Secure The Vote
Secure the Vote seeks to increase voter confidence in the accuracy and security of elections, and to generate greater awareness of possible solutions to critical gaps in the voting infrastructure. Secure the Vote supports jurisdictions’ efforts to offer a secure mobile voting option through leading-edge security and audit services. Additionally, we work to dismantle disinformation campaigns through civic engagement tools that enhance secure, citizen participation. Finally, Secure the Vote supports expanding cybersecurity resources to election officials. We are committed to the belief that if we secure the vote, we secure the world.
The security of elections is fundamental to the integrity of our institutions. One key area of insecurity is the transmission of ballots for overseas voters via email or fax. In order to address that challenge, more vendors are developing technologies to improve the efficiency of voting remotely, as well as the security. Therefore, as interest in mobile voting is likely to continue to increase, Secure the Vote believes there must be best practices and audit standards in the digital voting space. It is critical to develop a standardized security assessment of the vendors developing the technologies, as well as assisting election officials in understanding and mitigating security risks.
FAQ’s On Mobile Voting
Mobile voting is the ability to vote in an election using a personal computer, tablet or smartphone. Mobile voting is not to be confused with ‘internet’ voting. Mobile voting is more akin to the process of remote ballot marking, defined by the Election Assistance Commission’s Voluntary Voting System Guidelines as a system for voters to mark their ballots outside of a voting center or polling place. Voters mark an electronic ballot; the choices of the ballot are stored; the respective election office then prints the electronic ballot, scans and tabulates the choices on that ballot.
Mobile voting can provide increased accessibility for voting populations that may experience greater barriers to voting. Populations that are currently served by mobile voting pilots are overseas voters and voters experiencing a disability.
The Federal Voters Assistance Program (FVAP) released a report on voting rates and barriers to overseas voters, identifying that only 6.9 percent of overseas voters participated in the 2016 General Election. The voting participation rate compared to 72 percent of eligible domestic voters. The significant discrepancy can be attributed to a variety of challenges including the connectedness to the election and home community, and the ease of access to the international mail system. 1
An additional challenge for overseas voters is the general insecurity of email and fax in returning a ballot. Security will only increase for those voters when technology advances to ensure that they are afforded the same level of secure access that domestic voters enjoy.
Disabled voters can also face privacy and security challenges when voting in person – or even at home, depending on the disability. 2 Empowering disabled voters to make their voice heard through private, secure means will also address one of the most significant, ongoing accessibility challenges in elections.
Small and large jurisdictions are increasingly interested in conducting pilots for overseas voters, and possibly even small portions of domestic populations. In order for jurisdictions to participate in mobile voting pilots, jurisdictions must first ensure that state voting laws allow for the transmission of electronic ballots. Some states still do not allow that option. 3
Jurisdictions then work to identify a vendor that meets their interest and needs. Organizations exist to assist jurisdictions in vetting vendors. Some of these organizations include Tusk Philanthropies, the National Cybersecurity Center, and Trail of Bits and Shift State (both organizations run security reviews). Universities are becoming increasingly interested in supporting reviews and analyses of the technologies as well.
Traditionally, the mobile voting option has been limited to overseas voters, and to a limited degree some voters experiencing a disability. However, in February 2020, King County Conservation District held the first domestic mobile voting election for the King County Conservation District Board. Voter turnout doubled in the election from the previous election, demonstrating that it may indeed be a viable option for more domestic voters.
Private cybersecurity firms such as Trail of Bits and Shift State have conducted security analyses of the main vendors being used – including Democracy Live, Scytl, and Voatz. Universities are researching the methods as well; for example, MIT published a report regarding security issues and mobile voting. The Department of Homeland Security has also reviewed different applications, offering security feedback.
The National Cybersecurity Center is working to develop a set of guidelines and standards to inform the security standards for mobile voting.
No voting system is inherently perfect, and there are risks involved with every option. Paper ballots have seen hanging chad debacles, ballots stored in trunks, and ballots not picked up in mail in ballot drop off locations. Email and fax as ballot return methods are inherently insecure, and easily compromised. Voting in person may be a more secure method as well, but it can lead to disenfranchisement of voters which undermines the overall integrity of free and fair elections.
Mobile voting, too, has its risks – there are concerns that nefarious state actors or individuals could try to hack the voting system; employees of the vendors may seek to disrupt the election results. The existence of these risks is why the National Cybersecurity Center is working hard to develop standards across the mobile voting industry for internal and external security.
Like ballot marking devices, the paper trail begins when the election office prints off the digitally marked ballot. Like ballots submitted via paper, the election office scans the now paper ballot and tabulates the results.
While a paper trail is important, it is perhaps as important or more so to be able to prove that the ballot that the voter voted reflects the same choices as the ballot that is then printed, scanned, and counted by the election office. One vendor uses a distributed hyper ledger blockchain to help voters, and open source auditors, confirm that the ballot receipt that a voter receives when they vote is the same as the electronic ballot image that is downloaded and printed by the election office. That level of transparency must be coupled with sophisticated levels of internal and external security, but when it is, it is a level of transparency and confidence in the accuracy of a vote that rivals a paper trail.
The federal Voluntary Voting System Guidelines do not offer specific guidance on mobile voting, as they solely pertain to voting systems that take place within a polling place or vote center. The National Cybersecurity Center is working with several organizations to develop standards in order to ensure that mobile voting is as secure as possible.
Security audit logs offer insight into how organizations monitor access to the cloud, as well as how they might mitigate attacks. Cloud access logs should look similar to how election offices monitor the security and access levels to various rooms in the physical movement of ballots. For example, there should be a manifest of who is allowed access, a log of who has accessed the ‘room’ and when, a chain of custody for the ballots, etc. The election office and independent, third party auditors review the security logs for any discrepancies or security issues.