Voting through the tubes was a topic came up at the ITIF Future of Voting forum: is internet voting really how we see our future?

According to a Government Computer News article my position is that “the jury is out” on the fundamental acceptability of internet voting and I that go on to point that we should be doing our best to develop secure solutions because with respect to adoption in certain countries “it’s here.” I do not believe these were precise quotes of mine–perhaps taken out of a greater context. So allow me to disagree with “myself.”

Consider Estonia, the first country to offer internet voting. My grandmother–herself Estonian–fled to Canada during WWII to escape the Soviets. Fifty years passed. There were no elections. But when the iron curtain fell, she got to vote in the Estonian national elections–like many there–for the first time in her life. I still remember going with her to a church basement (in small-town Canada) to cast her vote. What would she think about internet voting if she were here today? To be honest, I think she would say, “Estonia’s voting, that’s what I care about.”

But think about it. They’re an internet savvy country, they have a national PKI, and (pursuant to the little history lesson) they have a relatively clean slate in terms of equipment, precedent and procedure (unlike the US). So it really seems they had all the ‘right stuff.’ I admit to even feeling a little 2nd-generation pride that they pulled it off.

But how far does this model extend with respect to other countries? Well, allow me stick to what I can legitimately editorialize on; my own country. The Canadian federal government has been moving toward internetizing services for several years now. I did my taxes yesterday (that is to say, my wife collected my T4’s from me) and we filed our return online. In ‘06 for the first time we were given the option to complete our census questions online. I actually (at the time) got into a protracted clash with the ministry responsible because they absolutely refused to tell me anything about the security of the software they wanted *ME* to use–but that’s another story all together.

But with respect to voting, we’re Austrlian ballot all the way. At least federally and provincially. And what’s more, there seems to be no desire to change. But could we do it? Yes, actually I think so. We have the underlying organizational infrastructure (though no national id smart-cards). The credential-issuing solution would be paper-based and could parallel the existing government e-services. (Except they would likely contract a 3rd party to write the software and then not allow voters to ask how their vote is secured.)

But I see two problems:

1. Voting ain’t like taxes or census. Your vote (individually) is not factual information that government is entitled to know.
2. The internet voting model doesn’t (or rather hasn’t yet) satisfactorily addressed the issue of vote-buying.

But as Paul DeGregorio pointed out to me, with mail-in voting you can show people how you vote, yet it is an acceptable method, so how is internet voting fundamentally different? I guess I don’t know. But if you spend as much time worrying about voter-privacy as I do, your reaction may be that mail-in voting should not be a valid option for the majority of the voting population.

In the 2006, Elections Canada announced that the mail-in option was made available to every voter. Yet in a different document they say “the security of the ballot is paramount, and the system makes it impossible to discover for whom a specific voter has voted … to ensure that no electors are intimidated or bribed into voting in a particular way.” That would seem to be a contradiction.

Is there not a tipping point where when enough voters use the mail-in option (or by extension the internet option) that the outcome of an election itself is malleable by intimidation or bribery?

I think it comes down to this: what is important? If ballot secrecy is important, then perhaps internet voting is not the correct avenue to pursue (unless you’re trying to include this in the design, which turns out to be pretty difficult–so far). If perhaps you think “well, privacy is dead anyway” then the convenience it offers is attractive. We really should set our priorities straight before we talk about internet voting system design.