Saturday, August 23, 2014

How Political Scientists Can Test Internet Voting Security



A public policy debate is brewing in the United States concerning whether or not our election technology should include Internet voting. While there are many dimensions to this debate, generally people are asking “if I can bank online and shop online, why can’t I vote online?”

Also, the inconvenience of our 19th Century practice of trekking to polling places to cast a vote is being questioned across the nation. After news reports about long waits in line at poling places during the 2012 election, President Obama said “we’ve got to fix that.”

To study the problem, in March, 2013, President Obama issued an Executive Order convening his Presidential Commission on ElectionAdministration.  The Commission was chaired by two Washington lawyers – Robert F. Bauer, a Democrat, and Benjamin L. Ginsberg, a Republican.

I submitted my research paper on Internet voting, and other comments, to the Commission in favor of encouraging states and local jurisdictions to implement online voting trials, especially for overseas military.

The Commission released its Report on election administration in January, 2014. The Report made some recommendations for trying to make polling place voting more efficient and convenient. It also praised the move by several states to implement online voter registration. More than 25 states now have online voter registration.  While recognizing the convenience and efficiency of registering to vote via the Internet, the Commission stated, without evidence or further comment, that “the internet is not yet secure enough for voting” (p 60).

What I find so interesting, even amazing, is that not only does a Presidential Commission on Election Administration simply assume, with no scientific evidence, that the Internet is too insecure for voting, but so do nearly all the key participants in this important public policy problem.  I also find it amazing, and regrettable, that the political science profession in the US is so quiet on the issue of Internet voting security.  Other than my paper, now being presented to the American Political Science Association, I know of no other studies testing the hypothesis of Internet voting insecurity.

Hypothesis Testing
The well known philosopher of science, Karl Popper, has argued that an essential function of any science is that of conjecture and refutation.  Since voting and elections are central to the domain of the political science profession, shouldn’t political scientists be engaged in the effort at least to test, if not refute, the hypothesis of Internet voting insecurity?

It appears to me that out of an excess of deference for computer scientists, political scientists are not using their expertise and methods to make any sort of contribution to this very consequential public policy debate.

Therefore, one of the primary aims of my paper is to show political scientists how they can test the widely accepted, but untested, hypothesis that the Internet is too insecure for voting.  I want political scientists to see that they can use their own methods of study – especially case studies – to test the hypothesis of Internet voting insecurity, and do so independently of whatever claims activist computer scientists assert.

I take two well known approaches to testing the hypothesis of Internet voting insecurity. First, I look carefully at the language used by its proponents to assert and to support it. Second, I examine the actual experience of Internet voting trials, as case studies, to see if these facts support or undermine the validity of the hypothesis.

Assertions that Internet voting cannot be done securely are presented in the form of factual statements.  Karl Popper has set the standard for assessing the scientific quality of statements about matters of fact. Statements that purport to be factual, but that cannot be disproven under any circumstances cannot be considered scientific statements, says Popper, but must be consider folk tales or myths. In other words, to be scientific a statement of fact must be falsifiable, that is, capable of disproof. If it can’t be tested, then it can’t be factual.

One example of an unfalsifiable argument is the ancient admonition, “The End is Nigh.”  This supposedly factual claim has never been disproven. Indeed, one discussion of false Armageddon predictions has it that the first warning on record is found on an Assyrian clay tablet from 2800 BC.

Because this fear mongering Armageddon claim is impervious to both logical criticism and empirical disproof, it creates the illusion of Indubitable Truth for its adherents.  By logic, just because the End has not yet occurred, does not mean it will not occur – and soon. Empirically, it is unfalsifiable because with each failure today the prediction can simply be moved to tomorrow.

In the paper, I discuss numerous unfalsifiable claims made by an avant-garde of activist computer scientists in support of their hypothesis of Internet voting insecurity.  I think it important to note that none of the computer scientists in this avant-garde have any experience building Internet voting systems that were actually used in elections for public office. I should also point out that the computer scientists who have set up such systems are confident that security threats can be adequately protected against.

Self-Erasing Bugs
One of the many unfalsifiable claims made against Internet voting is that malicious code can be installed in a computer that tallies votes, and can change the results of an election, and can then erase itself and never be detected.

If this is true, then the integrity of no election that relies on a computer to count the vote can be trusted. Every such election result could be the product of undetected, self-erasing malicious code.

I argue in the paper that very scary stories, such as this, are part of a strategy activist computer scientists have followed to put themselves in charge of election administration in the United States. I argue further that they have succeeded!

In my view, activist computer scientists have executed a coup d'état over the election administration function of government in this country.  Among other things, they have had laws passed in several states requiring what they call a “Voter Verified Paper Audit Trail” for every vote cast.  Having a paper record, they say, is the only way to be sure upon audit that the vote tally matches the votes actually cast, and that the count is not the product of undetected, self-erasing malicious code.

This coup d'état includes the conquest of territory that political scientists have traditionally thought to be a core element of their professional field of study. Since this conquest, it seems that political scientists can say nothing about implementing technological reforms in election administration for fear of attracting the public disapproval of activist computer scientists. Indeed, I show how this actually happened in 2004, when political scientists Thad Hall and Michael Alvarez, who favored Internet voting, were completely overruled by just a few very vocal doom predicting anti-Internet voting computer scientists – who also had a lot of help from the New York Times.

