Note: This post was first written/published in 2013.
There are two things in life I’m very passionate about: politics and the Internet. Over the past 6 years (now the past 11 years), my life has involved both at various levels and the two always seem to be married to each other. So that’s why the other day when I had to opportunity to engage on Twitter and discuss a subject that ties them together, I did just that — engaged.
A few weeks ago, I noticed a statement on Twitter about online voting, so I tweeted at the person and said it’s a bad idea. They didn’t reply, so I just filed the tweet as a subject that wasn’t up for discussion. Yesterday, I had the opportunity to bring up online voting again during another conversation on Twitter. I asked why they felt online voting was a good idea. The answer I got was basically: “I support it because it will make it easier for people to vote.” So I articulated why I felt it was a dangerous. The engagement halted after a few tweets, but was continued on by others who also have the same viewpoint as me: online voting is a bad idea.
A bad idea you say? Isn’t that strange coming from a web developer? Why wouldn’t I want to encourage people to use technology to vote online? It’s very simple: 1. Denial of service attacks; 2. No system is unhackable; and 3. The lack of proper voter identification.
Denial of Service Attacks
The first reason is due to Distributed Denial of Service Attacks, also known as DDoS attack. A DDoS attack is an attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. By doing this it basically cripples the website and doesn’t allow others to connect and interact with the website. Without access to the website in the case of online voting — people can’t vote. If people can’t vote, that’s a big problem. It means whomever is the winner of the election may not have actually won.
A recent DDoS Attack to come to mind is the NDP Leadership race in early 2013 where an online voting system was set up for ten of thousands of party members to elect their new leader. The company contracted to provide the service reported that it was an attack that came from “more than 10,000 “malevolent” IP addresses behind the “hundreds of thousands of false voting requests to the system.” The company claims that the system was not penetrated (meaning the data was not tampered with in the system), but it did slow down the voting process causing balloting for the leadership contest to be pushed back. With a set election date, for most general elections moving back a date is just not feasible and quite possibly not legal.
Nothing Is Unhackable
Another reason I believe that online voting is just not smart: nothing is unhackable. I don’t care how good of a web development team you have, there’s always a team that will one up you. It’s pretty simple to see by the recent events of major websites being maliciously hacked by various groups like Anonymous and the Syrian Digital Army. There are a tonne of brilliant minds working on the internet — good and bad. With malicious hackers out there, it’s quite easy to understand that although the website may be built to be solid and secure, some hackers may still be able to penetrate the website. With online voting, if someone accesses the system, they gain full control of the election process and could potentially control the outcome of an election by manipulating the data.
In 2010, a group of students from the University of Michigan hacked into the online voting system for the city of Washington, D.C trying to prove a point that online voting was a terrible idea. The group accessed the site through its vulnerabilities and was able to take near full control due to a coding error. Once inside the system, the team of students noted “plenty of sloppiness, including unencrypted ballots left in a temporary directory and a publicly-accessible images directory”. The risk of a hacked system isn’t just a chance for politicians and their party to one up each other, but it’s also a breach of our privacy after casting our ballot. With this type of control taken by malicious hackers and the frequency of these cyber attacks on e-voting system increases, we lose complete control of the democratic process, defeating our right to have a fair election and voting for the candidate/party of our choice.
Lack Of Verification
Lastly, how do we ensure the people that are voting online are actually who they claim to be online. I understand that there are registration systems in place and that special pins can be mailed out to voters, but there’s no verification process. How do we ensure that the person who is sitting in front of the computer casting their online balloting is actually John Smith and not Sally Jones. Who’s to say Sally Jones couldn’t get her hands on John’s voter information and now is casting a fraudulent ballot? If the system is penetrated how do we know if a voter in the system is actually the legally registered voter? There is no way, other than verifying ballots cast with some type of follow up — which is just not feasible with thousands, and in some cases millions of voters. The only way to truly way to ensure that the voter is who they claim to be is with a piece of valid photo ID and a matching voter’s card. Although some would still argue that fraudulent voting could still occur, this method is by far the most controlled. It may be old school and not as efficient as we are used to in a technology-based society, but I believe that it’s the only way to ensure that the voting process is completely democratic.
Although people may disagree with my views and say that there are web developers and programmers that can pull off a solid and secure product for online voting, I will strongly argue that there are too many risks involved with casting an ballot online — and there’s always a better team of developers ready to one up the efforts of your team to accomplish their mission. Others will say that it will make it easier and encourage voters to cast that ballot by having an online voting system. My response? Politicians should engage more with citizens, include them in the policy making process and inspire them. Then you’ll see them at the polls.
If you truly want real democracy, online voting is bad idea!