Skip Navigation
Analysis

Why Online Voting Isn’t the Answer to Running Elections During Covid-19

Companies touting internet voting as secure and reliable can’t back up their claims.

May 21, 2020

There has been grow­ing buzz around the poten­tial for inter­net voting as states struggle with prepar­ing to conduct safe and fair elec­tions during the Covid-19 pandemic. Compan­ies selling online voting systems prom­ise a “silver bullet” to deal with voting during the pandemic: a new tech­no­logy that will allow people to vote from their homes, a safe distance from others.

Unfor­tu­nately, there is no magical solu­tion for running elec­tions during a pandemic. Ensur­ing voters and elec­tion work­ers can be safe will require money, work, and time. States and local­it­ies need substan­tial resources to ensure they can handle more mail ballot­ing and keep polling places safe.

Indeed, given all the other changes elec­tion offi­cials and voters are facing this year, there could­n’t be a worse time to try to add a risky, unproven tech­no­logy like inter­net voting into our elec­tions, partic­u­larly when we know that hostile actors have not given up on disrupt­ing our demo­cracy.

Not during a crisis

Lead­ing experts in cyber­se­cur­ity, computer science, and elec­tion infra­struc­ture agree that current tech­no­logy cannot guar­an­tee secure and reli­able voting online. Many states, along with the Depart­ment of Defense for service members over­seas, have exper­i­mented with inter­net-based voting plat­forms only to have aban­doned them due to secur­ity vulner­ab­il­it­ies and balloon­ing imple­ment­a­tion costs.

On May 7, a group of scient­ists reit­er­ated these concerns in a letter to the Depart­ment of Home­land Secur­ity. The follow­ing day, DHS, the FBI, and the Elec­tion Assist­ance Commis­sion issued guid­ance to states warn­ing about the “signi­fic­ant secur­ity risk” of inter­net-based voting systems.

Many of the exist­ing pilot programs have only involved a very small number of voters. West Virgini­a’s program in 2018 tallied just 144 ballots, with the secret­ary of state extolling its success, and lead­ing the governor to permit elec­tion offi­cials to create an elec­tronic voting system for people with phys­ical disab­il­it­ies this year. Such limited results are insuf­fi­cient to justify large expan­sions.

Yet a spokes­man for the state of New Jersey said that a limited rollout of inter­net voting in its summer primary could be “essen­tially a pilot for if we need to use it more broadly in the future.” (After a lawsuit and oppos­i­tion from elec­tion integ­rity groups, the state dropped plans for inter­net voting this summer, but left open the possib­il­ity of using it this Novem­ber.)

During the best of times, imple­ment­ing funda­mental secur­ity prac­tices for elec­tion system tech­no­lo­gies contin­ues to be a chal­lenge. Amid a pandemic and pres­id­en­tial elec­tion is not the time to try out this unproven tech­no­logy.

Limited resources

When state and local budgets are so strained, fund­ing online voting pilot programs isn’t a good use of govern­ment fund­ing. The Bren­nan Center has recom­men­ded that Congress alloc­ate $4 billion to help state and local govern­ments imple­ment the neces­sary upgrades just to protect voters from both the coronavirus and cyber­at­tacks this year. That’s where all avail­able resources need to go.

And IT person­nel in these juris­dic­tions are already under pres­sure to main­tain exist­ing elec­tion systems. Rolling out and support­ing a brand new one would be an unne­ces­sary distrac­tion that would weaken the entire system over­all.

Hostile actors have not stopped threat­en­ing our elec­tions

It may be diffi­cult to remem­ber now, but a few months ago, one of the biggest threats to safe elec­tions was from hostile nations like Russia, which engaged in a wide­spread attack against our elec­tion infra­struc­ture in 2016. That threat hasn’t disap­peared merely because we’re in the middle of a pandemic.

Indeed, Federal intel­li­gence agen­cies continue to warn that “Russia, China, Iran, and other foreign mali­cious actors all will seek to inter­fere in the voting process.” As Sen. Richard Burr (R-NC), then chair­man of the Senate Intel­li­gence Commit­tee recently noted after the commit­tee put out its April 2020 assess­ment of Russian inter­fer­ence in Amer­ican elec­tions, “With the 2020 pres­id­en­tial elec­tion approach­ing, it’s more import­ant than ever that we remain vigil­ant against the threat of inter­fer­ence from hostile foreign actors.”

Online crim­in­als have also been busy exploit­ing vulner­ab­il­it­ies result­ing from the displace­ment caused by Covid-19, such as target­ing people work­ing from home. Hack­ing into an inter­net voting system to hold it for ransom or simply to sow chaos is a seri­ous danger.

The need for federal lead­er­ship

The short-term prob­lem of running an elec­tion during a pandemic and the longer-term prob­lem of ensur­ing states and local­it­ies do not embrace insec­ure inter­net voting schemes hawked by private vendors both require federal solu­tions.

Right now, states need billions of dollars to ensure voters and elec­tion work­ers can parti­cip­ate safely in the 2020 elec­tions. That includes everything from buying enough personal protect­ive equip­ment and sanit­izers at hundreds of thou­sands of polling places — for voters who choose to or must vote in person — to creat­ing the infra­struc­ture to securely and effi­ciently handle tens of millions of extra mail ballots.

In the longer term, the push for inter­net voting by vendors selling new systems to the public will continue. Strapped state and local elec­tion offi­cials should­n’t be left on their own to figure out whether a system is secure and reli­able.

It is possible that one day, we can develop such a system. But currently, there are no gener­ally accep­ted bench­marks to eval­u­ate the secur­ity of online voting pilots that juris­dic­tions occa­sion­ally try. When this year’s elec­tions are over, Congress should consider how key federal agen­cies, in part­ner­ship with the elec­tions community and tech­no­logy providers, can estab­lish a risk manage­ment frame­work specific­ally for online voting systems that would allow elec­tion offi­cials to rely on some­thing more than the prom­ises of private vendors look­ing to sell their product.

Until that happens, no one should be using such systems, espe­cially as a knee-jerk response to a pandemic.