In their defense, political scientists can use the Popperian standard that says unfalsifiable claims are mythical and not scientific.  The charge that an election could have been the result of undetected, self-erasing malicious code does seem to be an unfalsifiable claim, and therefore not scientific.  But this argument, by itself, is not likely to assure a frightened public or the legislators who must answer to that public.

In my view, the only effective way to nullify, or falsify, this scary claim is through the use of case studies of actual Internet voting trials.

Case Studies as Tests
If political scientists produced study after study of elections involving online voting in which there were no doubts about the integrity of the results, then the conclusion may be fairly drawn that the integrity of the results can reasonably be trusted.

Case studies can describe the security measures taken in a given election. Then the study can state the results of interviews of key people, and of polling. Key people would include relevant elections experts, elections officials and administrators, the computer scientists involved, journalists, winning and losing candidates, party leaders and political activists, as well as voters. Opinions may vary, and the reasons for those opinions can be included. If the research shows that in the minds of these folks there is confidence in the legitimacy of the vote, then claims of doubt could be seen as just more baseless cries of “wolf.”

If activist computer scientists continue to dogmatically insist that “you can never know for certain whether a disappearing bug changed the outcome,” they can reasonably be dismissed as myth-makers and fear mongers.  Indeed, I have done some preliminary case studies of Internet voting trials for elections to public office.  These include West Virginia in 2010, and Norway in 2011 and 2013.  Here, only the same few activist computer scientists insisted on such notions as there could have been a disappearing bug at work, but the officials, experts, candidates, and public felt confidence in the results.

In Canada, about 50 different cities have conducted Internet voting trials, all without doubts about the legitimacy of the results --  except for anti-Internet voting activists. Case studies of these elections are being done by Canadian political scientist, Nicole Goodman.

My paper also closely examines a report issued by the Elections Division at NIST. Unfortunately, that report merely repeats all the unfalsifiable claims of the activist computer scientists, without any social scientific case studies, or any other kind of science.

Conclusion
In conclusion, political science has the methodology it needs to undo the coup in US election administration and its own ouster from the public policy debate over election technology reform. Our profession only needs to apply these methods and to assert itself.

******************************
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now

Saturday, August 2, 2014

Did Poor PR Kill Internet Voting in Norway?


Norway’s government ministry in charge of Internet voting has announced that future trials of the technology will be discontinued for the time being.  Irresponsible news sources, most prominently the BBC, have had a field day inventing reasons as to why Parliament and the Ministry of Modernization made this decision. Unheard through the din of Chicken Little histrionics, the Ministry has posted a “corrective statement” especially for the BBC on its website.  Also, Norway’s Institute for Social Research (ISR) has evaluated the 2013 experiment.  Here’s what the Norwegians say:

Turnout
Contrary to the BBC report, turnout was not a factor in Norway’s decision. The Ministry states that “Internet voting was never intended or expected to raise voter turnout. The main goal of the pilots was to increase accessibility for marginal groups, such as disabled or expatriate voters.”

These goals were achieved.  The ISR found that among those overseas Norwegians who were registered in the 12 trial towns, turnout was 9% higher than for those abroad who were not registered in participating municipalities. (p136) And, a whopping 66% of overseas voters who were eligible to do so voted online. (p137)

Back home, the use of Internet voting increased by nearly 10%.  In the 2011 trials, 26% of the votes were cast online; but in 2013 that number went up to 35%. (p135)

Folks who were non-voters in the past may have been drawn to vote by the new technology. “19 percent of the non-voters in 2011 cast their ballots online in 2013,” and among these, younger voters voted online more than other groups. (p136)

The ease of voting online was the major reason given by online voters. This was especially true for “people with special needs.”

With a low regard for veracity, the BBC reported that “the fact that the trials did not boost turnout also led to the experiment ending.” Small wonder why the BBC article would say this. Online voting has recently been suggested by Jenny Watson, the head of Britain’s Electoral Commission, as a way to boost turnout among young people.  The BBC editors oppose online voting, and twisted the truth about Norway to suit their own agenda.

Security
The BBC article is entitled, “E-voting experiments end in Norway amid security fears.”  Norway’s correction: “Quite to the contrary, [an] evaluation report shows very high levels of voter trust in Internet voting – as much as 94% of Internet voters report trust in Internet voting.”  In fact, as to the technology itself, “There have been no significant security concerns raised in the trials.”

Encryption
The BBC writes that some unnamed “Software experts” had criticisms of the “encryption scheme” used by Norway. But these jibs did not come from any of the real experts who actually built the system. Indeed, the Ministry counters that its system has “received widespread international acclaim for the use of a verifiable cryptographic voting protocol, which allowed third parties to perform robust audits of the count.”

