LetterVerified Voting Letter

Download PDF

February 29, 2024

The Honorable Ash Kalra

Chair Assembly Judiciary Committee

The Honorable Christopher Ward, Chair

Assembly Committee on Housing and

Community Development

Att: Nicholas.Liedtke@asm.ca.gov

Sent to both offices via email

Verified Voting Urges Rejection of Assembly Bill 2159

On behalf of Verified Voting, I write in opposition to AB 2159, which would allow electronic return of voted ballots for homeowners’ associations. Verified Voting, founded by computer scientists, is a nonpartisan nonprofit organization whose mission is to strengthen democracy for all voters by promoting the responsible use of technology in elections.

Four federal government agencies have concluded in a recent risk assessment that electronic ballot return is “High” risk, even with security safeguards and cyber precautions in place. The agencies warn that electronic ballot return “faces significant security risks to the confidentiality, integrity, and availability of voted ballots,” and that these risks can “ultimately affect the tabulation and results and can occur at scale,” and explicitly recommends paper ballots.The risk assessment was issued by the Federal Bureau of Investigation (FBI), the Department of Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA), the U.S. Elections Assistance Commission (EAC) and the National Institute for Standards and Technology (NIST).1

Furthermore, there is broad consensus that electronic ballot return presents severe security risks to the integrity of elections, because ballots cast over the internet can be intercepted, deleted and altered at scale—and can therefore change election results. Recently, experts convened by the University of California’s Berkeley Center for Security in Politics concluded that creating standards for electronic ballot return, so that it can be done securely and privately, was not feasible. “When internet ballot return is employed,” the Working Group wrote, “it may be possible for a single attacker to alter thousands or even millions of votes. And this lone individual could perpetrate an attack from a different continent from the one where the election is being held – perhaps even while under the protection of a rogue nation where there is no concern of repercussions.”2 While the scale of an attack mentioned here may not neatly apply to homeowners’ associations, introducing electronic ballot return in homeowners’ associations elections could lead to a slippery slope of insecure technology being introduced in governmental elections – A scenario that could be devastating for the voting public of California.

Currently, the primary voting method in California, including those in a homeowners association, uses a voter-verified paper ballot, which could be recounted in case of questions about the election. The paper ballot provides a durable record of voter intent, unlike a purely digital record, because it is the only durable record a voter can physically examine. A digital representation on a screen can change, be modified or corrupted in capture, or be lost irretrievably. A digital representation of voter intent cannot be assured of arriving at its destination intact. This physical record of voter intent, therefore, is a standard in all California elections, and there’s no good reason to sink beneath that baseline if we are to continue to have reliable elections.

If Internet voting, or electronic secret ballot (which is a misnomer because there is no such thing as a secret electronic ballot), is enabled for this purpose, it eliminates that durable copy of voter intent, which the voters had the opportunity to verify. That means everyone has to simply trust that the vendor’s system worked the way it was supposed to, but we have no evidence to support that trust. That is corrosive to confidence in the election itself.

Verified Voting rarely weighs in on non-governmental election systems. As a policy matter affecting a large number of California residents and voters, however, this is an area that blurs the line. Requirements for reliable ballots exist in statute, and it would have negative repercussions to eliminate that more reliable system for one that provides zero auditability nor recount-ability. It leads to a weakening of California’s election standards, and leaves HOA voters unprotected. Please vote no on AB2159. Thank you.

Respectfully,

Pamela Smith

President & CEO

Verified Voting

  1. 1 U.S. Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, National Institute of Standards and Technology and the U.S. Election Assistance Commission, Risk Management for Electronic Ballot Delivery, Marking, and Return 1 (2020), available at https://www.cisa.gov/resources-tools/resources/risk-management-electronic-ballot-delivery-marking-and-return.
  2. 2 R. Michael Alvarez et al., University of California, Berkeley Center for Security in Politics, Working Group Statement on Developing Standards for Internet Ballot Return 10 (Dec. 14, 2022), available at https://csp.berkeley.edu/wp-content/uploads/2022/12/Working-Group-Statement-on-Internet-Ballot-Return.pdf.