New Jersey Residents Displaced By Storm Can Vote By Email
First time accepted submitter danbuter writes "In probably the most poorly thought-out reaction to allowing people displaced by Hurricane Sandy in New Jersey [to take part in the 2012 presidential election], residents will be allowed to vote by email. Of course, this will be completely secure and work perfectly!" Writes user Beryllium Sphere: "There's no mention of any protocol that might possibly make this acceptable. Perhaps the worst thing that could happen would be if it appears to work OK and gains acceptance." I know someone they should consult first.
I didn't know New Jersey had over 5 billion residents.
Or atleast that's my estimate of the amount of votes they'll be recieving.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
..as they ask for a "waiver of secrecy": they actually *realize* that the e-mail voting will need the removal of one of they key things in a democratic election: the secrecy of voting. Now an actual record of the vote is transmitted in the clear (when using e-mail) and if anyone coerced said voter they will have undisputable proof what that person voted. I gues the OSCE will write this down in their report...
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
All voters in Oregon vote by mail. Each ballot is submitted with a signature on the outside envelope. That signature is matched against the voting rolls before the ballot is counted. The ballot is in a secrecy envelope so the person opening it during the counting process doesn't know whose vote it is.
There are several problems with the process described here that make it different. The first is that an electronic signature can be a scanned copy obtained from a different document. The second, raised elsewhere, is that the ballot is not secret. The third is that someone could electronically modify the ballot during and stage of the process. This seems to be relying on a form of "security by obscurity". For a small number of ballots that is probably sufficient. But if you get a large number of ballots it will be an inviting target for someone trying to alter the outcome of the election.
If the USA was a true democracy, it would defer the vote until after the clean-up,
"For the duration of the crisis?" Who gets to decide when it's over, the Senate or Caesar?
Democracy cannot be considered a luxury that one can "put off" when times are bad. Rather, the government needs to double down and make sure polling places and post offices are secure and accessible, no less so than food, water and shelter.
The reporter is obviously confused about the meaning of 'freedom'. The real problems with online voting have less to do with the technology and more to do with the integrity of the process.
Even if an online system worked perfectly, how do you know that when Joe cast his vote that Frank wasn't standing behind him with a gun in one hand and $100 in the other? You don't.
Now, that's a problem with absentee ballots as well, you might say, and you would be right. But the effective difference is the difficulty of scaling fraud up in the physical world as opposed to scaling up fraud in an online world. I might be a rich gangster and hire 10 thugs to influence 10 votes. But as a crooked employer, I could monitor the voting of thousands of employees, and I'd know exactly who is on the short list to be promoted.
Preventing coercion requires the act of moving a voter into a secluded voting booth, with a truly secret ballot.
John
Let me play devil's advocate here. While we all know that email is insecure, as a practical matter the security holes in this are roughly equal to vote-by-mail. Not that that's a good thing, but this doesn't introduce many new problems. The NJ elections directive recognizes this, and treats displaced voters as "overseas" for the purpose of election rules.
Summary of the procedure:
* Your voter registration is already on fiile.
* You email a request for your ballot
* The elections agency marks your ballot number in the registry, sends you a ballot with a unique ID, along with a waiver of secrecy.
* You fill out the ballot and the waiver, and send them back.
Can we spam the election with billions of votes? No. Well, you can send the emails, but they won't have the right ID numbers so they won't be counted.
Can we hijack individuals' votes by voting for them, or by changing their vote via a man-in-the-middle attack? Yes, but you can do this by paper mail too, and it's a one-vote-at-a-time thing.
Do we lose the secrecy of the ballot booth? Yes, but that's lost in vote-by-mail too, and voters choose whether they'd rather submit a non-secret ballot, or trudge through miles of floodwaters to cast their vote in person.
The practical question you've got to ask yourself is not "could someone be disenfranchised by this?" but "will more people be disenfranchised by doing this than by *not* doing it?"
In short, adding "e-" to a technology doesn't miraculously make it evil or cool. And in this case, the security holes are roughly equal to a system already in common use. As a mandatory universal voting system, email voting would be an abhorrent violation of civil rights. As a short-term, *optional* response to a major emergency, it's worth considering.