Privacy
The ISR reports that most “of the internet voters cast their votes in private.”  But many of the online voters take a distinctly casual attitude towards privacy. A significant 27% of online voters “stated that they were not alone in the room when they voted,” and 7% reported that they willingly “let others [see] how they voted.” (p138)

Attitudes towards privacy vary between generations. Younger voters are somewhat less concerned with it than older voters. (p138)

Improper Conduct
Internet voting neither invited nor facilitated cheating. Only about 1% “stated that they experienced any pressure to vote for a specific party. Internet voters were not exposed to more pressure than others.” (p139)

Likewise, only about 1% “stated that others had tried to buy their vote, or that they knew about cases of vote-buying. There are no significant differences between internet voters and other voters in this respect.” (p139)

Coercion and Secrecy
A senior adviser on the Internet voting trials, Christian Bull, says that a closer look at the public opinion studies of voter concerns shows that “The ‘fear factor’ in Norway is all about secrecy of the ballot when ballots are cast outside of the polling stations. It has nothing to do with technology, and would apply equally to postal voting.”*

The Ministry admits on its website that there remains political controversy “over fears that the security mechanism of re-voting was insufficient, and that allowing votes to be cast outside of polling stations would diminish the sanctity of the vote.” By “re-voting,” the Ministry refers to the practice of allowing voters to vote multiple times, prior to Election Day voting, with the last vote cast canceling out all the prior votes. If a voter voted online, and then voted again on paper at the polling station, or vice versa, only the last vote would be counted. This option was meant to discourage coercion, violations of privacy, or buying/selling with online voting.

At least some of the voters in the 12 towns where the trials were conducted understood the re-voting process. Out of a quarter million eligible voters, “528 electronic votes were cancelled due to voters having cast a paper vote and 2281 electronic votes were cancelled because the voter had re-voted electronically.” These are the folks who knew how to use the technology, and trusted in it. In the Ministry, and among election observers, there “is no suspicion that any voters successfully voted both electronically and on paper.” The BBC suggestion that some voters cast two votes, both of which were counted, is just plain wrong.

Unfortunately, polling in the participating towns revealed that less than half the respondents understood the re-voting option. Apparently, those folks, and a great many of the voters outside the trial areas, didn’t understand that this re-voting measure could protect the “sanctity” of the vote, and they retained fears about the possibility of coercion, loss of privacy, and buying/selling of votes

Lessons
While attitudes towards voting online among the quarter million eligible voters in the trial areas were very positive, Norway has a population of over five million, and it is among these folks that resistance to Internet voting is highest.

Has there been a failure of public education outside the trial areas which has allowed a consensus based on uninformed fear to emerge in the country, and to influence Parliament?

“Due to the lack of broad political will to introduce Internet voting,” writes the Ministry (and under pressure from Parliament), it has “decided not to continue expending public resources on continuing the pilots.”  

Could the problem here be that the system technicians hyper-focused on getting the technology right, but neglected the human dimension; i.e., public relations? If so, then they need to re-focus their efforts if Internet voting is to ever take hold in Norway.

*Personal communication on Linkedin, also the source of the “1%” figure used.

************************
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now


Thursday, May 22, 2014

Jeff Drobman for California Secretary of State!


On June 3d, Californians will vote in the state’s Primaries. Among the many offices and issues will be the vote for Secretary of State (SOS). If one of the half dozen candidates receives over 50% of the vote, he (no women in that contest) will likely take the office in the November 4th general election. But if no hopeful gets over half the vote, then the top two contestants will compete for the spot in the general election.

One of the SOS’s primary responsibilities is to supervise the state’s election process. This state has numerous election related problems. There are more than 8 million Californians who are eligible to vote but not registered. The state ranks 47th in the US for voter turnout. For example, about $19M was spent in a highly contested election for the mayor of Los Angeles in 2013, but a paltry 21% of registered voters turned out to vote.  


Boosting Turnout
All the current SOS candidates agree that both turnout and registration are too low. They all agree that California’s efforts to have all registration done online is a positive step. But they differ over ways to boost turnout. Have a Voting Holiday? Hold the election on a weekend with polls open on Saturday and Sunday? Start early voting at polls a week before Election Day? Let people register and vote at the polls on Election Day? Have polling places open for 24 hours?

Duh! If we can bank online, shop online, guide the flight of satellites a million miles in outer space, why can’t we vote online? If voting had 21st Century convenience, doesn’t it stand to reason that more people would vote? The trek to the polling place can be time consuming, with traffic and finding parking, only to wait in line to vote, and then take the return trek home. What about all those folks who have to rely on public transportation? Should they have to give up work just to wait all day for busses, and then stand in line to vote?

Costs of Election Administration
In every election more and more voters are voting by mail, because they appreciate the convenience. But the administrative expenses for the state are huge. Paper, printing, extra clerks to count it, ballot storage. Add these expenses to the costs of renting and staffing polling places, and the various electronic machines that have to be maintained and securely stored when not in use. According to a report by the experts at CalTech, such administrative costs for California in a presidential election can easily exceed $300M.  

Ms. Bowen’s Flop
Unfortunately, termed out Secretary of State Debra Bowen did nothing, zip, to improve the state’s embarrassing level of voter participation, or to make voting more convenient, or less costly. Bowen was captured by anti-Internet voting extremists, and frightened by them into supporting the silly notion that every vote should have a paper record, or Voter Verified Paper Audit Trail. She needed this Paper Security Blanket to feel comfy. But in reality, all the problems of boxes and boxes of paper continue - even though SOS Bowen’s self-deception made her feel good. Besides the aforesaid costs, paper ballots in big piles can get lost, selectively discarded, misplaced, or miscounted by blurry-eyed clerks working late. Fake records can be slipped into the piles.

