The Pentagon's recent decision not to allow online voting in the upcoming US presidential election came as a blow to many e-voting proponents.
Pentagon officials halted plans to roll out the Defense Department's Secure Electronic Registration and Voting Experiment ( http://www.serveusa.gov) during the upcoming general election after four prominent security researchers issued a report ( http://www.servesecurityreport.org/) detailing the system's security vulnerabilities. Fifty counties in seven states and an additional 100,000 Americans living abroad, both military and civilian, planned to use the system.
"The [security] concerns raised in the report had nothing to do with Serve itself; they had to do with the nature of the Internet as well as issues with PCs themselves," says Meg McLaughlin, president of Accenture eDemocracy Services, the primary contractor in developing an e-voting solution for the Defense Department.
Avi Rubin, a computer scientist at Johns Hopkins University and one of the report's architects, acknowledges that he doesn't have a problem with the Serve technology as much as with its operating environment. Asked if he was in favor of further testing, Rubin said no. "I don't think it should be tested or considered any further until we have different kinds of PCs—ones that are less vulnerable and more secure."
Even with the Pentagon's decision and ongoing security concerns, the technological-capabilities testing will likely continue.
"Nothing has been decided yet," McLaughlin says, "but we're expecting to hear something very soon."
Glenn Flood, a Defense Department spokesperson, confirmed that the nature and scope of further testing are under discussion. "We hope to have a decision soon," he says.
If the Defense Department proceeds with testing, it has several options for evaluating e-voting modalities.
Mock pilot elections can establish the efficacy, not to mention security, of online ballot casting. Sample votes can be garnered from online voters from one or two test states, several states, or abroad.
Who would comprise the sampling of mock e-voters? "Ideally, they would be people who we could get to relatively easily," McLaughlin says. "But we can also test on site."
And, as with most other Internet applications with optimum security concerns, further trials might also incorporate "white hat" hacker tests, in which "friendly" hackers attack the system and provide feedback to its developers.
Pilot tests can also include using secure-access kiosks. This is a particularly attractive option for voters living outside the US, such as military personnel. McLaughlin estimates that 20 to 29 percent of would-be overseas voters are precluded from participating in elections, because their mail-in ballots are not received in time, not returned in time, or lost. With secure-access kiosks, test voters would report to a designated location and wait in line to cast their ballots electronically, similar to pulling the lever behind a curtain.
In accordance with The National Association of Election Directors, the e-voting and registration technology developed by Accenture is currently undergoing certification testing. Nased mandates that an independent testing authority certify any system used for voting. In this case, Ciber, a system integration consultancy, is handling certification, a process that began in early January. Ciber isn't commenting on Serve's certification testing at this point.
Michigan used online voting in its 2004 Democratic primary. More than 40,000 people cast their votes over the Internet, apparently without any problems. Some have taken this as evidence that Internet voting can be effective and secure.
Rubin remains skeptical. "There is no verifiability," he says. "There weren't any obvious problems, but we just don't know for sure."
Still, some e-voting advocates haven't given up hope that online ballot casting will be available this November. "I hope they'll reconsider," says Harris Miller, president of the Information Technology Association of America. "[The Pentagon has] reversed themselves once, they can reverse themselves again."
So, are ballot boxes in cyberspace destined to become a reality in US national elections?
"In the United Sates, Internet voting will become a regular feature of voting," predicts Miller, acknowledging that security remains an issue.
"If it happens too soon, we could end up really sorry," Rubin says.
The results of upcoming trials might be an indication of how quickly Miller's prediction comes to light.
Purchase or Digital Library members login