Does United States have no technology to allow Internet voting in a secure way?

Question

In 2011, nearly a quarter (24.3%) of participating voters in Estonia cast their ballot by remote electronic voting (that is, on their computer/phone/tablet via the Internet).

Several larger countries, including the United Kingdom (63M), France (65M), and the United States (312M) have experimented with the idea of Internet voting, but most applications are experimental or limited in scope.

According to the Caltech/MIT voting technology project, Estonia’s success is in part due to:

• Widespread Internet penetration

• A legal structure that addresses Internet voting issues

• An identification system that allows for digital authentication of the voter

• A political culture supportive of Internet voting

But, referring to United States problems, Ron Rivest, a computer scientist and cryptography expert at MIT, claimed:

We don't have the technology yet to do this in a secure way, and we may not for a decade or more.

What are the facts?

Answer 1

The cited Caltech/MIT paper explains at least one impediment to Internet voting in the USA:

A third lesson regards voter authentication, which is the subject of debate in many nations, including the United States. In Estonia, the introduction and dissemination of their digital national identification card has opened the door for many uses of that identification, uses that pre-date the implementation of Internet voting in Estonia. In other words, having a strong form of online voter authentication may be a critical step for implementation of secure Internet voting that has the trust of voters and other stakeholders in a particular nation’s election process.
But it is unlikely that a strong form of voter authentication like that used in Estonia will be developed only for Internet voting; rather, it is likely that governments will develop and implement these forms of strong digital identification to enable citizens to interact with government in other ways: paying fines, fees and taxes; checking out library books; or researching property transactions.

It is a reasonable for Rivest to give a loose estimate of at least a decade for a robust national identification scheme to be introduced into the United States, especially given the political pushback it is likely to cause (for example: Australia Card was a similar proposal.)

I do not believe this is the only limitation against secure Internet voting, but it suffices for this answer.

(Rivest includes other reasons in, for example, his slides Thoughts On Appropriate Technologies for Voting, including that Internet voting isn't trust-worthy enough to convince losers they really lost, they can't guarantee secret ballots, they can't prove a chain of custody, real software is likely to contain security flaws, they are at risk of insider attacks, etc.)

Answer 2

Evidence:

1. Experts warn against the usage of internet voting in USA unless the vote data is transmitted in a safe, secure and verifiable process over the internet.

In 2008, 32 respected computer scientists from universities across the country, including Stanford University, Princeton University, John Hopkins University, Carnegie Mellon University, Indiana University, Rice University, Purdue University, and the University of Texas at Austin, issued a statement about the vulnerabilities of Internet voting, listing the technical challenges to implementing a safe and secure system. These scientists warned that there are “serious, potentially insurmountable, technical challenges” to transmitting votes over the Internet in a secure and verifiable manner. They recommended that Internet voting not be adopted until and unless “these technical challenges have been overcome.” Source: The Dangers of Internet Voting

2. Regarding Estonia's internet voting system’s vulnerabilities, experts have warned that there were major security risks and recommended its immediate termination.

Their research showed that the system’s numerous security lapses created an “attractive target for state-level attackers, such as Russia.” These attackers, as well as dishonest election officials, “could change votes, compromise a secret ballot, disrupt voting, or cast doubt on the legitimacy of the election process.” The system had such “serious procedural and architectural weaknesses” that “attackers could undetectably alter the outcome of an election,” a shocking finding that the National Election Committee of Estonia refused to acknowledge. Unfortunately, Estonia continues to use this unsecure, dangerous Internet voting system. Source: The Dangers of Internet Voting

However, Estonia continues to use this unsecure system of Internet voting and vouches by it.