But with the right precautions, such as using military style encryption and dedicated servers, Internet voting can be phased in by each county using it only when its voters are ready for it. At first it can be used to supplement vote by mail, and polling place voting. That is what scores of cities in Canada are doing. This year, 89 cities in Ontario will employ online voting along with voting by phone, and paper ballots at a few polling places. Debra Bowen was so snug in her Paper Security Blanket, that she, like Dean Logan, Registrar of Voters in Los Angeles, could just pretend the Canadian experience doesn’t exist. Such intentional ignorance by an elected official is unacceptable.

A Sampling from the Field of Candidates
Alex Padilla
I’m not voting for Alex Padilla. He, like Bowen and Dean Logan, is misinformed about, and thus afraid of, online voting.  For example, when asked about online voting, he told Fox News, “We don’t want to live in a world where people know how you voted.” But, in truth, voter privacy has never been violated in an online election for public office!

Also, I agree with an LA Times editorial which warned that “Padilla sees the job merely as a steppingstone to higher office.”

David Curtis
Although I’m a registered, card carrying Green Party member, I’m not voting for David Curtis. He is too wishy-washy. And tries to be all things to all people.

For example, when I asked him, he told me, “I am in favor of an online voting option for people who are comfortable doing that. The state could issue PINs to voters.”  

I happily put that out on Facebook and Twitter. But then, when the criticism came, he flip-flopped, and wrote on his blog, “I have no position on online voting.”

Anyone who caves so easily has no leadership in him!

Pete Peterson
The LA Times Editorial Department has endorsed a Republican for the office, Pete Peterson. What?! The Party of Voter Suppression, Voter IDs, restrictive ballot access laws, Karl Rove and the Koch brothers? Oh yeah, lets put the Party of the Fox in charge of the Hen House! What were they thinking? I’m definitely not voting for him.

Jeff Drobman
I’m voting for Jeff Drobman in the June 3d Primary, and here’s why:
Jeff is the only candidate with vision and courage.

A Software Engineer with a Ph.D. from UCLA, Drobman understands the online voting security issues. He knows that it’s been done over 100 times around the world without security breaches, and he knows that it can be done in California, too.

Drobman told The Daily News that his top priority will be to bring online voting to the state. “I have been working on this for 10 years, and it became apparent to me the only way to change things is to run for secretary of state,” Drobman said. “My attitude is we need an engineer and a software developer who can bring this about.” 

The SOS office is a “Bully Pulpit,” as Teddy Roosevelt used to say of the presidency. Drobman is the only candidate to show that he has the guts to get out in front of a needed voting reform and lead. In SOS Candidate Forums, Jeff pulls out his cell phone and challenges the other candidates to say why Californians can’t vote on this. Needless to say, they are all too busy texting or checking the shine on their shoes to answer.

Jeff’s slogan: "VOTE ANYWHERE, ANYTIME, ON ANY DEVICE!"

Resources
To learn more about Jeff Drobman, check his really cool slide show at, http://drjeffsoftware.com/drobman-slideshow.html

He is on Facebook at,

Ballotpedia at,

Best of all, he cites this Blog at,

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now



ENDORSEMENTS MATTER

Post Election Update   6-7-14
Jeffrey H. Drobman     150,624  4.5%
David Curtis                98,199   2.9%

Top Two:
Alex Padilla (DEM)          1,005,865     30.0%
Pete Peterson (REPUB)   1,003,686     29.9%




Friday, February 21, 2014

The Political Argument for Internet Voting in California



“California citizens should be online - not in line.” 
CA Secretary of State Bill Jones (Republican) in 2000

                            LET FACTS DISPEL FEAR

In the 1990s CA SoS Bill Jones established The Internet Voting Task Force to study the prospects for Digital Democracy in this state. Based upon the only knowledge they had at that time – the 1990s – the Report concluded, among other things, that there wasn’t enough evidence to know whether elections using Internet voting could be conducted securely.

Since then, elections using Internet voting have been conducted securely over 100 times, around the world. Estonia now conducts elections online regularly. Switzerland has had more than 35 elections and votes on referenda via Internet voting. Norway provided for online voting for its second time in 2013.  Over 40 cities in Canada continue to have voting online. West Virginia provided online voting for its overseas military voters in 2010. These instances, and more, are recounted in the US Elections Assistance Commission (EAC) Report of 2011, at

Not ONE of these elections for public office has had results that were affected by security incidents – not one. We can be sure of this because the local officials, journalists, seasoned election observers, lawyers, judges, voters, even losing candidates agree the results are acceptable.

When set up by pros the security risks can be managed. Pros know the possible attacks, and how to defend against them.

Officials in Gujarat, India reported that during their first online voting trial in 2011, “we fended off 4,000 attempted hackings from Pakistan, Taiwan and even China.”

Internet voting is not like e-commerce. Access to servers is far more restricted. There is no email access. The process is only open for a few days, not 24/7/365.

Tarvis Martens, security specialist for Estonia’s National Election Commission, says that their system is “more secure than Internet banking.” http://t.co/Jh6Onyd

MORE POWER TO THE PEOPLE, LESS POWER TO CORPORATIONS
With candidates holding debates online (and on TV and radio), followed by voting online, the costs of campaigns and elections would drop so far as to be affordable for FULL Public Financing. The need for Big Money Donors could be eliminated. Elected officials would owe their election to the voters only – 100%.

