• top stories
  • read
  • newsarchive
  • by deepjournal
6 February 2004
This article is part of the series E-voting.
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 |
Governments enthusiastic nevertheless
Researchers: Internet voting still too prone to fraud

By Daan de Wit
The Dutch in the original article has been translated into English by Marienella Meulensteen.

The best thieves are modest.
Stealing a little bit at a time does not look conspicuous. They usually get caught when they become too greedy. In Florida in 2000 they became too greedy. We discussed this in previous parts of our series about the election theft by George W. Bush. In this part (and in the previous and in the following parts), we have indications that in the American elections fraud is systematic, and that space is being created for fraud.

In this article series we have focused primarily on tampering with electronic voting systems. But it's always possible for things to become even more vulnerable to fraud: introducing voting via the Internet.

Researcher on Internet voting: 'It does not work'

MSCBC writes in October 2002: 'Would Internet voting add to the potential confusion and fraud? Rebecca Mercuri, a computer science professor at Bryn Mawr College and founder of Notable Software, is certain it would. "We're taking an inherently insecure medium, the Internet, and layering security on top of it," she said. "It doesn't work."' One of the researchers who disapproves of an experiment by the Pentagon for Internet voting (see below) had a say in the matter in an article* in the New York Times: '"E-commerce grade security is not good enough for elections," they wrote. The dual requirements of authentication and anonymity make voting very different from most online purchases, they wrote, and failures and fraud are covered by Internet merchants and credit card companies. "How do we recover if an election is compromised?" they wrote. [...] Although some of the possible attacks may sound farfetched or arcane, the security experts said that each of them had already been seen in some form out on the Internet. [...] Secure Internet voting, the panel concluded, is an "essentially impossible task."' Bad news for VoteHere, that promotes itself as 'the secure Internet voting company'. At the end of last year, VoteHere said that their computers had been hacked.
The researchers are not the first ones to be so strict about voting via Internet: 'A report in 2001 by the Internet Policy Institute, financed by the National Science Foundation, concluded that "remote Internet voting systems pose significant risk to the integrity of the voting process and should not be fielded for use in public elections until substantial technical and social science issues are addressed."' The researchers say that it has not progressed that far yet.

Internet is far from safe medium
In The Netherlands we like to do all sorts of things online, like file a report with the police: 'The police Rotterdam-Rijnmond has already received more than 10,000 reports by telephone or Internet. Reports by telephone or by digital means in this region has been possible since July 1', writes Nu.nl. Fortunately, this news is from December 2002, because back in 1998 the Telegraaf wrote: 'Police department website still as leaky as a basket'. The media continues to publish reports on a daily basis about the umpteenth dangerous leak that again has been plugged, and rewards are paid t o the person who can finger the creator of the latest virus. RealPlayer unsafe, anti-virus company Symantec plugs leak, anti-spyware contains spyware, website of secret service Mossad hacked, there are key loggers (and anti key loggers) which, without your knowledge, pass on every key you hit to someone else. In October 2003 the NRC writes (log-in with: daanspeak) about an online break-in when millions of credit card numbers were stolen, and we can go on and on like this. The questionable safety reputation of the Internet does not escape the public: 'In 2001 Emerce writes: 'Sending information via the Internet to the government is still seen as unsafe by most Dutch Internet users, according to [PDF] NIPO Interactive. Seven out of ten Dutchmen consider it unsafe to pass on personal information like credit card numbers or gross annual income via internet'. Even so, governments are enthusiastic about voting via Internet.

Voting via Internet is 'fundamentally wrong'
In an article with the headline 'Brussels promotes online voting' the Telegraaf writes early 2001: 'EINDHOVEN - The Technical University of Eindhoven is the only Dutch institution involved with the European project CyberVote to enable voting via Internet. The T.U. receives a half million guilders from the European Commission'.  On a web page of the T.U. Delft, co-worker  Peter Knoppers writes an article with the headline: 'Voting machines? Don't do it!'. He writes: 'In this document I attempt to clarify why the use of (computer-based) voting machines, which is becoming more and more customary in The Netherlands, is an undesirable development'. In his document Knoppers writes: 'Voting via Internet, by email, or by telephone?
This is totally and fundamentally wrong. It will be impossible
* to prove that the voter is casting his own vote (is not using someone else's electronic voter registration card).
* to guarantee to the voter that his vote will be counted correctly.
* to prevent the voter from proving to others who he has voted for. If voters can prove whom they have voted for, they can also easily sell their vote.

