Connect to share and comment

Barack Obama's re-election reverberates far beyond US borders — so much so that citizens of some distant nations, like Pakistan and Turkey, say they too should have been able to vote. To give them a voice, GlobalPost interviewed people around the world for their views on the United States and who they hoped would win the election.

Email voting hack 2012 10 18
A hacked video feed from surveillance cameras inside the Washington D.C. Board of Elections network operations center. A group comprised of University of Michigan computer scientists hacked the system at the board's invitation to probe its vulnerabilities before a planned election relying on e-mailed ballots. (J. Alex Halderman/Screengrab)

Digital democracy: the joys and perils of voting for president via email

More voters love emailing ballots. But is digital voting a threat to national security?

BANGKOK, Thailand — There are increasingly fewer human duties and desires that the internet cannot satiate. Through the device you are staring into right now, you can acquire and swap money, fall in love, learn how to play the oboe, call your mom and, when you’re done, order a sandwich.

And now, if you’re registered to vote in the right state, you can choose the next leader of the world’s largest superpower via email.

In early October, I did just that without setting foot outside my cluttered home office in Bangkok, Thailand. My home state, North Carolina, is among the 23 states (plus the District of Columbia) that allows overseas voters to request ballots, ink in the bubbles, scan the sheet and zap the ballot back via email.

Though North Carolina is not the only battleground state to do so, it by far the most coveted. Hotly contested states Iowa, Colorado and Nevada also allow digital ballot returns. But none are worth North Carolina’s 15 electoral college points, an amount just shy of the 18 offered by supreme battleground state Ohio.

Voting via email is a new and growing phenomenon. It was permitted in only 12 states during the last presidential race in 2008. But one year later, US Congress signed the Military and Overseas Empowerment Act, a law that has pushed states to offer ample time and delivery methods to voting troops and expatriates.

“When we have servicemen and women in Afghanistan and Iraq who want to vote, they need an option other than mail and fax,” said Veronica Degraffenreid, director of absentee voting for the North Carolina Board of Elections.

The state’s heavy concentration of military personnel, she said, helped inspire its open attitude towards email submitted ballots. “It’s something they’ve increasingly used,” she said, “because it expedites the request and return of their absentee ballot.”

Among overseas voters, email appears to have become a fast favorite.

According to data posted online by Gerry Cohen, a special counsel to the North Carolina General Assembly, roughly half of the state’s military personnel and three-fourths of its overseas voters who requested ballots opted for email transmission as of October’s first week. Nationwide, the Overseas Vote Foundation reports, about 5 percent of voters cast ballots via email.

More from GlobalPost: Ad spending by Romney, Obama could reach $1 billion by election day

The pros of this method are obvious: voting in your underwear.

The cons? No free polling station cookie. No “I Voted” sticker to exhibit civic-mindedness to your office mates.

And no waiting until the last minute. Email voting can require persistence. When 10 days of silence elapsed after I requested my absentee ballot, I bugged my local polling authorities in rural Rockingham County. Within hours, I received an email response from the country’s Board of Elections director: “We are getting absentee requests in very large numbers and are processing them as quickly as possible.”

Lag times such as this are a major hindrance to voting from afar. An Overseas Vote Foundation study found that, in the 2008 race, more than half of overseas Americans “who tried but could not vote were unable to do so because their ballots were late or never arrived.”

But after my nudging, the personalized absentee ballot — bearing my name, address and a bar code — arrived the next day. Within 10 minutes, I printed it, filled it out, scanned it and sent it back in.

The packet required a signed “privacy waiver” that would make conspiracy-minded Americans shudder. Voters submitting by email must agree that they are “voluntarily waiving” their ballot’s secrecy “to the extent necessary to process my ballot.”

But these are small quibbles compared to the nightmare scenarios presented by advocates against digital voting.

Accepting ballots by email, according to its various detractors, exposes American democracy to threats from domestic hackers, Chinese or Iranian subterfuge and inept elections officials.

Perhaps the most resounding alarm sounded against modern-day emailed ballots is a statement, gathered by the nonprofit lobby VerifiedVoting.org, that is signed by more than 30 computer science professors and engineers from Princeton, Stanford, Purdue and other universities.

Their reproof of present systems warns of malicious software or “botnets” controlled by “individual hackers, political parties, international criminal organizations, hostile foreign governments or even terrorists.”

Compounding their warnings are sobering case studies in which a University of Michigan professor and his students successfully hacked a DC Board of Elections server, changed every vote and tapped into their surveillance cameras to observe employees’ panicking.

Helmed by Professor J. Alex Halderman, the group took advantage of the election board’s public invite to hackers: try to crack our system during a mock election for overseas voters to illuminate its flaws. The group’s post-hack report states that one of the key terminal servers was accessed with a highly guessable user name and password (“admin” for both) and that, once inside, the group noticed attempted hacks originating in Iran.

More from GlobalPost: What if the world could vote in the US election?

“We later blocked similar attack from IP addresses in New Jersey, India and China,” the group wrote.

In February, the election committee posed a similar challenge. Some of the same well-meaning University of Michigan computer scientists elected the fictional booze-swilling robot Bender, from the TV show “Futurama,” as the chief of DC’s school board.

Email submitted ballots are “just not secure,” said Professor Rick Hasen, an election law expert at the University of California - Irvine. “It doesn’t mean we shouldn’t allow it if it is the only way someone can vote. But we’d have to have better safeguards in place.”

Email ballot submission is not allowed in the hotly contested swing states Ohio (which only takes absentee ballots by mail) and Florida (which accepts mailed and faxed ballots). Some battleground states pose stipulations: beaming emailed ballots back to Iowa is a privilege reserved for troops in austere locations who receive “imminent danger pay.”

Among the swing states, North Carolina offers the highest stakes: a game-changing number of electoral college points and an open attitude towards digital voting. Most polls strongly suggest Republican presidential nominee Mitt Romney will take North Carolina, though Obama captured the state with a scant 14,000 votes in 2008. An extreme long shot scenario could see absentee ballots — many submitted by email — tilting both the state’s outcome and bringing the country along with it.

However convenient, email voting is somewhat lacking in closure. On its election board website, North Carolina publicly discloses which voters requested absentee ballots and when they were sent. The site does not declare whether a person’s ballot has officially arrived.

According to Degraffenreid, my vote will be printed out, crosschecked with my signature on file and stuffed into a “security container.” So far, she said, “we have not seen any security issue as a result of ballots received by email from military or overseas citizens.”

“At the appropriate time,” she said, “those ballots will be removed from the security container and the contents will be tallied.”

Provided, of course, that a malicious Chinese botnet or clever American grad student didn’t swat down my digitized ballot as it zipped over from Southeast Asia.

http://www.globalpost.com/dispatch/news/politics/elections/121018/digital-democracy-email-voting-hackers