Very soon, legislative out-put would begin meeting the needs of people for livable wages; low cost, or free, public education and health care; and the development of a Garden-like environment. Online registration has resulted in higher voter turnout. Online voting will do the same. No Constitutional Amendment needed.

The Initiative, Referendum, and Recall can follow the same model. E-signatures will give the People the power to put new ideas before all the voters through the Initiative. Online Referendums can be held on proposed legislation and policies. These, and Recalls too, will be cheaper to conduct with online debates followed by Internet voting. Paperless politics are best for the environment.

DIRECT DEMOCRACY in OUR REPRESENTATIVE GOVERNMENT
Very little democracy exists within Districts, as elected representatives go off to distant Capitals to conduct the People’s Business. But now Online Townhall Meetings can be conducted periodically for the constituents in every elected official’s District – local, state, and federal. The People can propose legislation to their representative, and she/he can offer ideas to be discussed and voted on by them.  Such “Constituent Assemblies” can be implemented by requiring candidates to pledge to support the new e-democracy process before they are elected. Each election district can have its own online voting system, rather than a one-size-fits-all system for the whole state, or nation. Competition among vendors will spur the development of products with increasing quality.

Lovers of Democracy Unite! First we need a law from Sacramento permitting each county to try Internet voting as a supplement to its regular process. Then, demand your election officials do it!

Note:
Also see in this blog - 
Three Reasons to Support Internet Voting
******************************
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now

Friday, February 7, 2014

Half Hour Waits OK says Obama Commission on Election Reform – No Internet Voting

On Tuesday night, November 6, 2012, President Obama addressed the nation briefly to thank the voters who re-elected him for his second term. He was especially appreciative of those voters who stood in long lines and waited to have their say. Then, after a pause, he commented “we have to fix that.”

A few months later he issued an Executive Order establishing the Presidential Commission on Election Administration (PCEA). Its mission was, in part, to find ways “to promote the efficient administration of elections” so that people can vote “without undue delay.” After six months of hearings, both public and private, and receiving written comments from the public, the PCEA issued its final report in January 2014.*

The Problem
The PCEA Report explained that the “image of voters waiting for six or more hours to vote on Election Day 2012, as in the two previous Presidential contests, spurred the call for reform that led to [the] creation of this Commission.”(p13)  Indeed, “over five million voters in 2012 experienced wait times exceeding one hour and an additional five million waited between a half hour and an hour. In some jurisdictions, the problem has recurred for several presidential elec­tions.”(p13) For instance, at least a third of Virginia voters had to wait more than a half hour in both the 2008 and 2012 Presidential elections. (See note 22)

Proposed solutions
Of course, the most obvious 21st Century “fix” for the problem of time wasting long lines at the polls is to supplement the use of polling places with Internet voting. Then voters could vote from home, or any where else, and at any time of the day or night. They could use their PC, smart phone, iPad, or other connected device. No one would have to take time from work, wait for the bus, or if driving, fight traffic, find parking, then stand in the November rain and cold, or miss the opportunity to vote because they had to travel, or were away at school, or were housebound due to illness, infirmity, or the need to care for someone, such as small children, the sick, elderly, had to work over-time, were in the military and stationed far away from home, etc.

Unhappily, the Commission dismissed this option with little more than a parenthetic quip – “the internet is not yet secure enough for vot­ing.”(p60) That was it. No research was cited showing that the integrity of any actual online election had ever been marred by a security breach. No mention was made that Internet voting has been used in over 100 elections to public office around the world, all without the results altered by hackers.^

The Report instead declared its aim to preserve the time honored tradition of voting at remote polling places, and finding ways to reduce waiting times by making the process more efficient, especially through “the management of lines.” (p14) The pair of Washington lawyers President Obama selected to chair the PCAE found lines to be an intriguing subject.  Thus, the Report paid special attention to the research coming out of “Queuing Theory;” that is, the academic field of examining the causes and cures of long lines.

Perhaps having an epiphany after weeks of studying Queuing Theory, our lawyers solemnly proclaimed, “The Com­mission has concluded that, as a general rule, no voter should have to wait more than half an hour in order to have an opportunity to vote.”(p14) By the efficient management of lines, then, our nation’s 8000 election districts will be able to comply with the Report’s edict.

One of the Laws of Queuing Theory, developed after years of research, is that long lines can be caused by a lot of people showing up at the same time. Wizened by its studies, the Report recognized that “there will be circumstances that strain this goal [of half hour waits], such as when a busload of people shows up unexpectedly at a polling location, or a hundred-person line of en­thusiastic voters is waiting to greet the poll worker who opens the polling place in the morning.”(p14)

“Nonetheless,” to comply with this decree, “local officials should be able to plan the allocation of their re­sources such that during the normal course of the day, nearly all voters can be processed within the 30-minute standard. Any wait time that exceeds this half-hour standard is an indication that something is amiss and that corrective measures should be deployed.”(p14)

Addressing themselves to state and local election officials, the Chairmen explain that Queuing Theory requires “a more efficient allocation of resources;” such as putting more machines and more poll workers at the most heavily trafficked polling places. Also, those officials should have better trained poll workers, and use more student volunteers. The officials themselves need better education; hence, the Report calls upon colleges to offer a Master’s Degree in Public Administration that focuses on polling place management, because “election administration is public administration.”(p18)

Election officials should also provide shorter ballots, more polling places, use more school buildings, and set up vote centers in which any eligible person can vote, even if outside of his or her district. Voters could make an appointment to come in and vote; or “take a number,” like at the local bakery. Then they wouldn’t have to wait in a line until their number is called. (p37f)  Indeed, using the number system folks could stand around the table serving coffee and doughnuts and engage in civic discourse! Time would fly!