“In the past decade, our online balloting has stood up to numerous reviews and security tests. We believe that online balloting allows us to achieve a level of security greater than what is possible with paper ballots,” a statement from Estonian National Electoral Committee said. “The system has been used in six elections (municipal, national and European) without a single incident which has influenced the outcome. During the municipal elections of October 2013, 21.2% of voters used online balloting, 24.3% in 2011 Parliamentary elections. Online voting is particularly useful for the thousands of Estonians who live, work and travel across the world, enabling them to exercise their civic duty from any corner of the world. In the previous two elections, votes have been cast from 105 countries.” Source: No e-voting for Latvia any time soon

3. Countries such as Netherlands and U.K. who had previously experimented with Internet voting have subsequently dropped the option.

but Internet voting has been used in several other countries, including Estonia and Switzerland, neither of which protects against malware on voters' computers, and Norway in 2011. The Netherlands provided an Internet voting option in its 2006 parliamentary elections, but Internet voting was subsequently banned, largely because of work by a group called "We Don't Trust Voting Computers." The U.K. tried Internet voting on a pilot basis in 2007, but the U.K. Electoral Commission recommended against further e-voting pilot projects until a range of issues had been addressed. Source: Internet Voting in the U.S.

4. Currently many states in the USA allow certain voters to submit their absentee ballots electronically either through a web portal, fax or email.

While the idea of conducting elections entirely via the Internet is not something states are considering now or in the near future, many states are allowing certain voters to submit their absentee ballots electronically. Sending voted ballots electronically (via fax, email or web portal) is most often reserved for voters who fall under the federal Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA). UOCAVA voters often face unique challenges in obtaining and returning absentee ballots within state deadlines. Source:ELECTRONIC TRANSMISSION OF BALLOTS

TL;DR: Yes currently United States and several other developed democracies around the world do not have an end-to-end verifiable Internet voting system which is transparent, useable and secure. This is still a work in progress because there is no single existing system guaranteeing voter privacy or the correct election outcomes referring to a report called as 'The Future of Voting' commissioned by the U.S. Vote Foundation based on inputs from election officials in 10 US states, university computer science and e-voting researchers, cryptographers and technologists from IBM, Microsoft, the U.S. National Institute of Standards and Technology and other organizations.

Internet voting on a U.S. nationwide level will take longer, with issues such as large-scale security, cost and access to computers for low-income voters still needing to be resolved, he said. "To build and deploy a system used in federal elections in America that security professionals would trust? That's a longer time frame," he said. Source: Internet voting isn't ready yet, but it can be made more secure

Answer 3

The fundamental problem with internet voting is that it enables others to coerce voting decisions.

• Family members could pressure each other to vote a certain way. If your spouse is standing over your shoulder and you value domestic tranquility (not to mention, sex), you're unlikely to vote in a way that would meet with their disapproval.

• By the same token, adult children caring for senile parents could wheel them in front of a computer long enough to authenticate, then vote "the way mom or dad would have wanted" (wink, wink).

• Employers could... ahem... "encourage" employees to vote at work, and pressure them to do it with someone watching to make sure they vote the "right" way. Sure, it would unquestionably be illegal to punish an employee for not cooperating, but in the real world, it would be REALLY HARD to prove.

• Candidates themselves would never dare to do it, but I can easily see "soft money" supporters of a candidate paying people to go door to door in the poor part of town armed with laptops and $10 gift cards, offering a free card to anyone who agrees to vote for that candidate under the watchful eye of the person soliciting the vote. People might not agree to vote for a candidate whom they view as reprehensible, but most people could be fairly easily persuaded to vote for a candidate whom they don't care about either way to begin with.

• Going back to the "senile old people" example, just imagine well-funded supporters of a candidate or issue paying the staff at a nursing home to get their residents to vote a certain way. This would be industrial-scale vote fraud, and it would unquestionably happen.

Internet voting has other problems (many of which could be overcome through technology), but the sanctity of a secret ballot uncoerced by ANYONE is something that would be pretty much impossible to guarantee if voting were allowed in private residences behind closed doors.

Just to give an example: in Florida, it's totally legal to photograph ballots... but you aren't allowed to submit a photographed ballot. If you're observed photographing your ballot, you'll be politely told that you can take as many pictures as you like... but a ballot that's been photographed is officially "spoiled", and if you want your vote to count, you'll have to let them invalidate the photographed ballot and give you a fresh, unmarked ballot to use (and submit THAT one without taking pictures of it). It's a safeguard to prevent exactly that type of vote-buying.

Think about it for a minute... most college students won't vote for a presidential candidate whom they view as reprehensible... but if you offered them a $5 Amazon gift card in exchange for voting (under observation) for some candidate for the local water management district or school board whom they've never heard of and don't personally care about, you could probably swing enough votes in a single large dorm to buy victory for your candidate.