Thursday, May 22, 2014

Jeff Drobman for California Secretary of State!

On June 3d, Californians will vote in the state’s Primaries. Among the many offices and issues will be the vote for Secretary of State (SOS). If one of the half dozen candidates receives over 50% of the vote, he (no women in that contest) will likely take the office in the November 4th general election. But if no hopeful gets over half the vote, then the top two contestants will compete for the spot in the general election.

One of the SOS’s primary responsibilities is to supervise the state’s election process. This state has numerous election related problems. There are more than 8 million Californians who are eligible to vote but not registered. The state ranks 47th in the US for voter turnout. For example, about $19M was spent in a highly contested election for the mayor of Los Angeles in 2013, but a paltry 21% of registered voters turned out to vote.  

Boosting Turnout
All the current SOS candidates agree that both turnout and registration are too low. They all agree that California’s efforts to have all registration done online is a positive step. But they differ over ways to boost turnout. Have a Voting Holiday? Hold the election on a weekend with polls open on Saturday and Sunday? Start early voting at polls a week before Election Day? Let people register and vote at the polls on Election Day? Have polling places open for 24 hours?

Duh! If we can bank online, shop online, guide the flight of satellites a million miles in outer space, why can’t we vote online? If voting had 21st Century convenience, doesn’t it stand to reason that more people would vote? The trek to the polling place can be time consuming, with traffic and finding parking, only to wait in line to vote, and then take the return trek home. What about all those folks who have to rely on public transportation? Should they have to give up work just to wait all day for busses, and then stand in line to vote?

Costs of Election Administration
In every election more and more voters are voting by mail, because they appreciate the convenience. But the administrative expenses for the state are huge. Paper, printing, extra clerks to count it, ballot storage. Add these expenses to the costs of renting and staffing polling places, and the various electronic machines that have to be maintained and securely stored when not in use. According to a report by the experts at CalTech, such administrative costs for California in a presidential election can easily exceed $300M.  

Ms. Bowen’s Flop
Unfortunately, termed out Secretary of State Debra Bowen did nothing, zip, to improve the state’s embarrassing level of voter participation, or to make voting more convenient, or less costly. Bowen was captured by anti-Internet voting extremists, and frightened by them into supporting the silly notion that every vote should have a paper record, or Voter Verified Paper Audit Trail. She needed this Paper Security Blanket to feel comfy. But in reality, all the problems of boxes and boxes of paper continue - even though SOS Bowen’s self-deception made her feel good. Besides the aforesaid costs, paper ballots in big piles can get lost, selectively discarded, misplaced, or miscounted by blurry-eyed clerks working late. Fake records can be slipped into the piles.

But with the right precautions, such as using military style encryption and dedicated servers, Internet voting can be phased in by each county using it only when its voters are ready for it. At first it can be used to supplement vote by mail, and polling place voting. That is what scores of cities in Canada are doing. This year, 89 cities in Ontario will employ online voting along with voting by phone, and paper ballots at a few polling places. Debra Bowen was so snug in her Paper Security Blanket, that she, like Dean Logan, Registrar of Voters in Los Angeles, could just pretend the Canadian experience doesn’t exist. Such intentional ignorance by an elected official is unacceptable.

A Sampling from the Field of Candidates
Alex Padilla
I’m not voting for Alex Padilla. He, like Bowen and Dean Logan, is misinformed about, and thus afraid of, online voting.  For example, when asked about online voting, he told Fox News, “We don’t want to live in a world where people know how you voted.” But, in truth, voter privacy has never been violated in an online election for public office!

Also, I agree with an LA Times editorial which warned that “Padilla sees the job merely as a steppingstone to higher office.”

David Curtis
Although I’m a registered, card carrying Green Party member, I’m not voting for David Curtis. He is too wishy-washy. And tries to be all things to all people.

For example, when I asked him, he told me, “I am in favor of an online voting option for people who are comfortable doing that. The state could issue PINs to voters.”  

I happily put that out on Facebook and Twitter. But then, when the criticism came, he flip-flopped, and wrote on his blog, “I have no position on online voting.”