The Report approves of vote-by-mail systems, because there is no waiting in line at polling places. But this practice relies on the Postal Service, and has huge costs for paper, printing, mailing, and clerk hours spent shuffling the paper ballots as they come in the mail.  The PCEA strongly endorses “early voting;” that is, having polls open a few days before Election Day to satisfy the urges of eager voters. Queuing Theory has found that these early voters wait in line “in a more ‘celebratory’ frame of mind.”(p56) Indeed, one of the aims of Queuing Theory is to have happy waiters.

To that very end, the Report unabashedly extols the virtues of OVR – online voter registration. Paper-based registration systems cause over half the delays at polling places. Poll workers have to search long lists of voters. The lists often have errors made by clerks, or because the voter moved and neglected to re-register. Then complicated provisional ballots have to be issued.  But computer-based registration is easy to do, accurate, and allows poll workers to check registration in no time on e-poll books. In fact, the Report recommends that states exchange voter information online to reduce errors, catch up on who has died, who has moved without re-registering, and to prevent duplicate registrations, and “to detect election fraud or irregularities.”(p22)

County and local election officials spend roughly one-third of their budgets on paper based registration.  But states already using OVR are saving tons of money because they have eliminated the costs of paper and printing, and they need fewer clerks and filing cabinets.(p26)

Perhaps forgetting what it said about online voting, the Report expresses full confidence in the security of online voter registration, and “strongly recommends” its use.(p27) The Commission is not naïve, and understands that as with “any web-based system, questions about security will require close attention to ensure that unauthorized changes to voter registration cannot be made.”(p25)  But OVR is so reliable that it “reduces the chances of fraud and other irregularities of a paper-based system, in which outside groups may destroy registration forms or submit fraudulent registrations.”(p27) Privacy need not be a concern because these systems “have shown the ability to safeguard any voter information they receive.”(p29)

Best of all for our democracy, voters who register online turn out to vote in greater percents than voters who have registered by paper. “In Arizona in 2008, 94 percent of online registrants voted compared to 85 percent of those who registered by paper.” (p26) Young voters also register and vote more where OVR is offered. (See p26 and note 64, p79)

Small wonder that, “as demonstrated by the wide and growing popularity of online registration, voters seem to have confidence in such systems. This is not surprising when an increasing number of voters are using the internet to manage many core functions of their everyday lives.”(p25)

Of course, the “core function” of voting cannot be done on the Internet, but must still be centered on the trek to the remote polling place, where half hour waits are fine. By taking that position, the Report implicates questions that it fails to either ask or answer. For example, is a half hour wait always OK? What if you had to wait a half hour to buy a book on Amazon? Or, wait a half hour for each bill you paid online? What about at a traffic light? Or, at the grocery store check out counter?

Things to do while Waiting in Line to Vote
You can use your smart phone, iPad, or other connected device, to buy a book on Amazon, or pay bills, sell stocks, etc.  You can tweet your location and complain about how long the line is. (Use the hash tag #wastingtimeinline.) Check on your Face Book friends. You can text a sympathizing message to friends who have longer waits at other polling places, or enjoy discovering that folks you are less friendly towards have to wait longer than you do. You and your fellow waiters can order a pizza online and have it delivered to your place in line.

As mentioned, some county’s have a voting center to which any county resident, who is registered, can go to vote. Some counties also post waiting times on their website on Election Day. So, if you get tired of waiting at your assigned polling place, and you are one of the lucky ones, then you can go online to check if the wait is shorter at the voting center. Of course, standing in line searching with electronic devices to find a shorter line seems absurd when lines themselves are no longer necessary due to that very technology.

Conclusion
The Report notes that the voting machines purchased by many states over 10 years ago “are reach­ing the end of their operational life.”(p11)  It prudently advises that it is time to think about replacing them.  But it acknowledges a dilemma.  Local officials often report dissatisfaction with those machines; especially since they are very expensive, only used for occasional elections, and must be stored and maintained for the rest of the time.(p12)  Many of the machines also print out paper copies of the vote, which only perpetuates all the problems of dealing with piles of paper.

Of course, administering elections online would be much more efficient and cheaper. States and counties would not have to buy dozens, often hundreds of machines for voters to vote on, but which sit in rented storage most of the time. Instead, officials could use existing computers, and the voters would vote on their own electronic devices. This would eliminate the current costs of paper, printing, and mailing, as well as slash the amount of equipment needed and the costs of storage and maintenance. The Report observes that one of the main obstacles to making this cost saving move is the opposition of some in “the computer science community” over their security concerns.(p12) But the Report fails to mention that those opponents of Internet voting have never built a successful online voting system, while those members of “the computer science community” who have done so favor the idea.

