Internet Voting: Issues and Legislation

CRS Report for Congress
Received through the CRS W eb
Intern et Voting
Analys t i n American N ational Government
Government and Finance Division
Among the m any i ssues in the ongoing national d iscussion about the Internet i s its
use i n t he vot i n g p rocess. Because vot i n g d et erm i n es who runs t h e gove r n m e n t and
entails two absolute requirements — the secret bal l o t and securi t y from fraud — t he
stakes are h igher t han for many other t ransactions routinely conducted v ia the Internet.
Public confidence about In ternet security is increasing, but many feel that voting online
requires a degree of security from f r aud beyond the current standard for everyday
In ternet use. The National Defense Authoriz ation Act for FY2002 and t he Help America
Vote Act o f 2002 included p rovisions to ex tend a p ilot p roject for Internet voting o n a
limited b asis and t o conduct an i n-depth s tudy for C ongress on the feasibility of In ternet
voting on a national basis.
Aside from voting i ss u e s , o b s ervers often refer to a “digital divide” that ex ists
between those who have access t o computers and the Internet (and t he skills to use it)
and t hose who do not. W h i l e In ternet access i s i ncreasing, estimates s how that those
wi t h hi gh er i n com es and educat i o n l evel s are m o re l i k el y t o h ave Int ernet access, and
t h at bl ack and Hi s pani c access l ags b ehi n d t hat o f whi t es. Al so part of t h e d ebat e are
issues concerning political tradition, public co n fidence in In ternet voting, and equal
access t o t h e b a l l o t . P roponents o f Internet voting s uggest it could i ncrease t urnout,
particularly among younger voters who are familiar w i t h Internet t echnology. In the
meantime, s everal ex periments with In ternet voting i n public elections took place in the
2000 election year, and more are likely i n t he future as the t echnology for online voting
evolves. This report will be updated t o reflect new d evelopments.
Overview . A s c o m p u t er ownership i ncreased in the early 1990s, t he In ternet
introduced the concept o f electronic d emocracy to a wide audience. By 1996, the n ational
parties and scores of candidates m ai ntai ned websites t o disseminat e i nformation, attract
donors and volunteers, and communicate d i r e c t ly with supporters. As an ever l arger
segm ent o f t he population u ses t he In ternet to conduct business, find news, pursue l eisure
activities, and s o on, the potential t o use it for m ore t han campaign purposes — t o conduct
elections — h as become part of the d iscussion of applyi ng technology t o t he democratic
process. Electing o fficeholders vi a t h e In t ernet requires a level o f s ecurity from fraud

Congressional Research Service ˜ The Library of Congress

beyond what ex i s t s wi t h current onl i n e u se, accordi n g t o m any observers. 1 For ex ample,
credi t c a r d fraud on the Internet “is recogn iz ed at the l evel of 10% of all t ransactions,”
according t o one estimate.2 S u ch a l evel of pot ent i al fraud i n an el ect i o n w oul d
undermine its legitimacy, which depends on a f air and accurate count of the b allots cast.
An Internet voting system, even one used on a limited basis in conjunction with
traditional voting m ethods, n eeds t o b e at l east as s ecure as current voting m ethods in its
ability to safegu ard a voter’s identity and p rovide an accurate vote count.
Officials o f, t he company t hat conducted Ariz ona’s online Democratic
primary in 2000, claim t hat a d equate security measures ex ist which make it possible t o
c o nduct public elections on the Internet now. But other v endors, election o fficials, a n d
interested observers vigo rously dispute t hi s assertion and point out that security problems
with online voting could undermine future vot er confidence in online elections. As for
the ex p ense of conducting elections online, a number o f observers suggest that internet
voting will lower election costs for l ocal officials. As for younger voters, whose rates of
participation are notoriously low, online voting could provide an opportunity to boost
turnout if it became an option.
Internet voting has been widely reported on i n t he press, and policy m akers at t he
federal and state l evels are studying i t s i m p l i cations. In December 1999, the P resident
directed the National S cience Foundation ( NSF) to conduct a one-year study of In ternet
voting. The NSF study was released in March 2001. An In ternet Task Fo rce o rganiz ed
by California’s S ecretary o f S tate issued its report o n J anuary 18, 2000. The T ask Force
report s ai d “At this time, i t would not be legally, practically or fiscally feas ible to develop
a comprehensive remote Internet voting s ys tem t hat would completel y repl ace t h e current
pap e r p ro cess.” The Task Force recommended phasing in Internet voting, with remote
voting as t he last phase.3
Types of I nternet V oting. Two t yp es of In ternet voting are possible, and both
were used in voting t rials i n 2000. One m ethod , t he more basic from a technical
standpoint, i s Internet voting at a traditional polling s ite, with computer voting m achines
connect ed t o t h e In t e rnet and where el ect i o n o ffi ci al s aut hent i cat e vot ers b efore b al l o t s
are cast. The o ther method, more technically advanced, i s t o cast b allots over t he In ternet

