Task Force Casts Vote Against Online Elections

Although millions of dollars of business is moving to the Internet, the

idea of allowing people to vote online from their home or office computer

remains a distant prospect, according to a California task force report.

Despite initial optimism, the California Internet Voting Task Force,

convened by California Secretary of State Bill Jones, concluded that online

voting comes with too much risk of computer viruses, vote tampering and

other electronic attacks.

New technology may emerge in coming years to address these problems,

but existing security solutions simply do not appear to be viable to support

widespread online voting, the task force found.

"In doing the study, we were a little disappointed to find that we cannot

go out there today and allow people to vote from the comforts of their home,"

said Alfie Charles, assistant secretary of electronic government, who chaired

the task force.

In part, the task force's optimism came from watching the momentum of

electronic commerce. At first glance, e-commerce doesn't appear all that

different from online voting, but there is one critical difference, Charles

said.

In traditional e-commerce, both parties in a financial transaction know

what outcome to expect and can verify its occurrence. For example, a person

receiving a book from an online order will know if there has been a mistake

and can fix it.

But voting, having no such safety net, requires a great deal of trust.

"You have one chance, and it has to be absolutely correct," Charles said.

The study found that voting online might leave users vulnerable to computer

viruses and other attacks on their home computers. Attacks could leave end

users unable to vote or even make it possible for a hacker to alter their

votes.

Any process for confirming that a computer is "clean" would put so much

of a burden on the end user it simply would not be not viable, the task

force concluded.

Also, at this point, there does not appear to be a feasible way to know

the identity of the person casting a vote. Some emerging security schemes

use digital signatures, but a signature only verifies the computer being

used, not the person using the computer.

Technically, it may be possible to create a digital identification that

combines digital signatures with something like a fingerprint scan to verify

the identity of a voter. But again, the burden of buying and installing

such a solution would fall on the voter.

The lack of viable solutions leaves Internet voting in limbo, Charles

said. "If you can't prevent fraud, then it isn't worth moving beyond that,"

Charles said.

Jim Adler, a task force member and president and chief executive officer

of VoteHere.net, which develops online voting solutions, agreed that it

would take time to make home voting feasible. The paramount importance of

fraud-free voting requires "an appropriate level of responsible change,"

Adler said.

But, he added, "Internet voting will happen. It is not necessarily going

to happen on "Internet time,' but it is going to happen."

One alternative, short of voting online at home, is to set up Internet

voting stations where voters can go to cast their ballots. This solution

would make it possible to enable voters to cast their votes even if they

are not inside their voting district. California is in the process of certifying

such a solution for use in the state.

Internet voting proponents often sell this idea short, Adler said. With

traditional voting systems, voters have only one place to vote, while an

Internet voting system can deliver a ballot to any location.

In Adler's case, for example, Internet voting would give him 700 sites

from which to choose. That would be a boon for many commuters, who normally

leave in the morning before the polls open and get home after they close.