depends on the random choice of the machines to be checked being truly random, and on the number checked. There are very few, if any, states where this process is carefully executed.
Recounts can also be triggered if the victory margin in a race is very small (well under 1%, and, more likely, under 0.2%). In practice, such recounts are very rare in important races. I know of no case where a recount was done in a significant election when the victory margin was not extremely small. So, a cheating scheme that creates a victory margin exceeding 1% will almost certainly not trigger a recount.
We need a voting system that can be operated by ordinary people to get the counts right on election day, rather than depending on complex methods to detect and correct fraud or error days or weeks later. Note, incidentally, that even if the results of some instance of machine fraud are detected and corrected well after election day, it is highly unlikely that the perpetrators will be identified, or even that it will be evident that what happened was due to fraud rather than error. So there won't be much deterrence, even if a particular effort at fraud is thwarted.
The e-voting problems that we read about almost invariably involve machine breakdowns, or absurd errors, such as vote totals exceeding the number of voters, or blocks of votes for candidates A and B switched, due to crude blunders by poll workers or technicians, or gross machine faults. By definition, we do not read about successful machine fraud that might change voting totals by a few percent, or more without leaving a trace. This may be because this hasn't happened yet, or because the cheating schemes worked well.
Even where polling-place officials and poll watchers are honest and competent, wholesale fraud is feasible if e-voting systems are used. But, there is a practical solution. In precincts where voting is on hand-counted hand-marked paper ballots, fraud is still possible, but only if the poll watchers (representing competing political parties) are corrupt, careless, or incompetent.
There are states, and even nations, where various kinds of e-voting systems are used, even including an internet-voting system in Estonia, without obvious signs of chicanery. Many people there are happy to use them and praise them for their convenience. But they have no way of knowing whether or not the reported election counts are valid.
It makes no sense to put our democracy at risk by making the validity of our elections hinge on the use of systems so vulnerable to being corrupted. The alternative, manual systems, used in many New England precincts, in Canada, and in most other industrialized countries, may strike some people as being Luddite, but they certainly beat the faith-based vote-counting systems now dominating the US election scene.
1 | 2
