The National Cybersecurity Center (NCC), in partnership with Tusk Philanthropies
Pilots will take place in jurisdictions that successfully apply for the grant.
The National Cybersecurity Center’s Secure the Vote seeks to increase confidence in the integrity of elections and improve security around gaps in the infrastructure. With this mission, Secure the Vote looks forward to launching voting pilots in 2021 to ask the question of how different technology options might make the overall election infrastructure more resilient and accessible. The pilots will occur via a grant application in which jurisdictions will identify a key resiliency challenge that they seek to remedy via some level of an alternative voting method.
Voting behaviors are changing. The percentage of voters casting a ballot in-person on election day has fell from 89.5% in 1996, to below 60% in each major election since 2014.
Voting regulations are changing. More voters are now able to register online, or in-person on election day, take advantage of early-voting periods, and vote through different methods (absentee & mail-in voting) that enable a larger number of voters to submit ballots without setting foot in a polling station.
Voting technology is changing. Despite security concerns, four states now allow for electronic ballot delivery/return via a web portal: one state uses a blockchain app for UOCAVA voters, 19 states plus DC allow limited number of voters to return a ballot via email or fax, and seven states allow some voters to return a ballot via fax. Voting trends have changed significantly over the past few decades, and the 2020 response to a pandemic, opening even more alternatives to voters, may lead to an even greater shift in what voters and jurisdictions need or want for a resilient, secure and safe voting experience. With that in mind, Secure the Vote looks to explore how the adoption of different voting methods might improve resilience and accessibility.
FAQ’s On Electronic Voting
Electronic voting is a lay term that attempts to broadly capture methods by which a ballot might be delivered, or returned, electronically. The context for electronic voting, however, may depend on where the voting takes place, and how the ballot is stored or processed.
In-person electronic voting
The majority of voting in the United States takes place in person, or through a mail-in ballot. While voting in person, a voter may have the option to use an electronic ballot marking device such as a direct recording electronic voting machine (DRE), or an electronic ballot marking device (BMD). The BMD enables a voter to make their choices via an electronic interface, but prints out a paper ballot for the voter to turn in; it does not record a voter’s vote. The DRE allows the voter to select their vote on an electronic interface, but does not print out a paper ballot for the voter to turn in; instead it records the voter’s vote as an individual, anonymized record on the device. For voters voting overseas, however, electronic voting may be characterized by the ability to receive and/or deliver electronically.
Electronic Ballot Delivery (EBD) is defined by the National Institute of Standards and Technology (NIST) as the delivery of ballot and voter information packets electronically. The packets may be sent to Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA) voters via email, fax, or an Internet-supported application. All states are required to allow the delivery of ballots electronically from local jurisdictions to overseas voters.
Electronic Ballot Return (EBR) is the return of ballot and voter information packets electronically. Ballot and voter packets may be returned via email, fax, or an Internet-supported application. Up to 31 states allow for the return of ballots electronically, thought there are limitations as to what means may be used to return a ballot packet. The remaining 19 states do not allow for electronic ballot return. 1
Like ballot marking devices, the paper trail begins when the election office prints off the digitally marked ballot. The election office scans the paper ballot and tabulates the results.
While a paper trail is important, it is perhaps even more important to be able to prove that the ballot that the voter voted reflects the same choices as the ballot that is then printed, scanned, and counted by the election office.
Options for tracking the that the vote is the same at each step vary between industry partners. For example, one industry partner uses a distributed hyper ledger blockchain to help voters, and open source auditors, confirm that the ballot receipt that a voter receives when they vote is the same as the electronic ballot image that is downloaded and printed by the election office. That level of transparency must be coupled with sophisticated levels of internal and external security, but when it is, it is a level of transparency and confidence in the accuracy of a vote that rivals a paper trail.
Electronic voting can provide increased accessibility for voting populations that experience greater barriers to voting. Populations that are currently served by electronic voting pilots are overseas voters (UOCAVA) and voters experiencing a disability.
