Cybersecurity

Election takeaway: Emergencies aren’t the time for experimenting

A person walks through a makeshift shelter in Tom's River, NJ as they arrive to vote.

A person walks through a makeshift shelter in Tom's River, NJ as they arrive to vote. // Mel Evans/AP

The lesson learned from an email ballot fiasco that roiled hurricane-stricken New Jersey residents is that government officials should not concoct statewide disaster voting procedures during disasters, legal and technology experts say.

On Election Day, anecdotes abounded about problems associated with email voting in the state. There were reports that legitimate email requests for e-ballots went unanswered, emails to election officials were bouncing back to senders and organizers were collecting voter forms through their personal webmail addresses.

“In an emergency, you do have to think through the emergency measures that should be put into place,” said Penny Venetis, a constitutional and human rights law professor at Rutgers University. “Computerized voting is a bad idea during any circumstance, especially emergency circumstances where you don’t have enough staff.”

Tuesday’s gaffes do not include potential email hacking and identity fraud. Intentional disenfranchisement won’t be discovered until officials can match e-ballots with duplicate paper ballots that were due to be mailed in by Nov. 19.

“There’s no evidence that there’s been any mischief going on, although there wouldn’t be at this point,” said Matt Blaze, a University of Pennsylvania computer science professor who studies the architecture and design of secure systems.

After officials learned of email glitches Tuesday, they issued a directive extending the deadline for transmitting ballots to Friday night. But residents who wished to do so were still required to email requests for the e-ballots by 5:00 p.m. Tuesday.

On Saturday, New Jersey officials for the first time ever sanctioned voting by fax or email for residents who could not access a polling place due to widespread devastation. Residents without homes or transportation, however, may have faced the same difficulty accessing the requisite technology: a reliable Internet connection to obtain an application for voting, a printer to hand sign the application and a scanner to transform the signature into a format acceptable for digital transmission.

“This seems to be the system collapsing under its own weight,” Blaze said. “Scale is hard. What happened is kind of the most predictable result. Two days is just not enough to design a system to do something like this from scratch.”

For example, some of the personnel scheduled to assist voters had other commitments Tuesday.

“The people who run voting are also the same people who are dealing with other aspects of the disaster,” Blaze said.

Venetis had spent the day at court fighting officials who she said were turning away legal voters from the polls. Every one of those constituents “was challenged by people from the attorney general’s office,” she said. “Any sort of resources that were directed at prohibiting them from voting should have been used toward disaster victims to make sure they were permitted to vote.”

Perhaps now is the time for government officials to establish contingency voting plans for future emergency situations. “It’s way premature to be talking about blame. It may not be premature to think about having something on the shelf” for the next crisis, Blaze said.

He added that email voting should be, at best, a very last resort. “Given the luxury of nondisaster conditions, we ought to be able to design a system that works better than this for the next disaster,” Blaze said.

Threatwatch Alert

Credential-stealing malware / Payment device infection / User accounts compromised

Staples Registers Hacked by Credit Card Thieves

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// October 22
X CLOSE Don't show again

Like us on Facebook