Your Secret Ballot Is In Jeopardy

There are few things more sacred to Americans than a secure and secret ballot.

On August 1, 2015, Vincent Carroll of the Denver Post wrote a column entitled: The high risk of e-voting pointing out some concerns with electronic transmission of military and overseas balloting. This overview should cause us all concern about both the security and the secrecy of ballots that are cast in this manner.

The Heritage Foundation also published a column with similar concerns on July 14, 2015.

The extent to which Internet–based voting allows our deployed military members —who have no access to mail ballots— to vote is a good practice. No one wants to get in the way of their right to vote. The question is: Is Internet and email balloting being used only as a rare exception, or is that method of voting expanding?

A 2011 Colorado State law (HB 11-1219) ensures that overseas military members get their ballots in order to vote and return their ballot through the mail in a timely fashion. They have 53 days from when the ballot leaves their County Clerk and Recorder’s office to when their ballot must be returned in order to be counted for that election. In most situations, this is sufficient time. Service members may also request an electronic ballot be automatically sent to them, so that they can print it out, vote, and mail it back to their county office. All of this is important and necessary.

Senator Kevin Lundberg, was a member of the Senate State, Veterans, and Military Affairs Committee during 2006 when this bill’s predecessor was passed. Senator Lundberg has spoken out against the use of the electronic transmission of voted ballots in all but the most rare of circumstances. He can be heard discussing this on a May 29, 2015 podcast with radio host Ken Clark, and Colorado Secretary of State Wayne Williams. The relevant portion of the conversation starts around 25 minutes in.

Consider a submariner who is underwater for months. Consider a service person deployed to a place in the world where mail isn’t an option. The law makes it clear that the overseas or military voter may, “return the ballot by electronic transmission in circumstance where another more secure method, such as returning the ballot by mail, is not available or feasible.” Note that the law acknowledges that electronic transmission is less secure than returning the ballot by mail.

In the May 29^th podcast above, and a separate May 14, 2015 podcast, Secretary Williams says that this option for overseas and military voters to transmit their completed ballots electronically also applies to additional overseas voters, such as missionaries and students doing a semester abroad. The relevant portion of the podcast begins at about 1 hour and 21 minutes in. Senator Lundberg expresses concern in both of these podcasts about electronic transmission of completed ballots becoming a common practice as opposed to a “rare exception.” According to Secretary Williams, there were over 3,000 military members who used the electronic transmission method of voting in the 2014 general election. That is over 50% of the number of military and overseas voters who voted. Not all of these 3,000 were in areas where mail services were neither available nor feasible. Some may have been right here at home.

How safe is electronic transmission of a completed ballot? The language in the 2011 legislation admits it is not as safe as mailing in a ballot. New headlines every day like this and this show how vulnerable data is to being hacked. Here is a quick demonstration of how ballot data, using a 3^rd party vendor, might be hacked and how a vote can be changed.

As for the 3^rd party vendor, the Colorado Secretary of State’s office has contracted with Everyone Counts to be the technology link between the military or overseas voter and the County Clerk and Recorder’s offices throughout the state. When a military or overseas voter marks their ballot online, it doesn’t go directly to their County Clerk and Recorder. It goes first to Everyone Counts, along with the voters’ verified identity. After a copy of the electronic ballot is saved, the voter emails it to the clerk. Although Everyone Counts boasts about “secure and reliable voting options,” according to Secretary Williams in the May 14^th podcast, the voter has to acknowledge that they are “voluntarily waiving their right to a secret ballot.”

It disrupts a voter’s access to a secret ballot when a commercial vendor collects the voter’s choices. If Everyone Counts were to be hacked, what would happen to a voter’s privacy? Would Everyone Counts be able to sell voter data?

The public was offered an opportunity to attend a July 7, 2015 Secretary of State hearing on the rules surrounding electronic transmission of ballots, and the opportunity to weigh in online if they were unable to attend the meeting. Most of the public comments were against electronic transmission of ballots.

While listening to the podcasts above, I heard an interesting question raised. The final caller on the May 14th podcast asked Secretary Williams about the family relationship between an employee of the Secretary of State’s office and an employee of the vendor, Everyone Counts. The Secretary didn’t answer the question, but if true, the Colorado Secretary of State should —at minimum—publicly disclose that fact, and ensure that there is an arms length relationship between the two entities, so that there is no appearance of impropriety.

If these issues are as concerning to you as they are to me, please contact the Colorado Secretary of State’s office immediately to express that concern. You can send your comments to SoS.Rulemaking@sos.state.co.us and wayne.williams@sos.state.co.us.