1 For example, t he Love Bug virus of May 4, 2000, affected an estimated one million computers,
including those at many f ederal agencies, and caused an estimated $1 to $10 billion i n damage.
Such large-scale “hacking” is only part of t he problem, and attempts to breach public and private
systems occur r egularly. T he Pentagon estimates that its networks are hacked 250,000 times a
year, of which an estimated 500 are serious attempts to access classified systems. Scott Nance,
“ ‘ I Love You’ Doesn’t Sway CERT , ” New Technology Week , M ay 8, 2000, p. 5, a n d G r e go r y
Vistica, “Inside t he Secret Cyberwar,” Ne ws we e k , Feb. 21, 2000, p 48.
2 Ed Gerck, “From V oting t o Internet V oting,” The Bel l , vol. 1, M ay 2000, p. 5. Another e stimate
noted that “about 5 percent t o 6 percent of a typical Ne t r etailer’s transactions are fraudu l ent,
compared to less than half of one percent f or brick-and-mortar retailers. Fraudulent t ransactions
account for about 10 percent of Net retailer’s total s ales.” Craig Bickenell, “Credit Card Fraud
Bedevils Web,” Wi redNews , [ ht t p : / / www.wi r e n ews/ bus i ness/ 0,1367,18904, ml ] ,
vi sited Apr. 3, 1999.
3 California Internet V oti n g T a s k Force, A Report on t he Feasibility of Internet Voting , J an.,