Anyone who caves so easily has no leadership in him!

Pete Peterson
The LA Times Editorial Department has endorsed a Republican for the office, Pete Peterson. What?! The Party of Voter Suppression, Voter IDs, restrictive ballot access laws, Karl Rove and the Koch brothers? Oh yeah, lets put the Party of the Fox in charge of the Hen House! What were they thinking? I’m definitely not voting for him.

Jeff Drobman
I’m voting for Jeff Drobman in the June 3d Primary, and here’s why:
Jeff is the only candidate with vision and courage.

A Software Engineer with a Ph.D. from UCLA, Drobman understands the online voting security issues. He knows that it’s been done over 100 times around the world without security breaches, and he knows that it can be done in California, too.

Drobman told The Daily News that his top priority will be to bring online voting to the state. “I have been working on this for 10 years, and it became apparent to me the only way to change things is to run for secretary of state,” Drobman said. “My attitude is we need an engineer and a software developer who can bring this about.” 

The SOS office is a “Bully Pulpit,” as Teddy Roosevelt used to say of the presidency. Drobman is the only candidate to show that he has the guts to get out in front of a needed voting reform and lead. In SOS Candidate Forums, Jeff pulls out his cell phone and challenges the other candidates to say why Californians can’t vote on this. Needless to say, they are all too busy texting or checking the shine on their shoes to answer.


To learn more about Jeff Drobman, check his really cool slide show at,

He is on Facebook at,

Ballotpedia at,

Best of all, he cites this Blog at,

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition:


Post Election Update   6-7-14
Jeffrey H. Drobman     150,624  4.5%
David Curtis                98,199   2.9%

Top Two:
Alex Padilla (DEM)          1,005,865     30.0%
Pete Peterson (REPUB)   1,003,686     29.9%

Friday, February 21, 2014

The Political Argument for Internet Voting in California

“California citizens should be online - not in line.” 
CA Secretary of State Bill Jones (Republican) in 2000

                            LET FACTS DISPEL FEAR

In the 1990s CA SoS Bill Jones established The Internet Voting Task Force to study the prospects for Digital Democracy in this state. Based upon the only knowledge they had at that time – the 1990s – the Report concluded, among other things, that there wasn’t enough evidence to know whether elections using Internet voting could be conducted securely.

Since then, elections using Internet voting have been conducted securely over 100 times, around the world. Estonia now conducts elections online regularly. Switzerland has had more than 35 elections and votes on referenda via Internet voting. Norway provided for online voting for its second time in 2013.  Over 40 cities in Canada continue to have voting online. West Virginia provided online voting for its overseas military voters in 2010. These instances, and more, are recounted in the US Elections Assistance Commission (EAC) Report of 2011, at

Not ONE of these elections for public office has had results that were affected by security incidents – not one. We can be sure of this because the local officials, journalists, seasoned election observers, lawyers, judges, voters, even losing candidates agree the results are acceptable.

When set up by pros the security risks can be managed. Pros know the possible attacks, and how to defend against them.

Officials in Gujarat, India reported that during their first online voting trial in 2011, “we fended off 4,000 attempted hackings from Pakistan, Taiwan and even China.”

Internet voting is not like e-commerce. Access to servers is far more restricted. There is no email access. The process is only open for a few days, not 24/7/365.

Tarvis Martens, security specialist for Estonia’s National Election Commission, says that their system is “more secure than Internet banking.”

With candidates holding debates online (and on TV and radio), followed by voting online, the costs of campaigns and elections would drop so far as to be affordable for FULL Public Financing. The need for Big Money Donors could be eliminated. Elected officials would owe their election to the voters only – 100%.

Very soon, legislative out-put would begin meeting the needs of people for livable wages; low cost, or free, public education and health care; and the development of a Garden-like environment. Online registration has resulted in higher voter turnout. Online voting will do the same. No Constitutional Amendment needed.

The Initiative, Referendum, and Recall can follow the same model. E-signatures will give the People the power to put new ideas before all the voters through the Initiative. Online Referendums can be held on proposed legislation and policies. These, and Recalls too, will be cheaper to conduct with online debates followed by Internet voting. Paperless politics are best for the environment.