The Report also fails to mention that online voting is better for the environment than is voting by mail, or trekking to polling places whether to vote on paper or on a machine that prints out a page of paper for every vote. Paperless voting would not only save trees, but there would be no trash to dispose of after the election. Air pollution would be reduced when voters can vote from home or anywhere else, without having to make that trek in their cars.

Our two Washington lawyers, one Dem, one Repub, are very proud of the “unanimity” of their decision.(p22)  But one look at their Report shows that by neglecting the most obvious fix for the convenience of the American voter, their unanimous decision comes down to “let them eat cake.”  We of the 21st Century deserve more regard than that!

*See the PCEA website at, https://www.supportthevoter.gov/

^See the 2011 US Election Assistance Commission Survey of Internet Voting at

*********************
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
On Kindle and in Paper 

Sunday, December 22, 2013

Norway has Second Great Success with Internet Voting

The Organization for Security and Co-operation in Europe (OSCE) has just released its Final Report on Norway’s Parliamentary Elections for 2013.1  This was the second time Norway’s Parliament permitted Internet voting on a trial basis. Authorization was given again because Norway’s 2011 Internet voting trial went so well, as reported on this blog here and here  This year’s election was held in August-September, and the OSCE Report came out on December 16.  The Ministry of Local Government and Regional Development (“MLGRD”) is the primary government agency for administering elections in Norway, and the Report is essentially a review of its job performance. A summary of the Report’s findings follows.

Use of Internet Voting more than Doubles
In both 2011 and 2013, Internet voting was offered for early voting2 for nearly a month prior to Election Day, which was on September 9th this year.

17% of registered voters in the pilot districts voted online in 2011.  But the Report states that in this year’s 12 pilot districts, “36 per cent of registered voters voted over the Internet.” (p13)  That is more than a 100% increase in the use of Internet voting.  Since there were about 250,000 eligible voters in these pilot districts, approximately 90,000 voters voted online. (p7)

According to Christian Bull, a senior official in MLGRD, online voting increased as Election Day approached, and evenings were the preferred time for voting.3

Paper Ballots Delayed in the Mail
Norway also provides a vote-by-mail process for early voting and for overseas voters. Oddly, overseas voters did not have an Internet voting option.  A scandal erupted, and an investigation promised, when the press reported that “several hundred ballots,” from both domestic and overseas voters, arrived at government counting centers too late to be counted. (p13) There were NO reports of late or lost online votes.

Voter Verification
When voting, voters select candidates from a list. (p5)  Votes could be cast online by tablet or PC, as well as on paper. Each vote was encrypted in such a manner that it couldn't be tied to the voter's identity.

Voters using electronic means could verify that their vote was counted as cast via “return codes.” Each voter was mailed a polling card with instructions on how to vote and a unique four digit return code. Voters logged on, entered their identification, and were then guided through the voting process. After submitting a vote, voters received a return code electronically. If that code matched the one on their polling card, the voter could be assured that his or her vote was counted as cast. “Completing this verification step was not necessary in order to cast a vote.” (p8)

Christian Bull reports that there were some calls to the support line about non-matching return codes. Usually the problem was that the voter mistakenly used the polling card of a family member, rather than his own, to check the return code.

Only Final Vote Counts
Online voters could vote as many times as they liked, but only their most recent vote would be counted. This option was intended to mitigate the risk of voter coercion or vote buying.  Because polling places used an electronic poll book, an online voter could also cast his or her last vote on paper and immediately cancel prior votes. “The municipal authorities evaluated this process very positively, commenting that it simplified procedures.” (p6-7)

Transparency and Third Party Auditing
The latest code for every voter was also sent to a public web page, hosted by GitHub (without, of course, any vote or voter information). On Election Night an independent third party verified that the content of the digital ballot box matched the list published to GitHub. The third party also verified the integrity of the entire counting process, even checking the various mathematical proofs of integrity provided by the system. (p9)  “Experts on electronic voting,” consulted for the Report, “expressed satisfaction with the mechanisms to verify the integrity of election results and safeguard the secrecy of the electronic votes.” (p7)

For the Internet voting, MLGRD developed and hosted its own servers, and made itself the IT-provider for local election administrators, rather than contracting an outside vendor. However, to check itself, it hired an independent auditor to verify the operations of the Internet voting process.

A few days before the end of early voting MLGRD frankly announced that the auditors had found “a programming error that caused weak encryption in some 29,000 electronic votes. As a result, system administrators with access to the electronic ballot box could potentially decrypt the ballots without the need for the secret decryption key.” (p8)

To address this problem, MLGRD quickly corrected the software “and tightened access restriction to the servers holding the electronic ballot box by requiring a written authorization each time servers were accessed.” (p8) After discussing the issue, election authorities agreed that there was no violation of secrecy, and the integrity of the votes had not been violated. The Report noted that the reviewing experts agreed “the MLGRD’s action was sufficient.” (p8)

Prior to the election, MLGRD posted the voting source code on its website for anyone to inspect.  But even the nay-sayers have found no scandals to reveal.

High Levels of Trust
The Report also stated that the Internet voting system “enjoyed a high level of trust among [the Report’s] interlocutors, reflecting the overall trust in the electoral process and in the MLGRD to organize the process professionally and impartially.” (p6-7)  As a further example of that trust, the Report observed that although MLGRD expressed willingness to allow political parties and other groups to have their own experts inspect the system, they “showed no apparent interest.” (p7)

This widespread trust is justified because, as in 2011, there were NO reports of attacks on the Internet voting system, such as by spoofing or denial of service attacks.