from remote locations using electronic authentication and computer security technologies.
The Ariz ona Democratic primary, for ex ampl e, used both m ethods; voters could cast t heir
ballots from remote l ocations or at any polling p lace. Some observers believe that remote
In ternet voting s hould not be attempted un til voters become comfortable with polling s ite
In ternet voting and until procedures are w ell established t o ensure a c curate voter
authentication, ballot s ecrecy, and security. Others, however, argue t hat polling s ite
In t e r n et v oting will have little value t o voters, who want t he convenience of remo t e
Technologies Behind Internet Voting. Internet voting s ys tems use s everal
t echnologies t o ensu r e a u t h e n t i c a t i o n , s e c r e c y, a n d s e c u r i t y. T h e s e i n c l u d e e n c r yp t i o n ( t h e
scrambling of i nformation i n dat a t ransmissions to provide confidentiality) and el ect ronic
sign atures (methods that use s uch t echniques a s p asswords, p ersonal i d entification
numbers (PINs), s mart cards, biometrics, and digital s ignatures) to verify the i dentity of
the voter and p rovide data integrity (i.e., assurance t hat t he d a t a i s n o t altered during
transmission). Other computer security t echnologies, such as firewalls, antivirus
programs, and intrusion det ection s ys tems, are al so used t o prevent unaut hori z ed hacker
access t o com put er syst em s u sed i n t he el ect i o n p rocess.4
Different types o f elections require different standards for voter verificati o n , data
integrity for ballots, and assurance against tampering. For ex a m p l e, private sect or
elections (conducted and funded by p rivate organiz ations and regulated by the s ponsoring
organiz ation) typically have lower s tandards for these factors t han public sector elections
(conducted, funde d , a n d regulated by govern ment). Private s ector elections have been
conducted u sing the Internet t o a far great er ex tent than public sector elections.
The Current Debate: I ssues and Challenges. While the computer security
technologies m entioned above are well estab lished i n t heory, they have not yet b een used
on a wide s cal e. Some government agenci es , l arge companies, and financi al institutions
use encryption, electronic s ignatures, an d o t h er com put er securi t y t echni ques i n
conducting business t ra n s a c t ions with established s uppliers and customers. S ome
analys ts predict t hat computer security technologies will proliferate at an accelerated rate
in the nex t few years. Few businesses, however, have implemented these t echnologies
for use with the general public today. Some argue t hat t he public needs t o become more
familiar and comfortable with the Internet i n other as pect s of life, such as by engagi ng in
In ternet c o m m erce, before governments s houl d adopt In ternet voting s ys tems. Internet
voting s ys tems could be ph a s e d i n over time, from t he use o f Internet-connected
computers at s tate and l ocal government-controlled polling s ites, to remote Internet voting
from users’ home P Cs. The new voting s ys tems must also be user-friendly enough t hat
many voters will prefer to use t he In ternet method over t he traditional m ethod of voting.
Many current s e c u r i t y components t o computer systems are thought to be cumbersome
for u sers. T he following areas are t he principal concerns with In ternet voting at p resent.
Security Issues. P rot ect i n g t he v o t i n g p rocess from el ect roni c at t acks i s a
fundamental challenge both for vendors who design online v o t i n g s ys tems and for
el ection adm i n i s t r at ors who run elections. As with current voting s ys tems, any

4 For a backgr ound on these t echnologies, see CRS Report 98-67, Internet: An Overview of Key
Technology Policy I ssues Affecting its Use and Growth.

vulnerability that could allow for voting m ore t han once, changi ng a voted ballot or t he
el ection t ally, or otherwise compromising t he integrity of the process, raises the potential
for fraud. In addition, Internet voting s ys tems could b e vulnerable t o “deni al -of-servi ce”
attacks i n which the s ys tem i s flooded with e-mail messages, c a u s i ng it to shut down.
Internet voting, like absentee voting, entails cas ting a vote from rem ote l ocation and raises
a possibility of bribery or vo t e t am pering that does not ex ist with in-person voting.
Safegu ards can be provided t hrough t he establishment o f computer security procedures
that prevent unauthoriz ed individuals from s eei ng the contents of a ballot. Establishing
public trust i n t he security feat ures of Internet voting s ys tems may t ake time and perhaps
the u se of an independent oversight or auditing o rganization. Negative public perceptions
of Internet voting s ecurity could be s ignificant i n t he early stages of a t ransition t o online
voting, although acceptance might increas e along with advances in technology and
successful online voting t rials. A c c o r ding t o a J uly 1999 public opinion poll, 62%
believed t hat i t will be many years b efore Internet voting can be made secure from fraud;

24% thought it could b e m ade s ecure soon; and 7 % b elieved i t will never h appen.5