Very little democracy exists within Districts, as elected representatives go off to distant Capitals to conduct the People’s Business. But now Online Townhall Meetings can be conducted periodically for the constituents in every elected official’s District – local, state, and federal. The People can propose legislation to their representative, and she/he can offer ideas to be discussed and voted on by them.  Such “Constituent Assemblies” can be implemented by requiring candidates to pledge to support the new e-democracy process before they are elected. Each election district can have its own online voting system, rather than a one-size-fits-all system for the whole state, or nation. Competition among vendors will spur the development of products with increasing quality.

Lovers of Democracy Unite! First we need a law from Sacramento permitting each county to try Internet voting as a supplement to its regular process. Then, demand your election officials do it!
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition:

Friday, February 7, 2014

Half Hour Waits OK says Obama Commission on Election Reform – No Internet Voting

On Tuesday night, November 6, 2012, President Obama addressed the nation briefly to thank the voters who re-elected him for his second term. He was especially appreciative of those voters who stood in long lines and waited to have their say. Then, after a pause, he commented “we have to fix that.”

A few months later he issued an Executive Order establishing the Presidential Commission on Election Administration (PCEA). Its mission was, in part, to find ways “to promote the efficient administration of elections” so that people can vote “without undue delay.” After six months of hearings, both public and private, and receiving written comments from the public, the PCEA issued its final report in January 2014.*

The Problem
The PCEA Report explained that the “image of voters waiting for six or more hours to vote on Election Day 2012, as in the two previous Presidential contests, spurred the call for reform that led to [the] creation of this Commission.”(p13)  Indeed, “over five million voters in 2012 experienced wait times exceeding one hour and an additional five million waited between a half hour and an hour. In some jurisdictions, the problem has recurred for several presidential elec­tions.”(p13) For instance, at least a third of Virginia voters had to wait more than a half hour in both the 2008 and 2012 Presidential elections. (See note 22)

Proposed solutions
Of course, the most obvious 21st Century “fix” for the problem of time wasting long lines at the polls is to supplement the use of polling places with Internet voting. Then voters could vote from home, or any where else, and at any time of the day or night. They could use their PC, smart phone, iPad, or other connected device. No one would have to take time from work, wait for the bus, or if driving, fight traffic, find parking, then stand in the November rain and cold, or miss the opportunity to vote because they had to travel, or were away at school, or were housebound due to illness, infirmity, or the need to care for someone, such as small children, the sick, elderly, had to work over-time, were in the military and stationed far away from home, etc.

Unhappily, the Commission dismissed this option with little more than a parenthetic quip – “the internet is not yet secure enough for vot­ing.”(p60) That was it. No research was cited showing that the integrity of any actual online election had ever been marred by a security breach. No mention was made that Internet voting has been used in over 100 elections to public office around the world, all without the results altered by hackers.^

The Report instead declared its aim to preserve the time honored tradition of voting at remote polling places, and finding ways to reduce waiting times by making the process more efficient, especially through “the management of lines.” (p14) The pair of Washington lawyers President Obama selected to chair the PCAE found lines to be an intriguing subject.  Thus, the Report paid special attention to the research coming out of “Queuing Theory;” that is, the academic field of examining the causes and cures of long lines.

Perhaps having an epiphany after weeks of studying Queuing Theory, our lawyers solemnly proclaimed, “The Com­mission has concluded that, as a general rule, no voter should have to wait more than half an hour in order to have an opportunity to vote.”(p14) By the efficient management of lines, then, our nation’s 8000 election districts will be able to comply with the Report’s edict.