No Political Bias in the Voting Technology
Anyone who worries that Internet voting technology favors liberals over conservatives will be put at ease by the results of the 2013 election. The incumbent government was a Red-Green coalition led by the Labor Party. But it was handily ousted by a center-right coalition led by the Conservative Party.

Conclusion
Why are Norway’s Internet voting trials important for observers in the USA?  Because nothing overcomes fear more effectively than knowledge based on experience. That is what Norway can provide the US.

Pilot programs, like those in Norway and the one in WestVirginia in 2010, will give voters confidence that the technology can be used securely when the process is managed by competent professionals.

Norway’s 2013 trial made the technology available to about 250,000 voters. (That is a fraction of its 3.6 million voters in total.) Internet voting in the US will emerge county by county, and district by district in the 50 states.  Many American pilot projects will be similar in size to those in Norway. Seeing that it has been done well elsewhere will encourage Americans to feel confident that it can be done well here, too.

The way to online voting in the USA is to spread the news of successes, and to be sure that your state and local elected officials know the facts when you demand that your state and local election system be brought into the 21st Century.

Notes:
1. The Final Report is available for download at,
http://www.osce.org/odihr/elections/109503  It focused on the Internet voting pilot project, the electronic election administration system, and the political party finance regulations. This post is primarily concerned with the online voting pilot.

2. Technically, Norway election law distinguishes between “advance” and “early” voting. The main difference is that early voters are not able to mark preferential choices among candidates on their ballots.  (Report, page 13, note 26)
3. Private communication
******************************
William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now

Thursday, July 18, 2013

Student Election Hack – Is it a Bad Omen for Internet Voting?



Does the Cal State San Marcos class president election hack mean that Americans should fear Internet voting? Not if you think critically about it.

Facts:
Matthew Weaver, 22, pleaded guilty* to wire fraud, access device fraud, and unauthorized access to a computer. He was sentenced to a year in prison. His crime was to plug keylogging devises into 19 school computers. The devises record computer user's keystrokes without the user's knowledge. Thus he stole the email passwords of more than 740 students. He used this information to vote for himself 630 times during the online student elections in March 2012.

Votes had to be cast from campus computers. Network administrators noticed all the voting activity from one computer. They quickly notified school police, who nabbed Weaver in the act.

Implications:
This news report has fired up David Jefferson’s flare for spinning scary stories. He warns ominously, on the Election Law Blog, that “In a high stakes public election we will not be so lucky [as to catch the crook in the act].”

“Had this been a public election conducted via Internet voting, it would have been much more difficult to identify any problem or to capture the perpetrator, [because] people would vote from their own private PCs.”

Well, that is scary! But how would the crime be carried out? Consider how many votes a crook would have to control to win a presidential election.  In 2012, Obama beat Romney by roughly 4,000,000 votes.  As a comment below reminds us, to win a majority of Electoral votes, a hacker using Weaver’s technique would have to control tens of thousands of votes. Obviously, a guy like Weaver couldn’t run around plugging keylogging devices into that many computers to steal log on info. So, how would it be done?

Leaving his readers hanging, Jefferson skips any detailed discussion of how a crook could steal an online presidential, or other public, election.

Instead, he creatively imagines that if Weaver had “used one of his keylogging devices to capture the password of a system administrator” Weaver could have “then used that password to install keylogger software on other campus computers to capture the students’ passwords.”

Jefferson omits mentioning how Weaver would gain access to the administrator’s computer so he could plug in the devise. Maybe Weaver could don a custodian disguise, and plug it in while pretending to clean the office.

Anyway, Weaver would have had to return to the office to retrieve his device so that he could take it home to download the password. 

Details aside, after Weaver installs his keylogging software into the school network, he has to hope that nobody checks the network event logs before the election. The logs would show the activity, and an alert administrator would remove the software.

Imagination on fire, Jefferson then declares that Weaver didn’t have to cast votes one at a time; instead, he “could have run a program to automate the casting of all of those phony votes.” Of course!

But wait, what if the voting website had a challenge/response authentication mechanism. Weaver’s voting program couldn’t copy words or add numbers automatically. All his efforts would have been for naught. But let us imagine that he could get past this little security challenge. The network administrator would still see the spike in activity coming from one IP address. That signal could be blocked, and could also be traced back to Weaver.

Lesson: 
Jefferson spins a chilling tale, but it requires his readers to suspend their critical faculties to be affective. Is that what you want to do?

PS
Good news! Obama’s Commission on Election Reform has posted my recent scholarly paper on Internet Voting!

The paper recounts the history of Internet voting in the USA, and shows how NIST has misled Congress and the American people about online voting insecurity. I take the same practical approach there that I did here in this blog post.

Also, my book, Internet Voting Now, is listed in the “Research Bibliography” provided to the Commission by CalTec/MIT.

William J. Kelleher, Ph.D.
Political Scientist, author, speaker,
CEO for The Internet Voting Research and Education Fund
Twitter: wjkno1

Author of Internet Voting Now! 
Kindle edition: http://tinyurl.com/IntV-Now

* ABC News -