Amid suspicions of interference in the 2016 elections, states must be more careful than ever to provide heightened security in this year’s primaries. Yet, West Virginia has just introduced a more vulnerable form of voting for deployed military personnel.
West Virginia is now the first state to pilot blockchain technology, to allow some deployed soldiers to vote through mobile phones. Yet cyber security experts warn that this technology, also used for cryptocurrencies, poses dangers for voting. Instead of pioneering voting’s future, West Virginia is paving the way for future election hacking.
Blockchain technology addresses only part of the security process currently used by those administering U.S. elections. It’s like installing a high-tech lock and alarm system in your home, and then leaving a front door key and the alarm pass code under the doormat. The alarm system may work perfectly, but until the keys and pass codes are also secure, your home won’t be secure, either.
Blockchains are designed to keep a tamper-proof record of transactions by essentially creating a list shared with a huge network of people at once. If anyone wanted to change an entry in the list, it would be very difficult, since they’d have to simultaneously change it on every copy.
The problem, however, is that blockchain technology in voting does nothing to make sure that correct information gets put on the list in the first place. If a vote is distorted before it’s recorded, bad information gets on all the lists, and blockchain actually keeps that bad information secure. While this may not be obvious to the person voting, you can bet that hackers are aware of these vulnerabilities.
Secretary of State Mac Warner claims that this new voting process is “safe, secure and accurate,” but statements put out by his office do little to support his claims.
One of the secure features Warner touts is using a phone’s Touch ID to verify identity just before voting. This means elections officials contract out some of the security to individual phone manufacturers. During voting, a vote could be intercepted and intentionally recorded incorrectly. Or someone could pose as the voter and steal the vote.
Worse yet, Warner plans to spread the use of this technology, if it’s “successful.” Yet neither Warner’s office nor Voatz, the mobile voting platform company, have clarified what they mean by success.
Will it be a success if the pilot program isn’t hacked? How will they know the system has not been hacked? Are there plans to audit and make sure this hasn’t happened? What’s to keep potentially harmful interferers from waiting for a larger rollout to meddle in elections?
A better plan would be to invite independent cyber security experts to examine the technology or test its security. But, instead of taking such steps to test the technology before using it in West Virginia’s elections, online voting in the state’s primaries is already underway. In an effort to make voting faster and easier and advance new products, West Virginia is piloting practices that ultimately undermine election security.
In many ways, West Virginia demonstrates that its citizens and leaders care about election integrity. The state’s in-person voting system aligns with many of the best practices outlined by election security organizations like Verified Voting.
West Virginia uses paper ballots or voting machines with a paper record, so that every voter can verify that the ballot they marked is the ballot that is cast while still maintaining voter anonymity. Election officials can conduct post-election audits of paper records, to ensure that the votes were interpreted and counted correctly.
By pushing deployed military to mobile app voting, we take away their right to verify that the ballot they cast is the ballot that’s counted. With no paper ballot retained for recount or audit, we also exclude them from any authentic auditing process.
Soldiers fight every day to preserve our democracy. It’s our responsibility to fight for the security of their votes.