recommended reading

New Jersey email votes shouldn’t be counted yet, experts say

Julio Cortez/AP

The mere mention of email voting conjures nightmares in which supporters manipulate outcomes by misrepresenting themselves as multiple personas or casting votes on behalf of nonsupporters, but in New Jersey, where post-hurricane digital voting is sanctioned, fraudsters likely will not dent the presidential results.

The nonswing state may be better off, on principle, by postponing the vote count to ensure each resident is represented, some election security experts say.

“In general, email and fax voting is probably the most vulnerable to interception, to changing,” said Joseph Lorenzo Hall, senior staff technologist at the Center for Democracy and Technology, a civil liberties group. “Emails are glorified postcards.”

Already, presumably nonmalicious Internet glitches are occurring. Emails to election officials are bouncing back and organizers are directing residents experiencing technical difficulties to contact their personal webmail accounts, according to Ars Technica.

New Jersey law requires residents to mail in paper duplicates of their e-ballots by Nov. 19, as an anti-fraud safeguard. It is unclear, however, if the state will wait until officials have cross-checked paper and digital votes to call the election.

“People don’t necessarily understand that delayed voting results are a good thing,” said Hall. “By definition, if they don’t match they do not count.”

Less than a week before Election Day, Lt. Gov. Kim Guadagno permitted voters displaced by Hurricane Sandy to request last-minute absentee ballots by fax or email. Polling stations on Tuesday are transmitting digital ballots and residents have until 8:00 p.m. to send in their votes electronically.

“In New Jersey’s case, it makes sense,” said Hall, who until September was a research fellow at New York University, which like New Jersey was devastated by flooding, power losses and downed critical infrastructure.

The criteria for qualifying as a displaced voter were not defined in the lieutenant governor’s directive. The thinking is that some unaffected residents will vote remotely for convenience or because their polling places are inaccessible.

“Who is a displaced voter? My friend who is lazy and just wants to vote from his house?” Hall mused. 

Update: After voters overwhelmed email operations, New Jersey state officials extended the period for transmitting an e-ballot to election officials until 8 p.m. Friday. However, residents were cut off from requesting e-ballots at 5 p.m. Tuesday. The hiccups preceding this decision included emails to government accounts that bounced back as well as staff failing to send e-ballots to voters who properly emailed requests earlier in the day. 

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.