One of the Laws of Queuing Theory, developed after years of research, is that long lines can be caused by a lot of people showing up at the same time. Wizened by its studies, the Report recognized that “there will be circumstances that strain this goal [of half hour waits], such as when a busload of people shows up unexpectedly at a polling location, or a hundred-person line of en­thusiastic voters is waiting to greet the poll worker who opens the polling place in the morning.”(p14)

“Nonetheless,” to comply with this decree, “local officials should be able to plan the allocation of their re­sources such that during the normal course of the day, nearly all voters can be processed within the 30-minute standard. Any wait time that exceeds this half-hour standard is an indication that something is amiss and that corrective measures should be deployed.”(p14)

Addressing themselves to state and local election officials, the Chairmen explain that Queuing Theory requires “a more efficient allocation of resources;” such as putting more machines and more poll workers at the most heavily trafficked polling places. Also, those officials should have better trained poll workers, and use more student volunteers. The officials themselves need better education; hence, the Report calls upon colleges to offer a Master’s Degree in Public Administration that focuses on polling place management, because “election administration is public administration.”(p18)

Election officials should also provide shorter ballots, more polling places, use more school buildings, and set up vote centers in which any eligible person can vote, even if outside of his or her district. Voters could make an appointment to come in and vote; or “take a number,” like at the local bakery. Then they wouldn’t have to wait in a line until their number is called. (p37f)  Indeed, using the number system folks could stand around the table serving coffee and doughnuts and engage in civic discourse! Time would fly!

The Report approves of vote-by-mail systems, because there is no waiting in line at polling places. But this practice relies on the Postal Service, and has huge costs for paper, printing, mailing, and clerk hours spent shuffling the paper ballots as they come in the mail.  The PCEA strongly endorses “early voting;” that is, having polls open a few days before Election Day to satisfy the urges of eager voters. Queuing Theory has found that these early voters wait in line “in a more ‘celebratory’ frame of mind.”(p56) Indeed, one of the aims of Queuing Theory is to have happy waiters.

To that very end, the Report unabashedly extols the virtues of OVR – online voter registration. Paper-based registration systems cause over half the delays at polling places. Poll workers have to search long lists of voters. The lists often have errors made by clerks, or because the voter moved and neglected to re-register. Then complicated provisional ballots have to be issued.  But computer-based registration is easy to do, accurate, and allows poll workers to check registration in no time on e-poll books. In fact, the Report recommends that states exchange voter information online to reduce errors, catch up on who has died, who has moved without re-registering, and to prevent duplicate registrations, and “to detect election fraud or irregularities.”(p22)

County and local election officials spend roughly one-third of their budgets on paper based registration.  But states already using OVR are saving tons of money because they have eliminated the costs of paper and printing, and they need fewer clerks and filing cabinets.(p26)

Perhaps forgetting what it said about online voting, the Report expresses full confidence in the security of online voter registration, and “strongly recommends” its use.(p27) The Commission is not na├»ve, and understands that as with “any web-based system, questions about security will require close attention to ensure that unauthorized changes to voter registration cannot be made.”(p25)  But OVR is so reliable that it “reduces the chances of fraud and other irregularities of a paper-based system, in which outside groups may destroy registration forms or submit fraudulent registrations.”(p27) Privacy need not be a concern because these systems “have shown the ability to safeguard any voter information they receive.”(p29)

Best of all for our democracy, voters who register online turn out to vote in greater percents than voters who have registered by paper. “In Arizona in 2008, 94 percent of online registrants voted compared to 85 percent of those who registered by paper.” (p26) Young voters also register and vote more where OVR is offered. (See p26 and note 64, p79)

Small wonder that, “as demonstrated by the wide and growing popularity of online registration, voters seem to have confidence in such systems. This is not surprising when an increasing number of voters are using the internet to manage many core functions of their everyday lives.”(p25)

Of course, the “core function” of voting cannot be done on the Internet, but must still be centered on the trek to the remote polling place, where half hour waits are fine. By taking that position, the Report implicates questions that it fails to either ask or answer. For example, is a half hour wait always OK? What if you had to wait a half hour to buy a book on Amazon? Or, wait a half hour for each bill you paid online? What about at a traffic light? Or, at the grocery store check out counter?