The number of ways that votes can be tampered with increases with each computer that is put between the voters and the place where the votes are counted. An average Internet connection runs via dozens of computers...'. Knoppers on the involvement of the T.U. Eindhoven in the CyberVote project: 'I have asked Dr. Schoenmakers, the Dutch contact person on this project by email if they expect to develop a system that is understandable and verifiable for laymen. I have not received an answer yet. In a report [...] in the Eindhovens Dagblad [... it is] admitted that the system will not be watertight'.

Essential questions about voting via Internet still 'unsolved'
Knoppers adds a number of interesting links to his document. One of them leads to an article in the NRC newspaper of March 2001 with the unambiguous title 'Voting via Internet is nonsense'; the authors 'Jörgen Svensson and Kees Aarts are connected with the faculty of management science of the University of Twente'. They ask a large number of as of yet unanswered questions: 'Many technical problems of voting via Internet remain unsolved. One of them is the encryption: how do you adapt votes so that they can be counted but are not traceable to the individual voter. But there is more. [...]'. Minister Remkes will agree with this, despite the fact that 'he would very much like to see that in the future everyone can vote 'location independent', so that one can vote by mail, telephone and Internet. He struggels with too many uncertainties to make any promises', according to Spits. Even so, his Ministry likes head towards the future in a fast pace. On the government website You will come too, won't you? it reads: 'During the elections of the European Parliament it may be possible to vote via the Internet or by telephone'. This sentence links to a demonstration about online voting: 'The responsibility for this site rests with the Ministry of the Interior and National Relations'. The voter can get a demonstration here of something that still is totally debatable, and according to the minister who is responsible for the site, still rife with 'too many uncertainties'.

Pentagon stops own experiment for voting via Internet
Despite the fact that the American voting process is a system to divide-and-conquer that serves only those who have rallied behind the facades of the Democratic and Republican parties, even they worry about this process: '"We do not want to undermine confidence in our system of voting by discovering some real or imagined fraud in the November balloting," wrote the leaders of Republicans Abroad and Democrats Abroad', as can be read in an article by the Washington Post. They sent their letter to the Secretary of Defense Donald Rumsfeld to express their concern about the doubtful technique behind an experiment of 'The Pentagon's Federal Voting Assistance Program'. In the previous edition of this DaanSpeak series on voter fraud we already told about the keen interest of the American secret services in the voting process; now it appears that the Pentagon its elf became a player in the election process. With the help of $22 million, the Federal Voting Assistance Program of the Pentagon sponsors an experiment named SERVE on voting via the Internet and is focused on between 100,000 to 1 million of the approximately seven million Americans residing outside of the U.S.. A part of the investigative committee that was appointed to assess the results of the experiment says it should be halted.
It is clear that the Pentagon values democracy when you look at the fact that it has already done a similar experiment: 'Only 84 people voted in the Pentagon's $6.2 million trial - which worked out to about $74,000 a vote', writes MSNBC. The concerned letter writers tell Rumsfeld that they would prefer a system that leaves a 'paper trail'. 'In the past two months, California and Nevada state officials said they would put such requirements into effect by mid 2006', writes MSNBC in December 2003 about future elections that won't have anything to do with the Pentagon experiment.
Despite the Pentagon saying earlier that it was committed to continuing the project, it announced yesterday that it was abandoning the experiment. This is remarkable because so much was hinging on this for the Pentagon and because other internet voting projects had been awaiting the results of this experiment: 'Doug Lewis, Executive Director of the Houston based Election Center Research Group, said the Pentagon decision will likely set back Internet voting. Many states had been awaiting the results of the trial before committing to widespread online voting.' When even the Pentagon - an important part of the American Establishment - must bow to criticism in spite of its overwhelming interest in such a non-transparent voting procedure, should we in The Ne therlands continue with initiatives in this direction?

Sign up for the free mailing list.