Subject: Re: [EL] All-mail elections research & analysis?
From: Joseph Lorenzo Hall
Date: 12/15/2010, 8:48 AM
To: "Jason C. Miller" <jcmiller@gmail.com>
CC: Election Law <election-law@mailman.lls.edu>

On Tue, Dec 14, 2010 at 7:43 PM, Jason C. Miller <jcmiller@gmail.com> wrote:


Also, is anyone aware of any research or publications concerning additional
ballot security concerns of going to an all-mail voting (as opposed to
allowing voting by mail in general).  And what about the equal protection
issue if a handful of counties are exempted from the all-mail requirement?
Thanks,


NIST has published a few white papers that look at security issues and
accessibility issues with UOCAVA voting (overseas absentee voting) and
much of that can be translated to domestic vote-by-mail (just leave
out the need to rely on military postal service or foreign postal
services, etc.).  Much of this might wax a bit technical:

Accessibility issues:
http://www.nist.gov/itl/vote/upload/AU_for_remote_voting_draft_white_paper_6-28-10_-3.doc

Security considerations:
http://www.nist.gov/itl/vote/draft-wp-securityconsiderations.cfm

Threat Analysis:
http://www.nist.gov/itl/vote/upload/uocava-threatanalysis-final.pdf

A dirty little secret amongst those of us in the technical community
is that VBM has a number of particularly poor security properties
compared to supervised voting models (polling places, early voting,
etc.).  First, there is the fact that the only authentication of the
voter that is done is the signature aspect, so signing your blank
ballot and handing it off to a coercer or vote-buyer is very easy.
Second, there is the mechanism for getting the ballot from the voter
to the election official for tabulation.  This is usually the postal
service, but can also be a spouse or other individual that drops off
the voted VBM ballot at election HQ or the post office.

Those two aspects -- the threat of coercion/buying and the threat of
manipulation of ballots in-transit -- are substantial risks compared
to in-person supervised voting (where there is a pollworker
(hopefully) enforcing election procedures that work against undue
influences and support chain of custody).

I think the reasons you haven't seen many of the technical folks speak
ill of VBM (yet) are many.  E.g., election officials tend to love it
because it's drastically cheaper than supervised balloting.  And we
have spent so much time talking about the risks of things like
paperless DREs and internet voting, that it often seems
counterproductive to talk about the risks of VBM.

Anyway, apologies for rambling a bit here. best, Joe


-- 
Joseph Lorenzo Hall
ACCURATE Postdoctoral Research Associate
UC Berkeley School of Information
Princeton Center for Information Technology Policy
http://josephhall.org/

_______________________________________________
election-law mailing list
election-law@mailman.lls.edu
http://mailman.lls.edu/mailman/listinfo/election-law