Today, MIT and University of Michigan researchers released a report on the security of OmniBallot, an Internet voting and ballot delivery system produced by Democracy Live. This system has been deployed in Delaware, West Virginia, and other jurisdictions.
MIT PhD student Michael Specter says the team's goal is "to provide election officials and citizens the information they need to ensure that elections are conducted securely."
Based on the team's findings, they have specific recommendations for both governments and individual voters.
The full technical report contains detailed recommendations for jurisdictions, but here’s what the team says individual voters can do to help reduce risks to their security and privacy:
- Your safest option is to avoid using OmniBallot. Either vote in person or request a mail-in absentee ballot, if you can. Mail-in ballots are a reasonably safe option, provided you check them for accuracy and adhere to all relevant deadlines.
- If you can’t do that, your next-safest option is to use OmniBallot to download a blank ballot and print it, mark it by hand, and mail it back or drop it off. Always double-check that you’ve marked your ballot correctly, and confirm the mailing address with your local jurisdiction.
- If you are unable to mark your ballot by hand, OmniBallot can let you mark it on-screen. However, this option (as used in Delaware and West Virginia) will send your identity and secret ballot selections over the Internet to Democracy Live’s servers even if you return your ballot through the mail. This increases the risk that your choices may be exposed or manipulated, so we recommend that voters only use online marking as a last resort. If you do mark your ballot online, be sure to print it, carefully check that the printout is marked the way you intended, and physically return it.
- If at all possible, do not return your ballot through OmniBallot’s website or by email or fax. These return modes cause your vote to be transmitted over the Internet, or via networks attached to the Internet, exposing the election to a critical risk that votes will be changed, at wide scale, without detection. Recent recommendations from DHS, the bi-parisan findings of the Senate Intelligence Committee, and the consensus of the National Academies of Science, Engineering, and Medicine accord with our assessment that returning ballots online constitutes a severe security risk.
From the team's project page:
- Democracy depends on all eligible voters having both the opportunity to participate and the assurance that their votes will be securely and privately counted. Some voters, including those with certain disabilities and some overseas service members, have long faced significant obstacles to participation. Now, with the emergence of the COVID-19 pandemic, all voters may need better options for voting safely.
- OmniBallot’s ballot delivery and marking modes have the potential to be valuable tools for helping voters participate, if used with specific security precautions and changes recommended in the study. Some of those recommendations can be followed directly by individual voters but many will also require action by election officials. On the other hand, as online ballot return represents a severe danger to election integrity and voter privacy that no available technology can adequately mitigate, we recommend that Democracy Live and jurisdictions discontinue this feature.