Things to do while Waiting in Line to Vote
You can use your smart phone, iPad, or other connected device, to buy a book on Amazon, or pay bills, sell stocks, etc.  You can tweet your location and complain about how long the line is. (Use the hash tag #wastingtimeinline.) Check on your Face Book friends. You can text a sympathizing message to friends who have longer waits at other polling places, or enjoy discovering that folks you are less friendly towards have to wait longer than you do. You and your fellow waiters can order a pizza online and have it delivered to your place in line.

As mentioned, some county’s have a voting center to which any county resident, who is registered, can go to vote. Some counties also post waiting times on their website on Election Day. So, if you get tired of waiting at your assigned polling place, and you are one of the lucky ones, then you can go online to check if the wait is shorter at the voting center. Of course, standing in line searching with electronic devices to find a shorter line seems absurd when lines themselves are no longer necessary due to that very technology.

The Report notes that the voting machines purchased by many states over 10 years ago “are reach­ing the end of their operational life.”(p11)  It prudently advises that it is time to think about replacing them.  But it acknowledges a dilemma.  Local officials often report dissatisfaction with those machines; especially since they are very expensive, only used for occasional elections, and must be stored and maintained for the rest of the time.(p12)  Many of the machines also print out paper copies of the vote, which only perpetuates all the problems of dealing with piles of paper.

Of course, administering elections online would be much more efficient and cheaper. States and counties would not have to buy dozens, often hundreds of machines for voters to vote on, but which sit in rented storage most of the time. Instead, officials could use existing computers, and the voters would vote on their own electronic devices. This would eliminate the current costs of paper, printing, and mailing, as well as slash the amount of equipment needed and the costs of storage and maintenance. The Report observes that one of the main obstacles to making this cost saving move is the opposition of some in “the computer science community” over their security concerns.(p12) But the Report fails to mention that those opponents of Internet voting have never built a successful online voting system, while those members of “the computer science community” who have done so favor the idea.

The Report also fails to mention that online voting is better for the environment than is voting by mail, or trekking to polling places whether to vote on paper or on a machine that prints out a page of paper for every vote. Paperless voting would not only save trees, but there would be no trash to dispose of after the election. Air pollution would be reduced when voters can vote from home or anywhere else, without having to make that trek in their cars.

Our two Washington lawyers, one Dem, one Repub, are very proud of the “unanimity” of their decision.(p22)  But one look at their Report shows that by neglecting the most obvious fix for the convenience of the American voter, their unanimous decision comes down to “let them eat cake.”  We of the 21st Century deserve more regard than that!

*See the PCEA website at,

^See the 2011 US Election Assistance Commission Survey of Internet Voting at

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
On Kindle and in Paper 

Sunday, December 22, 2013

Norway has Second Great Success with Internet Voting

The Organization for Security and Co-operation in Europe (OSCE) has just released its Final Report on Norway’s Parliamentary Elections for 2013.1  This was the second time Norway’s Parliament permitted Internet voting on a trial basis. Authorization was given again because Norway’s 2011 Internet voting trial went so well, as reported on this blog here and here  This year’s election was held in August-September, and the OSCE Report came out on December 16.  The Ministry of Local Government and Regional Development (“MLGRD”) is the primary government agency for administering elections in Norway, and the Report is essentially a review of its job performance. A summary of the Report’s findings follows.

Use of Internet Voting more than Doubles
In both 2011 and 2013, Internet voting was offered for early voting2 for nearly a month prior to Election Day, which was on September 9th this year.

17% of registered voters in the pilot districts voted online in 2011.  But the Report states that in this year’s 12 pilot districts, “36 per cent of registered voters voted over the Internet.” (p13)  That is more than a 100% increase in the use of Internet voting.  Since there were about 250,000 eligible voters in these pilot districts, approximately 90,000 voters voted online. (p7)

According to Christian Bull, a senior official in MLGRD, online voting increased as Election Day approached, and evenings were the preferred time for voting.3

Paper Ballots Delayed in the Mail
Norway also provides a vote-by-mail process for early voting and for overseas voters. Oddly, overseas voters did not have an Internet voting option.  A scandal erupted, and an investigation promised, when the press reported that “several hundred ballots,” from both domestic and overseas voters, arrived at government counting centers too late to be counted. (p13) There were NO reports of late or lost online votes.

