Internet voting systems have long been a contentious topic in the realm of election security, and a recent study by Andrew W. Appel and Philip B. Stark sheds new light on the challenges and pitfalls of such systems. The study, which focuses on the “MERGE” protocol designed for the prototype CAC-vote system, highlights significant flaws and practical hurdles that undermine the system’s trustworthiness.
The MERGE protocol is an innovative approach that aims to merge the convenience of electronic voting with the security of paper ballots. In this system, votes are transmitted over the internet for immediate tabulation, while voter-verifiable paper ballots are sent through the mail for audits and recounts. The primary motivation behind this dual-method approach is to include preliminary results from overseas military voters before their paper ballots are received.
However, the study reveals that the MERGE protocol, despite its interesting ideas, falls short of being a trustworthy solution for secure elections. The researchers argue that implementing the MERGE protocol would require sweeping changes to existing laws, practices, and technical and logistical abilities of U.S. election jurisdictions. This gap between theoretical design and practical implementation is substantial and, according to the study, unbridgeable in the foreseeable future.
One of the critical issues identified in the study is the reliance on internet transmission for vote tabulation. The MERGE protocol essentially functions as an internet voting system, where election results depend on votes transmitted over the internet unless a full hand count is conducted. This reliance introduces significant security risks, including the potential for cyberattacks, hacking, and data breaches, which could compromise the integrity of the election process.
The study also underscores the need for a comprehensive overhaul of election laws and administration practices to accommodate such a system. Current election jurisdictions in the U.S. are not equipped to handle the complexities and security challenges posed by internet voting. The logistical and technical requirements for ensuring the security and accuracy of internet-transmitted votes are daunting and would necessitate substantial investments and reforms.
Moreover, the study calls attention to the ethical responsibilities of promoters of such research projects, particularly those sponsored by agencies like DARPA. The researchers urge these promoters to acknowledge the true nature of the MERGE protocol as an internet voting system and to refrain from making claims that it could be a component of trustworthy elections without significant changes to election law and administration.
In conclusion, while the MERGE protocol introduces some novel ideas, its practical implementation faces formidable challenges. The study by Appel and Stark serves as a cautionary tale about the complexities and risks associated with internet voting systems. It underscores the need for a cautious and informed approach to election technology, emphasizing the importance of security, transparency, and adherence to established legal and administrative frameworks. As the debate over internet voting continues, this research provides valuable insights into the critical issues that must be addressed to ensure the integrity and trustworthiness of the electoral process. Read the original research paper here.