Why Can't Americans Vote Online?

If we were to poll the readers of this article, we would likely find that the vast majority of readers — if not all — regularly shop online, make banking transactions online, fill out registrations and applications online, pay taxes online and maybe even vote for contestants in reality shows online. Yet Americans cannot vote for candidates for public office online.

Credit: Shutterstock

(Image credit: Shutterstock)

Voting online would certainly be a lot more convenient than standing in line on Election Day. Voters could cast their ballots from home or work, and when they had time during the day. It might also increase voter participation in federal, state and local elections, especially among young people.

But experts warn that online voting isn't as simple as it sounds. Even though it has already been tried in a few places around the world, it probably can't be secured. We already worry about hackers stealing our credit cards and our identities. If we voted online, we would have to worry about hackers stealing our elections, too.

The history of online voting

Voting online isn't a new idea. In 1999, then-President Bill Clinton asked the National Science Foundation to look into the viability of online ballots. Arizona Democrats and Alaska Republicans gave online voting a try in 2000 during the primaries.

MORE: Best U.S. Election Apps

In 2000, the U.S. military launched a pilot program to let active-duty personnel stationed overseas vote in domestic elections. Four years later, the program was terminated after an independent report found serious security risks. In 2010, Washington, D.C., experimented with online voting for military and absentee voters, but it was considered a failure as security experts found the system easy to hack.

Voting online would certainly be a lot more convenient than standing in line on Election Day.

Utah Republicans had the option to caucus online during the 2016 primary season. Each voter registered online and, in turn, received a PIN to be used to cast a vote. But the system created long waits for voters confused by the process, reported the The Salt Lake Tribune.

Several countries have experimented with online voting, but none has forged ahead as far as the tiny Baltic country of Estonia, where nearly a third of ballots are cast online. But Estonia's elections don't look anything like those of the United States, where more votes are cast in some cities than in all of Estonia.

The Estonian online voter must plug a national ID card — mandatory for all Estonians older than 15, and each of which has an embedded encrypted chip — into a card reader attached to his or her computer. It sounds secure, but two independent assessments, led by Verified Voting in 2011 and the University of Michigan in 2014, found serious flaws with the system.

"What we found alarmed us," wrote the authors of the 2014 report. "There were staggering gaps in procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers, such as Russia. These attacks could alter votes or leave election outcomes in dispute. ... We urgently recommend that Estonia discontinue use of the system."

Estonia has instead beefed up the cryptography on its chips, although both reports said the greatest weakness was the servers that counted the ballots.

What has taken off in the U.S. is online voter registration. According to the Brennan Center for Justice at New York University School of Law, 39 states have or will soon have online voter-registration opportunities, and residents of 34 states can look up their voter-registration information online.

If we voted online, we would have to worry about hackers stealing our elections.

"Automatic voter registration is the gold standard of modernized registration," the Brennan Center's website said. "It builds on other reforms to bring voter registration to the 21st century — which are increasingly commonplace across the country."

Yet even online voter registration carries risks. In August 2016, the FBI revealed that foreign hackers, possibly working from Russia, had breached voter-rolls databases in Arizona and Illinois. If online voter registration is the gold standard, would online voting be the platinum standard? Right now, it appears to be the invisible standard.

Credit: Shutterstock

(Image credit: Shutterstock)

Making voting as easy as shopping on Amazon

Despite the security risks, there are many proponents of online voting. Some argue that online voting would boost turnout and grant political power to groups that traditionally don't vote as often as others.

"Online voting would eliminate voting barriers for many different communities, including people with disabilities and the elderly, who have a hard time getting to the polls," said S. Nadia Hussain, program director for Vote Everywhere, an advocacy group that, according to its website, seeks to "strengthen democracy by leading long-term voter engagement, public policy and social justice initiatives."

"People can often take for granted that they can find their polling place, walk in and vote," Hussain added. "However, not all polling places are disability accessible even though legally, they should be."

Hackers anywhere in the world could take advantage of a vulnerability in voting software and could potentially decide the president and other political leaders.

"It's still not perfect, since online voting does require a computer and internet," she said," but it does open up more options, which is very important to the population in general."

Cyber the Vote, a blog that advocates online voting, dismisses concerns about ballot security as a smokescreen devised by politicians who want to keep people away from the polls.

"Our inability to modernize has been due to a variety of causes, led by an election administration and integrity culture that is resisting automation," Cyber the Vote publisher Rob Weber wrote on the site in June.

"Both the media and the public have a warped view about voting convenience," Weber added. "We see long lines as an expression of patriotism. ... . What we almost never see are all the voters who walk away from those lines and don't vote."

Credit: Shutterstock

(Image credit: Shutterstock)

Only as secure as the rest of the internet

Technical experts see things differently. Online voting won't work, they argue, not because political forces are out to disenfranchise the young, the elderly or the disabled, but because it simply can't be secured.

