FRAMINGHAM (02/05/2004) - The U.S. Department of Defense has decided, for now at least, to drop its efforts to give overseas U.S. military personnel voting access over the Internet, because of concerns about the security of the system.
In a Jan. 30 memo to David Chu, the undersecretary of Defense for personnel and readiness, Deputy Secretary of Defense Paul Wolfowitz wrote that "in view of the inability to ensure legitimacy of votes that would be cast in the SERVE Internet voting project, thereby bringing into doubt the integrity of the election, I hereby direct you to take immediate steps to ensure that no voters use the system to register or vote via the Internet."
The memo was released Thursday by a Defense Department spokesman who was asked about the status of the controversial voting program.
Wolfowitz said in the memo that "efforts will continue to demonstrate the technical ability to cast ballots over the Internet," using knowledge and experience gained so far. He wrote that he would "reconsider his decision in the future if it can be shown that the integrity of the election results can be assured."
The Wolfowitz memo came nine days after a 34-page report, "A Security Analysis of the Secure Electronic Registration and Voting Experiment", was sent by a group of technology experts to the Federal Voting Assistance Program, criticizing the idea as it was envisioned.
The group of about a dozen computer experts was asked by the Defense Department to officially review the idea of Internet voting, which was proposed after the 2000 presidential elections to make it easier for members of the military and other U.S. citizens to cast ballots when they're overseas. The Federal Voting Assistance Program was assembled by the Pentagon to build an Internet voting system, which is called SERVE (Secure Electronic Registration and Voting Experiment).
One of the writers of the report, Barbara Simons, a past president of the Association of Computing Machinery and a technology policy expert, said Thursday that she's pleased with Wolfowitz's decision.
"I think that the DOD will be making the right decision in canceling this current effort to hold Internet voting," Simons said. "We share their concern that all the votes in the military arrive on time and be counted. We're certainly prepared to work with them on trying to devise a method that would allow that to happen without jeopardizing their security."
The problem, she said, and the basis for the criticisms in the group's report last month, is that computer security still isn't foolproof enough to ensure that fraud and online criminal acts won't affect U.S. elections.
"We're moving ahead too quickly," Simons said. "It's possible in the foreseeable future that it will be safe to vote on the Internet, but it may never be."
One difficulty with the system is that, unlike with paper ballots and voting machines, there's no audit trail for online votes, so there's no way to be certain about how votes are counted, Simons said. "Our great fear is that there will be a major move to Internet voting, which I personally feel is a threat to our democracy," she said. "The bottom line is we could have our president selected by (hackers in) Iran" through data manipulation and fraud. "We basically feel they are trying to solve an impossible problem."
Even as the military is still looking for a solution to the security problem, online voting is set to take place this week for the first time in the Michigan Democratic caucuses, Simons said.
That's worrisome, she said, because "this is a much, much harder problem than trying to do commerce over the Internet."
One scenario for fraud could involve an e-mail sent to online voters just before an election, Simons said. Using official-looking logos copied from legitimate Web sites, the e-mail could warn voters to ensure the safety of their votes by downloading an attached "special virus protection program" being offered for their use. Instead, this special program would unleash a virus or worm onto the user's PC that could alter or control their vote and affect the accuracy of the election, she said.
SERVE "isn't an experiment, because the votes will count," Simons said. "If the election is as close in 2004 as it was in 2000, these votes could make a difference."
Simons said she and the others on the review panel are sympathetic to the problems of overseas military personnel who have had trouble voting in the past, but she added that more research needs to be done on alternatives. "The point we're making is it doesn't do them any favors if you give them an insecure system to vote on," she said.
Polli Brunelli, the program director of the Federal Voting Assistance Program, wasn't available for comment Thursday, according to a Defense Department spokeswoman.
Fifty counties in seven states -- Arkansas, Florida, Hawaii, North Carolina, South Carolina, Utah and Washington -- were interested in participating in the SERVE program. More than 6 million voters would have been eligible to participate under the program, including uniformed personnel in the U.S. Army, Navy, Air Force, Marine Corps and Coast Guard and their dependents, as well as members of the merchant marine, the commissioned corps of the Public Health Service and the National Oceanic and Atmospheric Administration, and overseas citizens.