Voter Verification
When voting, voters select candidates from a list. (p5)  Votes could be cast online by tablet or PC, as well as on paper. Each vote was encrypted in such a manner that it couldn't be tied to the voter's identity.

Voters using electronic means could verify that their vote was counted as cast via “return codes.” Each voter was mailed a polling card with instructions on how to vote and a unique four digit return code. Voters logged on, entered their identification, and were then guided through the voting process. After submitting a vote, voters received a return code electronically. If that code matched the one on their polling card, the voter could be assured that his or her vote was counted as cast. “Completing this verification step was not necessary in order to cast a vote.” (p8)

Christian Bull reports that there were some calls to the support line about non-matching return codes. Usually the problem was that the voter mistakenly used the polling card of a family member, rather than his own, to check the return code.

Only Final Vote Counts
Online voters could vote as many times as they liked, but only their most recent vote would be counted. This option was intended to mitigate the risk of voter coercion or vote buying.  Because polling places used an electronic poll book, an online voter could also cast his or her last vote on paper and immediately cancel prior votes. “The municipal authorities evaluated this process very positively, commenting that it simplified procedures.” (p6-7)

Transparency and Third Party Auditing
The latest code for every voter was also sent to a public web page, hosted by GitHub (without, of course, any vote or voter information). On Election Night an independent third party verified that the content of the digital ballot box matched the list published to GitHub. The third party also verified the integrity of the entire counting process, even checking the various mathematical proofs of integrity provided by the system. (p9)  “Experts on electronic voting,” consulted for the Report, “expressed satisfaction with the mechanisms to verify the integrity of election results and safeguard the secrecy of the electronic votes.” (p7)

For the Internet voting, MLGRD developed and hosted its own servers, and made itself the IT-provider for local election administrators, rather than contracting an outside vendor. However, to check itself, it hired an independent auditor to verify the operations of the Internet voting process.

A few days before the end of early voting MLGRD frankly announced that the auditors had found “a programming error that caused weak encryption in some 29,000 electronic votes. As a result, system administrators with access to the electronic ballot box could potentially decrypt the ballots without the need for the secret decryption key.” (p8)

To address this problem, MLGRD quickly corrected the software “and tightened access restriction to the servers holding the electronic ballot box by requiring a written authorization each time servers were accessed.” (p8) After discussing the issue, election authorities agreed that there was no violation of secrecy, and the integrity of the votes had not been violated. The Report noted that the reviewing experts agreed “the MLGRD’s action was sufficient.” (p8)

Prior to the election, MLGRD posted the voting source code on its website for anyone to inspect.  But even the nay-sayers have found no scandals to reveal.

High Levels of Trust
The Report also stated that the Internet voting system “enjoyed a high level of trust among [the Report’s] interlocutors, reflecting the overall trust in the electoral process and in the MLGRD to organize the process professionally and impartially.” (p6-7)  As a further example of that trust, the Report observed that although MLGRD expressed willingness to allow political parties and other groups to have their own experts inspect the system, they “showed no apparent interest.” (p7)

This widespread trust is justified because, as in 2011, there were NO reports of attacks on the Internet voting system, such as by spoofing or denial of service attacks.

No Political Bias in the Voting Technology
Anyone who worries that Internet voting technology favors liberals over conservatives will be put at ease by the results of the 2013 election. The incumbent government was a Red-Green coalition led by the Labor Party. But it was handily ousted by a center-right coalition led by the Conservative Party.

Why are Norway’s Internet voting trials important for observers in the USA?  Because nothing overcomes fear more effectively than knowledge based on experience. That is what Norway can provide the US.

Pilot programs, like those in Norway and the one in WestVirginia in 2010, will give voters confidence that the technology can be used securely when the process is managed by competent professionals.

Norway’s 2013 trial made the technology available to about 250,000 voters. (That is a fraction of its 3.6 million voters in total.) Internet voting in the US will emerge county by county, and district by district in the 50 states.  Many American pilot projects will be similar in size to those in Norway. Seeing that it has been done well elsewhere will encourage Americans to feel confident that it can be done well here, too.

