Following are two letters submitted to the Illinois General Assembly on Senate Bill 829, expressing concerns with any provision allowing for the electronic return of voted ballots. The first letter was submitted by Verified Voting. The second letter was submitted on behalf of EPI Center, ACM, AAAS, Common Cause, Public Citizen, Free Speech for People, and Verified Voting. The full text of both letters is below.
March 22, 2022
House Ethics & Elections Committee
Illinois General Assembly
401 S 2nd Street
Springfield, IL 62701 Via email
RE: Verified Voting Comments on Senate Bill 829 Dear Committee Members:
On behalf of Verified Voting, I submit these comments on Senate Bill 829. Verified Voting is a nonpartisan nonprofit organization whose mission is to strengthen democracy for all voters by promoting the responsible use of technology in elections. We believe that the integrity and strength of our democracy rely on citizens’ trust that each vote is counted as cast.
While we support the overall aim of SB 829 – to provide improved access to the ballot for voters with a print disability – we recommend that the bill be amended to ensure the secure implementation of Remote Accessible Vote by Mail (RAVBM) in Illinois.
When carefully implemented, RAVBM provides a secure system for voters otherwise unable to access a traditional mail ballot.1
However, it is crucial that RAVBM systems employ certain safeguards, which the Illinois State Board of Elections should be required to consider when certifying systems. For instance, California’s Election Code Sec. 19295 outlines the principles for a secure RAVBM system, and we recommend that SB 829 incorporate similar language. For a system to be secure it must be prohibited from allowing any of the following capabilities, even optionally:
- Usage of a remote server to mark a voter’s selections transmitted to the server from the voter’s computer via the internet;
- Storage of any voter identifiable selections on a remote server
- Tabulation of votes
SB 829 wisely requires voters using RAVBM to print their voted ballots before returning them. Electronic ballot return should be prohibited from being part of any RAVBM system. Multiple cybersecurity experts have concluded that internet voting is insecure. The National Academies of Sciences, Engineering and Medicine released a report in 2018 stating that the technology to return marked ballots securely and anonymously over the internet does not exist.2
Additionally, in the lead up to the 2020 General Election, the Department of Homeland Security, the Election Assistance Commission, the Federal Bureau of Investigation, and the National Institute of Standards and Technology told states and election officials that electronic ballot return “creates significant security risks to the confidentiality of ballot and voter data (e.g., voter privacy and ballot secrecy), integrity of the voted ballot, and availability of the system. We view electronic ballot return as high risk. Securing the return of voted ballots via the internet while ensuring ballot integrity and maintaining voter privacy is difficult, if not impossible, at this time [emphasis added].”3 Nothing has changed; no new internet technology has been created to mitigate this risk.
We thank you for considering these provisions and for considering our testimony.
Respectfully submitted,
Mark Lindeman, Ph.D.
Director
Verified Voting
March 22, 2022
Hon. Kelly M. Burke, Chair
Hon. Katie Stuart, Vice-Chair
Members of Ethics and Elections Committee
Illinois General Assembly
409 Capitol Avenue
Springfield, Illinois
Dear Chair Burke, Vice-Chair Stuart and Members of the Committee on Ethics and Elections:
We are writing to share information on the scientific evidence regarding the insecurity of internet voting, and urge you to contemplate the profound risks associated with mobile or internet voting.4
We have long supported responsible uses of technology to facilitate voting and increase access to the ballot box for all voters, especially voters with disabilities. Presently, voters with disabilities still experience significant barriers to casting their vote privately and securely.5 In particular, we strongly support remote accessible vote by mail (RAVBM) to expand access when more voters are using vote by mail in Illinois and across the country. But the electronic return of voted ballots creates serious and presently unsolvable security vulnerabilities. At a time when election security and public confidence of our elections are under attack, increased electronic return of voted ballots, whether from a phone, tablet, or computer, is simply not safe or secure, and will undermine confidence and trust in elections.
Furthermore, with the ongoing conflict in Ukraine, the threat of Russian cyber attacks on our election infrastructure has escalated.6 Now is not the time to adopt election processes that are known to be vulnerable to hackers.
Online voting creates insurmountable security risks to elections, as assessed by the Department of Homeland Security, the FBI, and the National Institute of Standards and Technology,7 the Senate Select Committee on Intelligence8and the National Academies of Science, Engineering and Medicine.9
Among computer scientists and national election security experts there is no debate: online voting cannot be adequately secured for governmental elections. Last year, the Department of Homeland Security (DHS), the U.S. Election Assistance Commission, the Federal Bureau of Investigation, and the National Institute of Standards and Technology specifically advised “we recommend paper ballot return as electronic ballot return technologies are high-risk even with [risk-management] controls in place.”10 In other words, the security tools currently available such as end-to-end verifiability, encryption, cloud-based services, and distributed ledger technology (blockchain), are unable to secure online voting systems.