Ba llot S ecrecy. Bal l o t s ecrecy m u st be ensured i n any el ect i o n i n o rder t o prevent
vote-buying and other kinds of fraud. Traditional voting at a polling place ent a i l s two
separate steps for confirming a voter’s identity and cas ting a ballot. The voter signs i n at
the p recinct poll and then proceeds t o t h e v o t i n g booth t o cast a ballot. W ith In ternet
voting, the t wo steps are combined. An i ndividual’s i dentity must be confirmed and then
the ballot i s provided t o t he voter, i ncreas ing t he possibility that the voted ballot, while
in transit over t he In ternet, could b e observed, changed, or recorded along with the voter’s
identity. W hile encryption and el ect ronic s ignatures can provide privacy for voters, there
seems t o b e n o t echnical means o f p reventing t hese activities under rem ote Internet voting
Access. While remote Internet voting from home or t he workplace will not likel y
occur on a large s cal e for some time, i t will probab l y r ai se questions concerning equal
access t o t he ballot. Before providing In tern et voting for its 2000 P residential p rimary,
t h e A ri z ona Dem o crat i c P art y s ought and recei ved cl earance from t he J u st i ce D epart m ent
concerning Voting R ights Act restrictions on instituting changes to the elect oral process.
In addition, a nonprofit group, the Voting Integrity Project, filed a feder a l l a w s u it that
alleged t he Internet voting plan diluted minority participation ( s e e discussion in the
section o n i nternet voting i n t he 2000 elections). Issues r egarding access t o computers
and t he In t e r n e t — t he digital d ivide — are likely t o continue because of disparities
between certain groups in the electorate.
Social and P olitical Implications. S o m e o b servers are cri t i cal of In t e r n e t v o t i n g
on the bas is of tradition, arguing t hat i t will erode and eventually replace the m ost b asic
form of citizen participation i n t he democr atic process. Some have voiced concerns about
the loss of a civic ritual in which democracy, in its simplest form, is based on citizens
go ing t o t he polls. They s ay that “Reducin g a v o t e t o a m e r e key s troke of a p ersonal
computer may diminish, not heighten, t he significance of the act . At a minimum, voters
who bother t o actually go to the polls tend to be people who are m otivated enough t o l earn

5 ABC News Poll, J uly 21, 1999 (based on interviews with 1,018 adults nationally between J uly


ab out issues.... The s olution t o a lack of commitment of voters i s not to reduce t h e
necessary commitment needed to vote.”6
Inte rnet Voting in 2000 Elections. During the 2000 election cycle, a number
of limited Internet voting t rial s were hel d i n both primary and general el ections.
Arizona’s Democratic party l aunched what i t called “the first-ever, legally-binding public
election over t he In terne t ” f r o m M arch 7 t o M arch 11. The election was conducted b y, a New York-based company. Voters cast b a l l o t s f rom their homes or7
offices between March 7th and 10th, or at polling l ocatio n s o n March 11. The p arty
mailed a personal i dentifica tion number (PIN) to all 843,000 eligible voters, who could
s ubsequently vote t heir ballot via the Internet b y l oggi ng on to the p arty’s website,
entering their P IN, and providing two k inds of personal i dentification. Voters who u sed
the polls could also cast t heir vote b y p aper ballot o r computer at the polls. According t o
the Ariz ona Democratic Party, about 41% of the 86,907 ballots cast i n t he election were8
sent via t he In ternet from remote l ocations.
The Ari z ona t ri al el ect i o n creat ed probl em s for som e In t ernet vot ers, and resul t ed i n
confusi o n i n s om e l ocat i ons because of t h e n ew procedures. S om e vot ers wi t h Maci nt osh
com put ers were unabl e t o vot e b ecause t h ei r s oft ware was i n com p at i b l e wi t h t h e s ecuri t y
system used in the election. The p arty ad d e d phone lines in the l ast few days of voting
to field calls from M acintosh u sers and from voters who had l ost t heir PIN and could not
vote online without it. In response t o a federal l awsuit, the P arty also increased the
number o f polling p laces in the m onth b efore t he primary. The Voting Integrity Project,
a nonprofit organiz ation, filed t he lawsuit i n U.S. District C ourt i n Ariz ona chargi ng that
t h e proces s violated t he Voting R ights Act by creating a disparity between voters w i t h
comp u t e r s and those who lacked computer access, resulting i n a dilution o f minority
votes. W hile the Democratic Party i ncreased the number o f polling p laces in response t o
the s uit, it had difficulty finding locations with dedicated phone lines to allow for In ternet9
connections (although p aper ballots were available at all polling l ocations). U.S . District
Court J udge P aul G. R osenblatt p ermitted t he election t o p roceed and t he Voting Integrity
Project did not appeal the d ecision.
Also during t he Pres iden t i a l primary season, voters i n t hree el ection districts in
Alaska cast ballots via t he Internet in the R epublican Party’s P res i d e n t i a l straw poll on
J anuary 24, 2000. The p roject was conducted b y Vo t e H e r e . net, an In ternet voting
company l ocated in Bellevue, W ashington, an d p rovided 3,500 voters i n remote areas the

