Security experts raise concerns about e-mail voting
KELLY WIESE
Associated Press 27 August 2004
JEFFERSON CITY, Mo. - Internet security experts are raising concerns about a plan by Missouri's secretary of state to allow members of the military stationed overseas to return their ballots by e-mail.
But state and federal officials say safeguards are in place to protect the ballots from tampering, duplication or other forms of fraud.
Missouri Secretary of State Matt Blunt announced this week that military members serving in combat areas overseas can complete their absentee ballots, then scan and e-mail them to the Department of Defense, which will forward the ballots via fax to the appropriate local election officials.
Blunt, the Republican nominee for governor, said e-mail balloting is another way to ensure that members of the military have the opportunity to vote. He asked the Department of Defense about the option after some soldiers stationed in Iraq reported trouble getting their absentee ballots on time during the state's Aug. 3 primary election.
Members of the military also can fax their ballot, or mail it as other absentee voters do. But Blunt said some soldiers told him they have easier access to e-mail than fax machines.
Pentagon officials said Missouri appears to be the first state using the e-mail option, but other states also could use the system. About half of states permit electronic transmission of voted ballots, generally by fax, and could do what Missouri is, according to the Federal Voting Assistance Program under the department.
The National Association of Secretaries of State also is unaware of other states allowing ballots to be returned by e-mail, but said about 10 are considering it.
Internet security experts, however, warn that e-mail balloting could breed problems.
In February, the Pentagon, citing security concerns, canceled an Internet voting plan that would have involved as many as 100,000 military and overseas citizens from seven states in November.
Outside security experts had urged the program's cancellation, saying hackers or terrorists could penetrate the system and change votes or gather information about users.
Bruce Schneier, co-founder of Mountain View, Calif.-based Counterpane Internet Security Inc., said Friday that increasing voter turnout is good, but transmitting ballots by e-mail raises security and privacy worries.
"E-mail is subject to all kinds of tampering," he said. "One of the problems with security is even the appearance of problems is bad. This is going to be a close election. If the election hinges on these ballots, there will be people that will never be satisfied this was fair."
And, he noted, ballots are not secret when they are sent by e-mail.
But secretary of state spokesman Spence Jackson said military personnel are told upfront that their ballots won't be secret, and if they're uncomfortable with that, then mailing it in is the best course. He also said the ballots will be e-mailed by secure phone lines to the Department of Defense - lines used regularly for communication between officials in Washington and military units stationed overseas.
Another safeguard, said department spokeswoman Lt. Col. Ellen Krenke, is that local election officials compare the signatures on ballots they receive with those they have on file.
Ballots also contain a tracking number, so if the ballot sent to a particular soldier is not the one returned by that soldier, or several are returned with that same number, election officials will know, Jackson said.
Schneier said the larger concern is that department officials won't forward all ballots to the local election officials.
"This is much more the human risk," he said.
Jackson, however, said that concern is unfounded.
"I just don't think there'll be a problem with anyone not transmitting a ballot or attempting to manipulate a ballot in any way," he said.