The risk assessment went on to warn that electronic ballot return “creates significant security risks to the confidentiality of ballot and voter data (e.g., voter privacy and ballot secrecy), integrity of the voted ballot, and availability of the system. We view electronic ballot return as high risk. Securing the return of voted ballots via the internet while ensuring ballot integrity and maintaining voter privacy is difficult, if not impossible, at this time.”11
DHS’s blunt warning against the use of online voting echoed bipartisan recommendations from the Senate Select Committee on Intelligence published in response to findings that foreign governments were actively trying to attack U.S. election systems. The Committee wrote: “States should resist pushes for online voting. One main argument for voting online is to allow members of the military easier access to their fundamental right to vote while deployed. While the Committee agrees states should take great pains to ensure members of the military get to vote for their elected officials, no system of online voting has yet established itself as secure.”12
In 2018, the National Academies of Sciences, Engineering and Medicine (NASEM) released a report stating that the technology to return marked ballots securely and anonymously over the internet does not exist.13 Many studies have reviewed specific internet voting systems and consistently, all have found that despite their claims of innovation, these systems have fundamental vulnerabilities.14
We understand the profound challenges you face to assure every voter’s ability to vote and strongly support interventions to assure voters’ equal opportunity and access to cast their vote – securely and verifiably. Recognizing that no current solution is ideal for all voters, we support thoughtful consideration of other secure innovations, such as RAVBM. This innovation allows for electronic delivery of a blank ballot to the voter so they may use their own equipment at home to mark their ballot, print it out and return the paper ballot to their elections office. However, internet voting, with or without blockchain, is not the answer. The 2020 election underscores the importance of being able to examine voted paper ballots, not just digital artifacts. A recent report published in the Journal of Cybersecurity warns, “While current election systems are far from perfect, Internet- and blockchain-based voting would greatly increase the risk of undetectable, nation-scale election failures.”15
We would welcome the opportunity to provide the Committee with further information on technical aspects of internet voting. For the present, we urge the Illinois legislature in the strongest possible terms not to adopt, test or develop internet voting of any kind to preserve the security and accuracy of voting in Illinois and voters’ confidence in the elections process.
Respectfully submitted,
Michael D. Fernandez, Director
Center for Scientific Evidence in Public Issues (EPI Center), American Association for the Advancement of Science
Jeremy Epstein, Chair
U.S. Technology Policy Committee
Association for Computing Machinery
Karen Hobert Flynn
President
Common Cause
John Bonifaz
President and Co-Founder
Free Speech for People
Aquene Freechild
Campaign Co-Director, Democracy
Public Citizen
Pam Smith
President and CEO
Verified Voting
- Common Cause and Verified Voting, Election Security and an Accessible Vote By Mail Option. https://verifiedvoting.org/publication/election-security-and-an-accessible-vote-by-mail-option/ [↩]
- National Academies of Science, Engineering, and Medicine, 2018. “Securing the Vote: Protecting American ” Washington, DC: The National Academies Press. https://doi.org/10.17226/25120 [↩]
- DHS Memo. https://www.politico.com/f/?id=00000172-9406-dd0c-ab73-fe6e10070001 [↩]
- Lizzie Seils, “House committee considers measure to expand voting accessibility for visually impaired,” Week.com, March 15, 2022. Available at: https://www.week.com/2022/03/15/house-committee-considers-measure-expand- voting-accessibility-visually-impaired/ [↩]
- “Disability and Voting Accessibility in the 2020 Elections, Final Report on Survey Results.” February 16, 2021. Rutgers University; U.S. Election Assistance Commission. Available at: https://smlr.rutgers.edu/sites/default/files/Documents/Centers/Program_Disability_Research/Disability_and_votin g_accessibility_2020_election_Final_Report_survey_results.pdf [↩]
- Joseph Marks, “Russian hacking threats aren’t over, Congress was warned last night,” The Washington Post, March 9, 2022. Available at: https://www.washingtonpost.com/politics/2022/03/09/russian-hacking-threats- arent-over-congress-was-warned-last-night/ [↩]
- Risk Management for Electronic Ballot Delivery and Marking,” Cyber Security and Infrastructure Security Agency, Federal Bureau of Investigation, National Institute of Standards and Technology, U.S. Election Assistance Commission. Available at: https://www.politico.com/f/?id=00000172-9406-dd0c-ab73-fe6e10070001 [↩]
- Report of the Select Committee on Intelligence, United States Senate on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election, Volume 1: Russian Efforts Against Election Infrastructure with Additional Views, 2019, Available at https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf [↩]
- National Academies of Science, Engineering, and Medicine, 2018. “Securing the Vote: Protecting American Democracy.” Washington, DC: The National Academies Press. Available at: https://www.nap.edu/catalog/25120/securing-the-vote-protecting-american-democracy [↩]
- See supra note 4. [↩]
- Ibid. [↩]
- See supra note 5. [↩]
- See supra note 6. [↩]
- Massachusetts Institute of Technology, 2020. “The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections.” https://internetpolicy.mit.edu/wp- content/uploads/2020/02/SecurityAnalysisOfVoatz_Public.pdf [↩]
- Sunoo Park, Michael Specter, Neha Narula, Ronald L Rivest, MIT, Going from bad to worse: from Internet voting to blockchain voting, Journal of Cybersecurity, Volume 7, Issue 1, 2021, https://doi.org/10.1093/cybsec/tyaa025 [↩]