November 23, 2005

Estonian elections illustrate limitations of Internet voting

Author: Jay Lyman

Estonia's latest local elections, held online nationwide, included the use of open source software in electronic voting. However, experts caution that the use of Linux on Web servers does not equate to publicly viewable voting code, and the system's reliance on the Internet raises red flags.

As a leader in IT and Internet connectivity among other Eastern European countries, Estonia extended its affinity for the Web last month by holding local elections that included nationwide Internet voting. The municipal elections, a
warm-up for parliamentary contests that will also include Internet voting in 2007, were the first nationwide use of Internet voting and were conducted using a Linux-based system.

However, using Linux-based servers for an online election -- although it may help reduce the possibility of a worm or hack -- is a far cry from the use of publicly reviewable, open source code for an election, according to David Jefferson, an electronic voting expert who works as a consultant to California Secretary of State Bruce McPherson. He joined other experts in condemning any election that relies on the Internet to collect votes because of the insecurity and opportunity for influence.

"I can say they certainly have not dealt with most of the problems associated with Internet voting, and I hate to see the thing described as a successful Internet election, because, hell, nobody knows, including the Estonians," Jefferson said. "I certainly hope nobody copies it."

Verified Voting Foundation founder David Dill agreed. "[Internet voting] cannot be trusted," he said. "There will have to be multiple breakthroughs before anyone knows how to make it trustworthy. I don't know the details of the Estonian system, but there is no reason to believe that they have solved these fundamental problems."

Johns Hopkins University professor and e-voting expert Avi Rubin concurred, indicating that even open source software cannot compensate for the challenges and chances for problems that come with Internet voting. "Internet voting is such a bad idea for so many reasons," Rubin said. "Open source does not solve most of those problems."

What is open source voting?

Still, the experts were in agreement on the value and validity of open source in election software and systems, provided the definition of open source is publicly reviewable code, or "disclosed source."

"It is very important that voting systems be transparent, and disclosed source increases transparency," said Dill, who has testified before Congress on the matter. "It is also likely that vendors will be
much more careful in writing programs if they have to expose them to public view. Furthermore, people will probably notice problems and report them, which will result in improved software. Finally, people will just feel better about the system if they know what's inside, so they'll trust the elections more, and I hope the elections will actually deserve to be trusted."

Dill added there are good arguments for a community development model as well. "I mostly use open source software, such as GNU/Linux, and my research group produces it," he said. "But it's not clear that this will work out for realistic election software."

Rubin said publicly reviewable source code is a requirement for a system that will be used in trustworthy elections. "That doesn't mean that it is sufficient, but without it, we have a non-starter," Rubin said. "The reason to make source publicly viewable is that we cannot have the impression that the system is hiding anything. It is one of many precautions that are needed in voting systems."

US election officials don't get it

Proponents of open source software for elections, or more precisely code that can be accessed by the public to instill a sense of confidence in the voting system, say that the issue is not on the radar of US elections officials, who are more preoccupied with paper receipts and old, proprietary vendors.

Dill told NewsForge there is "no apparent priority" on publicly available code for elections in the US. "There are several bills that require public disclosure of source code, including our favorite, HR 550 in the US House, but they have not passed," Dill said. "There are groups claiming to be developing open source voting systems, but so far, it is mostly vaporware."

Alan Dechert, president of the Open Voting Consortium, claimed his group was leading the charge to put publicly available open source code to work for elections in the US, with the biggest traction taking place in California. Dechert, who joined other critics of the Internet election in Estonia, explained the importance of open source in election systems.

"Election software should be open source because voting is a public process where there should be no secrets," Dechert said. "The electorate should be able to ask any question about how votes are collected and tabulated, and get their questions answered in whatever detail requested. With the exception of passcodes, voters should never be told, 'That's a secret.' Open source is necessary because election system transparency is necessary in order to have a trustworthy system."

The FOSS candidate's chances

Dechert, whose group is working on a BSD-based solution that can be freely re-distributed for elections across the nation, cautioned against election solutions that portend to be open or open source, but are in fact proprietary.

Jefferson, who is working with California on open source election software and systems, conceded that the issue is not a high priority for the state. Still, he said that the first formal consideration of the subject is coming up for California, and that other states are interested and watching. Jefferson added that, unfortunately, the proprietary vendors are proclaiming the difficulties of using open source in elections.

"The issues of public and open source are not well understood by elections officials," he said. "What they do hear of it comes from the vendors, who are almost unanimously against it."

Click Here!