Online Voting Is A Bad Idea

There are two things in life I’m very passionate about: politics and the Internet. Over the past 6 years, my life has involved both at various levels and the two always seem to be married to each other. So that’s why the other day when I had to opportunity to engage on Twitter and discuss a subject that ties them together, I did just that – engaged.

A few weeks ago, I noticed a statement on Twitter about online voting, so I tweeted at the person and said it’s bad idea. They didn’t reply, so I just filed the tweet as a subject that wasn’t up for discussion. Yesterday, I had the opportunity to bring up online voting again during another conversation on Twitter. I asked why they felt online voting was a good idea. The answer I got was basically: “I support it because it will make it easier for people to vote.” So I articulated why I felt it was a dangerous. The engagement halted after a few tweets, but was continued on by others who also have the same viewpoint as me: online voting is a bad idea.

A bad idea you say? Isn’t that strange coming from a web developer? Why wouldn’t I want to encourage people to use technology to vote online? It’s very simple: 1. Denial of service attacks; 2. No system is unhackable; and 3. The lack of proper voter identification.

Denial of Service Attacks

The first reason is due to Distributed Denial of Service Attacks, also known as DDoS attack. A DDoS attack is an attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. By doing this it basically cripples the website and doesn’t allow others to connect and interact with the website. Without access to the website in the case of online voting – people can’t vote. If people can’t vote, that’s a big problem. It means whomever is the winner of the election may not have actually won.

A recent DDoS Attack to come to mind is the NDP Leadership race in early 2013 where an online voting system was set up for ten of thousands of party members to elect their new leader. The company contracted to provide the service reported that it was an attack that came from “more than 10,000 “malevolent” IP addresses behind the “hundreds of thousands of false voting requests to the system.” The company claims that the system was not penetrated (meaning the data was not tampered with in the system), but it did slow down the voting process causing balloting for the leadership contest to be pushed back. With a set election date, for most general elections moving back a date is just not feasible and quite possibly not legal.

Nothing Is Unhackable

Another reason I believe that online voting is just not smart: nothing is unhackable. I don’t care how good of a web development team you have, there’s always a team that will one up you. It’s pretty simple to see by the recent events of major websites being maliciously hacked by various groups like Anonymous and the Syrian Digital Army. There are a tonne of brilliant minds working on the internet – good and bad. With malicious hackers out there, it’s quite easy to understand that although the website may be built to be solid and secure, some hackers may still be able to penetrate the website. With online voting, if someone accesses the system, they gain full control of the election process and could potentially control the outcome of an election by manipulating the data.

In 2010, a group of students from the University of Michigan hacked into the online voting system for the city of Washington, D.C trying to prove a point that online voting was a terrible idea. The group accessed the site through its vulnerabilities and was able to take near full control due to a coding error. Once inside the system, the team of students noted “plenty of sloppiness, including unencrypted ballots left in a temporary directory and a publicly-accessible images directory”. The risk of a hacked system isn’t just a chance for politicians and their party to one up each other, but it’s also a breach of our privacy after casting our ballot. With this type of control taken by malicious hackers and the frequency of these cyber attacks on e-voting system increases, we lose complete control of the democratic process, defeating our right to have a fair election and voting for the candidate/party of our choice.

Lack Of Verification

Lastly, how do we ensure the people that are voting online are actually who they claim to be online. I understand that there are registration systems in place and that special pins can be mailed out to voters, but there’s no verification process. How do we ensure that the person who is sitting in front of the computer casting their online balloting is actually John Smith and not Sally Jones. Who’s to say Sally Jones couldn’t get her hands on John’s voter information and now is casting a fraudulent ballot? If the system is penetrated how do we know if a voter in the system is actually the legally registered voter? There is no way, other than verifying ballots cast with some type of follow up – which is just not feasible with thousands, and in some cases millions of voters. The only way to truly way to ensure that the voter is who they claim to be is with a piece of valid photo ID and a matching voter’s card. Although some would still argue that fraudulent voting could still occur, this method is by far the most controlled. It may be old school and not as efficient as we are used to in a technology-based society, but I believe that it’s the only way to ensure that the voting process is completely democratic.

Although people may disagree with my views and say that there are web developers and programmers that can pull off a solid and secure product for online voting, I will strongly argue that there are too many risks involved with casting an ballot online – and there’s always a better team of developers ready to one up the efforts of your team to accomplish their mission. Others will say that it will make it easier and encourage voters to cast that ballot by having an online voting system. My response? Politicians should engage more with citizens, include them in the policy making process and inspire them. Then you’ll see them at the polls.

If you truly want real democracy, online voting is bad idea!

  • Paul O

    The technology failures are only part of the problem with online voting, as I see it: more important to me are the social failures inherent in any online voting model proposed to date. In particular, the fact that by failing to ensure a secret ballot voters are open to intimidation and ballot stealing.

    We already have too many instances of individuals attempting to tell their spouse how to cast their ballot while under the watchful eye of elections officials. By using online voting, not only will voters lose their ballot to their spouse, but also to their union boss or “friend” down the street, who just wants to “help” the voter cast their ballot and comes over to the house to “watch” them vote. Intimidation can be subtle, but if someone is watching to ensure you cast your ballot “correctly” you may not feel it’s “worth it” to fight.

    This isn’t to say that the technical flaws are trivial: as said above, it is impossible to protect against “virus” software stealing your ballot from you, without anyone knowing it has done so. Such problems could arise in two distinct manners: first, by actually changing the result of the election, altering votes. Second, by undermining any confidence in the result of the election: even if no virus were detected, when an election result varies greatly from what “pundits predict” (as happened recently in British Columbia), how does anyone accept the result of an election that has ZERO means to verify that the ballots that were counted were the same as the ballots that were cast? That is to say, if the recent election in BC were conducted online, who would believe that the voters actually elected a Liberal Majority government, when the pundits predicted a easy win for the NDP?

    Whenever you see people “advocating” in favour of online elections, you should ask yourself who stands to benefit: it certainly isn’t the voter, or “democracy”.

    • http://www.grassrootsonline.ca/ Brett Bell

      Thanks for the response, Paul. You raise an interesting point: without the protected space of the ballot box, votes are definitely subject to outside influence (who can know who is looking over their shoulder when casting a ballot at home?). It might seem strange, but even in Canada intimidation/suppression is known to happen.

      Which leads you to your second point, which is when the environment (around the online voter) can’t be verified or regulated, it is difficult if not impossible to truly verify who actually voted.