6 J onathan T urley, “ T he M ouse T hat Roared ... and V oted,” LosAngelesTimes, J an. 17, 2000.
7 Press r elease, Arizona Democratic Party Announces Internet V oting Registration Procedures
for World’s First Legally-Binding Public Election,
[ ht t p: / / www.el ect i us/ pr essr oom/ pr 2000/ m] , vi s i t e d Feb. 18, 2000. Feder a l
Di strict Court J udge Paul G. Rosenblatt allowed t he election t o t ake place despite a l awsuit that
asserted that Internet voting would discriminate against mi norities; the court could set aside t he
election i f minorities were under-represented among voters.
8 Ar izona Democrats, “Paper Ballots vs . Internet V otes,”
[ h t t p : / / www.azdem.or g/ br ml ] , vi si t e d J une 8, 2000.
9 “ In t e r n et V oting Off to Rocky Start in Ar izona Democratic Party-Run Primary,” El ection
Administration Reports, vol. 30, Mar. 20, 2000, p. 4.

opportunity to cast ballots in the s traw poll. In the p ast, it was d ifficult for voters i n t hese
areas to participat e i n t he straw poll.
In the November 2000 general election, some members of t he military and citizens
living abroad were eligib l e t o vote via the Internet on November 7. Voters who were
covered by t he Uniformed and Overseas Citizens Absentee Voting Act (4 2 U .S. C ode
1973ff) and whose l egal r e s i dence was one of fourteen counties p articipating i n t he
project in Fl o r i d a, S outh C arolina, Tex as, and Utah were eligible to participat e.10 The
pilot project was limited t o a total of 350 voters who could request and vote an absentee
ballot v ia the Internet; 84 voters (representing 2 8 s tates and territories, and 12 countries)
cast b allots under t he program. A report (av ailable at [] )
eval uat i n g t he program was i ssued by t h e Federal Vot i n g Assi st ance P r o g r am , whi ch
administers the federal law, in J une 2001.
Inte rnet Voti ng in Recent Legislati on. The Defense Aut hori z at i o n Act for
FY2002 (P.L. 107-107), i ncluded a number o f p rovisions concerning uniformed services
voters, one of which continued t h e In t e rn et voting pilot program administered by t he
Federal Vot i n g Assi st ance P rogram . It was s i gned i nt o l aw by t h e P resi dent on Decem ber
28, 2001. The p rogram permits some absentee uni formed services voters t o cast b allots
in federal elections through an elect ronic voting s ys tem. It is ex pect ed that the program
will include more states than the four that participated in 2000, and s hould b e accessible
for both registration and voting b eginning with primary elections in 2004.
The Help America Vote Act (P.L. 107-252) included a requirement that the Election
Assistance Commis s i o n e s tablished unde r t he law conduct a thorough s tudy of the
potential for regi stering and voting o n t he In ternet. S tudy topics include the requirements,
impact, and cost of In ternet regi stration and voti n g, a s well as the m eans o f ensuring
equity of access t o all citiz ens. The l aw calls for s ubmission of a report t o C ongress 20
months after enactment.

10 T he j urisdictions include Orange and Oskaloosa c ounties, FL; Dallas Count y, T X ; Weber
County, UT; and in South Carolina, Beaufort, Greenville, Greenwood, Horry, Lancaster, Laurens,
Lexington, McCormick, Orange burg, Pickens, and York c ounties.