As frequent readers will note, Internet voting as a discussion topic is one we increasingly tire of -- there is so much else to do! that unlike Internet Voting, can actually be done today! Let's talk instead about what tech innovations can do speed up the long lines at polling places, for example. But nevertheless, today, esteemed colleagues were asking for a "definitive statement" on i-voting, having been asked for such by folks who work for legislators interested in the topic. So I thought I'd share what I like to say when legislators, staffers, etc. ask for "definitive". Basically 3 steps.
Look to the National Institute of Standards and Technology (NIST), the U.S. government's top authority on technology issues. They've studied the use of the Internet for everything in elections, including voting.
- Read their conclusion on top half of page 69 of NIST's "Threat Analysis of Voting Systems" (here), supported by analysis in pages 42-46.
- Also briefly flip through NIST's 36 pages of "Information System Security Best Practices" (here) for Internet-connected election support systems.
- Think about whether state or local election officials would have the funding to comply with NIST guidelines, even for the lower bar of distributing blank ballots, much less the higher bar of Internet Voting.
That's pretty much it.
PS: While we're on the topic, my thanks to Jeremy Epstein for tackling another topic on i-voting (botnets, one among several i-voting topics that I am happy to leave to Jeremy and other colleagues in the security world), and for letting me put my 2 cents in for his Freedom To Tinker blog today. Thanks Jeremy, for doing the $0.98, and keep up the good work ! -- ejs