The way to online voting in the USA is to spread the news of successes, and to be sure that your state and local elected officials know the facts when you demand that your state and local election system be brought into the 21st Century.

1. The Final Report is available for download at,  It focused on the Internet voting pilot project, the electronic election administration system, and the political party finance regulations. This post is primarily concerned with the online voting pilot.

2. Technically, Norway election law distinguishes between “advance” and “early” voting. The main difference is that early voters are not able to mark preferential choices among candidates on their ballots.  (Report, page 13, note 26)
3. Private communication
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition:

Thursday, July 18, 2013

Student Election Hack – Is it a Bad Omen for Internet Voting?

Does the Cal State San Marcos class president election hack mean that Americans should fear Internet voting? Not if you think critically about it.

Matthew Weaver, 22, pleaded guilty* to wire fraud, access device fraud, and unauthorized access to a computer. He was sentenced to a year in prison. His crime was to plug keylogging devises into 19 school computers. The devises record computer user's keystrokes without the user's knowledge. Thus he stole the email passwords of more than 740 students. He used this information to vote for himself 630 times during the online student elections in March 2012.

Votes had to be cast from campus computers. Network administrators noticed all the voting activity from one computer. They quickly notified school police, who nabbed Weaver in the act.

This news report has fired up David Jefferson’s flare for spinning scary stories. He warns ominously, on the Election Law Blog, that “In a high stakes public election we will not be so lucky [as to catch the crook in the act].”

“Had this been a public election conducted via Internet voting, it would have been much more difficult to identify any problem or to capture the perpetrator, [because] people would vote from their own private PCs.”

Well, that is scary! But how would the crime be carried out? Consider how many votes a crook would have to control to win a presidential election.  In 2012, Obama beat Romney by roughly 4,000,000 votes.  As a comment below reminds us, to win a majority of Electoral votes, a hacker using Weaver’s technique would have to control tens of thousands of votes. Obviously, a guy like Weaver couldn’t run around plugging keylogging devices into that many computers to steal log on info. So, how would it be done?

Leaving his readers hanging, Jefferson skips any detailed discussion of how a crook could steal an online presidential, or other public, election.

Instead, he creatively imagines that if Weaver had “used one of his keylogging devices to capture the password of a system administrator” Weaver could have “then used that password to install keylogger software on other campus computers to capture the students’ passwords.”

Jefferson omits mentioning how Weaver would gain access to the administrator’s computer so he could plug in the devise. Maybe Weaver could don a custodian disguise, and plug it in while pretending to clean the office.

Anyway, Weaver would have had to return to the office to retrieve his device so that he could take it home to download the password. 

Details aside, after Weaver installs his keylogging software into the school network, he has to hope that nobody checks the network event logs before the election. The logs would show the activity, and an alert administrator would remove the software.

Imagination on fire, Jefferson then declares that Weaver didn’t have to cast votes one at a time; instead, he “could have run a program to automate the casting of all of those phony votes.” Of course!

But wait, what if the voting website had a challenge/response authentication mechanism. Weaver’s voting program couldn’t copy words or add numbers automatically. All his efforts would have been for naught. But let us imagine that he could get past this little security challenge. The network administrator would still see the spike in activity coming from one IP address. That signal could be blocked, and could also be traced back to Weaver.

Jefferson spins a chilling tale, but it requires his readers to suspend their critical faculties to be affective. Is that what you want to do?

Good news! Obama’s Commission on Election Reform has posted my recent scholarly paper on Internet Voting!

The paper recounts the history of Internet voting in the USA, and shows how NIST has misled Congress and the American people about online voting insecurity. I take the same practical approach there that I did here in this blog post.

Also, my book, Internet Voting Now, is listed in the “Research Bibliography” provided to the Commission by CalTec/MIT.

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition:

* ABC News -

Friday, March 8, 2013

Has NIST Lied about Internet Voting Insecurity?