The Federal Voters Assistance Program (FVAP) released a report on voting rates and barriers to overseas voters, identifying that only 6.9 percent of overseas voters participated in the 2016 General Election. The voting participation rate compared to 72 percent of eligible domestic voters. The significant discrepancy can be attributed to a variety of challenges including the connectedness to the election and home community, and the ease of access to the international mail system.
An additional challenge for overseas voters is the general insecurity of email and fax in returning a ballot. Security will only increase for those voters when technology advances to ensure that they are afforded the same level of secure access that domestic voters enjoy.
Disabled voters can also face privacy and security challenges when voting in person – or even at home, depending on the disability. Empowering disabled voters to make their voice heard through private, secure means will also address one of the most significant accessibility challenges in elections.
Traditionally, the electronic ballot return option has been limited to overseas voters. However, in February 2020, King County Conservation District held the first domestic electronic ballot return voting election for the King County Conservation District Board. Voter turnout doubled in the election from the previous election, indicating that it may indeed be a viable option for more domestic voters.
Small and large jurisdictions are increasingly interested in conducting electronic ballot return pilots for overseas voters, and possibly even small portions of domestic populations. In order for jurisdictions to participate in pilots, jurisdictions must first ensure that state voting laws allow for the transmission of electronic ballots. Some states still do not allow that option.
Jurisdictions then work to identify an industry partner that meets their interest and needs. Organizations exist to assist jurisdictions in vetting industry partners. Some of these organizations include Tusk Philanthropies, the National Cybersecurity Center, and Trail of Bits and Shift State (both organizations run security reviews). Universities are becoming increasingly interested in supporting reviews and analyses of the technologies as well.
The National Cybersecurity Center works with industry partners to provide an overall security ecosystem that contributes to an overall ‘audit’ of the election pilot.
The NCC reviews the industry partner’s security procedures, security logs during the election pilot, employee security trainings, and any additional information that informs the level of security adopted within the organization. For industry partners with a more developed auditable process, the NCC assists in hosting citizen audits that allow the public to review ballot images of the anonymized ballots to confirm that the ballot image sent to the voter as a receipt matches the ballot image stored and ultimately printed and scanned by the election office. This citizen audit is helping to advance the pursuit of a pure end-to-end vote verification system for electronic ballot return voting.
Private cybersecurity firms such as Trail of Bits and Shift State have conducted security analyses of the main industry vendors being used – including Democracy Live, Scytl, and Voatz. Universities are researching the methods as well; for example, MIT published a report regarding security issues and electronic ballot return voting. The Department of Homeland Security has also reviewed different applications, offering security feedback.
The National Cybersecurity Center is working to develop a set of guidelines and standards to inform the security standards for electronic ballot return. One key aspect of this is the requirement for ongoing code review to ensure that any updates only support the ongoing security of the industry partner’s product.
No voting system is inherently perfect, and there are risks involved with every option. Paper ballots have been scarred by hanging chad debacles, ballots stored in trunks, and ballots not picked up in mail-in ballot drop off locations. Email and fax as ballot return methods are inherently insecure, and easily compromised. Voting in person may be a more secure method as well, but it can lead to disenfranchisement of voters which undermines the overall integrity of free and fair elections.
Electronic ballot return voting, too, has its risks: nefarious state actors or individuals could try to hack the voting system, and employees of the industry partners may seek to disrupt the election results. The existence of these risks is why the National Cybersecurity Center is working hard to develop standards across the electronic ballot return voting industry for internal and external security.
The federal Voluntary Voting System Guidelines do not offer specific guidance on electronic ballot return, as they solely pertain to voting systems that take place within a polling place or vote center. The National Cybersecurity Center is working with several organizations to develop standards to ensure that electronic ballot return voting is as secure as possible, and reflects the similar standards applied to BMDs and DREs.
Security audit logs offer insight into how organizations monitor access to the cloud, as well as how they might mitigate attacks. Cloud access logs should look similar to how election offices monitor the security and access levels to various rooms in the physical movement of ballots. For example, there should be a manifest of who is allowed access, a log of who has accessed the ‘room’ and when, a chain of custody for the ballots, etc. The election office and independent, third party auditors review the security logs for any discrepancies or security issues.