Securing our votes isn't the same as securing our financial transactions, said Kevin Du, professor of computer and network security at Syracuse University and a member of the Institute of Electrical and Electronics Engineers.

"Banks have money, but spend a lot of time to protect infrastructure," Du said. "If they lose something, they can write it off, because it's money."
However, voting is different because we're talking about power, and power is difficult to quantify.

"I can imagine this will become a huge business for hackers," Du said. "If voting is online, it's more beneficial — they can change your vote, they can deny someone from voting, they can do a lot to mess with power."

MORE: Trump vs. Clinton on Your Digital Security, Privacy

We've already seen how low technology — the hanging chads in Florida's 2000 presidential vote, for example — could alter the balance of power, and that was by voters in a single state. Hackers anywhere in the world could take advantage of a vulnerability in voting software and could potentially decide the president and other political leaders.

Based on how frequently government agencies have been hacked in the past few years, chances are good that malicious actors will have little trouble getting into the networks — as the FBI recently warned may already have happened.

"There's no way with any reasonable amount of resources that you can guarantee that the software and hardware are bug-free and that they haven't been maliciously attacked," Stanford computer-science professor David Dill stated in June in Futurity, a science-news website run by five dozen English-speaking universities worldwide.

Online voting would eliminate voting barriers for many different communities, including people with disabilities and the elderly, who have a hard time getting to the polls." — S. Nadia Hussain, program director for Vote Everywhere

"Voted ballots sent via Internet simply cannot be made secure, and make easy and inviting targets for attackers ranging from lone hackers to foreign governments seeking to undermine U.S. elections," reads the website of Verified Voting, a nonprofit group dedicated to transparent and accurate elections. "There is no way to guarantee that the security, privacy and transparency requirements for elections can all be met with any practical technology in the foreseeable future."

Unless voters demand online voting, or until security professionals find a way to improve the security of internet voting systems, expect to continue to see long lines at the polls on Election Day for years to come.

Sue Marquette Poremba is a security and technology writer based in Central Pennsylvania.
  • ComputerSecurityGuy
    18594727 said:
    Why can't we vote online? You might be surprised, but many computer-security and electronic-ballot experts are dead set against the idea.

    Why Can't Americans Vote Online? : Read more
    Considering the dreadful insecurity of our current voting machines, paper ballots are a good idea.
  • Faux_Grey

    Getting people a unique authentication token-typesque whilst proving they're actually eligible to vote would be more of a hassle than just going to vote in person.
  • Ralston18
    And (setting aside the more than valid security concerns) there are still many people whose internet access would simply not be up to the task under heavy use. And any sized power outages, wherever and for whatever reason..., would wreak havoc.

    A hardcopy, paper trail is needed.
  • hotdogee
    Use the Blockchain as the database (the technology behind Bitcoin), and issue new chip and pin driver licenses with hardware private key and public API to verify signed documents (votes in this case).
  • ZoZo2
    The fundamental flaw of online voting for critical elections in any proper democracy is by far not IT security at all, nor even technology-related. It's such a bad flaw that you shouldn't even get to the point where you start talking about the challenges in IT security. I'm saying this outright: this whole article is off-topic and *completely pointless*.

    The main problem with online voting is that it can happen outside a voting booth. That right there violates the secrecy of the ballot. It means that people's privacy is no longer guaranteed by the state and they can therefore be put under pressure or influenced to vote a certain way. That invalidates the election for any self-respecting democracy.
    For this reason, online voting is unacceptable and should remain so. Electronic voting within a state-operated voting booth however is admissible, and does raise questions about IT security.
  • Christopher1
    We should have internet voting at this point. The "What if the systems are hacked!" are mooted if they issue everyone a very long identification number so that we can verify that only the person in question is voting for themselves.
  • USAFRet
    2 considerations. Security and Secrecy.

    SecurityOne of the standard maxims of software development is "Never trust the client computer"
    While I may mostly trust my personal system, I really, really do not trust yours.

    People without a computer will be funneled to a local neighborhood bank of systems to vote "online". Would you trust those systems? I wouldn't. Not even a little bit.

    Secrecy"If you wish to keep your job, bring me your verified printout that shows you voted for Candidate X"
    {Candidate X, of course, is my brother in law who is going to approve the new zoning law which will help me crush my competition)

    An election, at whatever level, is far too big a target to allow even a hint of those things happening.

    As a software professional who is dead set against the idea, I am not surprised in the least that many others are also dead set against it.
  • mjslakeridge
    "It's not the people who vote that count. It's the people who count the votes." Joseph Stalin
  • Dark Lord of Tech
    Plain and simple FRAUD would be rampant , more than it already is.
  • mjslakeridge
    The current administration has proposed designating the 9,000+ local voting jurisdictions "critical infrastructure" and putting it under the control of Homeland Security to "protect" the integrity of the voting process. Sound like a good idea comrade?