Article 1, section 8, of the US Constitution enumerates the specific powers of Congress.
Among these are: “The Congress shall have power … To regulate Commerce … To coin money … and fix the standard of weights and measures.” The Framers had learned from unhappy experiences under the Articles of Confederation that without uniform standards for money, the new nation’s economy had little chance of thriving. They had also learned that without uniform “weights and measures,” the growth of science and technology, industry, and commerce would be crippled by chaos.

Out of its continuing efforts to exercise these powers responsibly, in 1988 Congress created the National Institute of Standards and Technology (NIST), which is currently a non-regulatory agency within the Department of Commerce.

NIST has such a vital role in the progress of science that it can aptly be understood as the Voice of Science in the USA.

When Congress established the Election Assistance Commission (EAC), in 2002, in a display of foresight, it required NIST to provide the EAC technical support on the research and development of, among other things, “remote access voting, including voting through the Internet.”

Yes, Congress is thinking about Internet voting for all US elections!

So, what did NIST do in response to its mandate from Congress? NIST put its name on a copy of the old 2004 SERVE Security Report by Avi Rubin, David Jefferson, David Wagner, and Barbara Simons.

That Report is where all the scary stories about supposed Internet voting insecurity got started. Like, “a teenage hacker in Iran could change all the votes in a presidential election!”

Great scary story, but where’s the science?  Where’s the facts?

Internet voting has been tried in public elections nearly 100 times around the world w/o any security problems. (The 2010 DC hack occurred because it wasn’t built by pros, see DC Hack Fiasco and DC Hack Conspiracy ) Shamefully, NIST has done NO scientific research, but only reproduced a bunch of scary stories, and presented that to Congress.

Common Cause – that saintly source of democratic ideals – has also helped to promote scary stories about Internet voting w/o any facts or science. (See Common Cause )

So now there is a careful study of the BAD SCIENCE that has the whole country shaking in its boots whenever somebody says “I hate standing in lines! Why can’t we have voting online?”

The paper is being presented at a panel at the Western Political Science Association this month. Its ready for the most critical scrutiny a scholar can give it. It shows that the anti-Internet voting extremists have NO intellectual foundation for crying “wolf!”

Its time for an intelligent, informed, Reason-based debate on Internet voting!
Download my paper, in pdf form, for free at

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 

Sunday, December 16, 2012

Norway to Continue Internet Voting in 2013

As reported on this blog about a year ago Norway had a great experience with its first large trial of Internet voting. Now there is more good news.

“It's official,” proclaimed Christian Bull, head of the Internet voting project in Norway, “we're doing another Internet voting pilot in 2013.”

In a December 14, 2012, press release, The Ministry of Local Government and Regional Development made this announcement: *

After positive experiences with the experiment of 2011, the Parliament of Norway will continue the trial of Internet voting in the elections of 2013.

“We need to know more before we conclude whether this is a future way to vote for all voters in Norway,” says Secretary Dag Henrik Sandbakken.

The evaluation of the experiment in 2011 showed that voters have high confidence in the election process. 92% of the voters in the trial cities had positive opinions about their experience. They found it to be an easy and convenient way to vote.

Even 75% of the voters who did not take part in the initial trial expressed positive opinions about using Internet voting in the future.

One of the key findings from the evaluation is that Internet voting enabled voters with disabilities to vote alone and without assistance for the first time. This includes the blind and visually impaired voters.

“We have also received positive feedback from the Norwegian Association of the Blind, who welcome another trial in 2013,” says Sandbakken.

Two conclusions in the evaluation of the last election are that no evidence of violations of voter secrecy were found, and that there were no reports requiring official investigation of problems with attempts at undue influence or vote buying for either Internet voting users or other voters.^

The researchers point out that the initial Internet voting trial raises several unanswered questions to which this evaluation does not provide answers, and that there is a need for further testing and research. They want, for example, more data on the effects of Internet voting on turnout among the various groups of voters.

The ten municipalities that participated in the previous experiments will also participate in the 2013 trials.

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1
Author of Internet Voting Now!
Kindle edition:
In paper:

* Google Translation used for this report

Just in - the English translation by Norway is up, at

^ Translation corrected in consultation w/ Mr. Bull 12-18-12