Election officials in a few states have used the mobile app Voatz to improve voting options for overseas citizens. Critics, however, continue to urge caution and skepticism about the blockchain voting method.
Voatz, a blockchain-based mobile app for online voting, has given places like Utah County, Utah, more confidence that it can secure votes from overseas citizens in a timely and reasonable manner. Critical questions about the security of Voatz, however, have been raised by multiple experts since its first use in official U.S. elections during the 2018 West Virginia midterms.
A recent letter from Sen. Ron Wyden, D-Ore., brings such concerns to a head. In the letter, which was released two days after a pair of Oregon counties utilized Voatz for Nov. 5 elections, Wyden asks the U.S. Department of Defense (DoD) and the National Security Agency (NSA) to conduct a cybersecurity audit of Voatz.
“While Voatz claims to have hired independent experts to audit the company, its servers and its app, it has yet to publish or release the results of those audits or any other cybersecurity assessments,” Wyden wrote in his letter. “In fact, Voatz won’t even identify its auditors. This level of secrecy hardly inspires confidence.”
Voatz responded to Wyden’s letter in a blog post, welcoming audits from DoD and NSA.
“We are confident that all additional audits will come to the same conclusions that the West Virginia Secretary of State’s office, the Denver Elections Division, the Utah County Elections Office and independent security organizations such as ShiftState Security have: that all our elections to date have been conducted safely and securely, with no reported issues with the accurate tabulation and recording of ballots, and that the overall system is very robust,” the blog read.
There are many others, however, who share Wyden’s concerns about how Voatz has handled its limited entry into U.S. elections.
“In general, I think everyone should ask themselves why it is only a small group of investors and technologists who are selling technologies are the proponents for blockchain voting,” said Joe Kiniry, principal scientist at computer science company Galois, in an email to GT. “It seems to me that everyone should be suspicious if a tiny part of a community says it is a great idea and all of the experts who have no skin in the game say that it is a horrid idea.”
In part, Kiniry is possibly referring to the involvement of Bradley Tusk, whose organization Tusk Philanthropies has funded Voatz pilots in the United States. Time reported that Tusk said, “We can’t take on every interest group in Washington around the country and beat them, but I think what we can do is let the genie out of the bottle.”
Susan Dzieduszycka-Suinat, president and CEO of the nonprofit U.S. Vote Foundation, doesn’t think Tusk’s philosophy about technology is appropriate, arguing that the country, for the sake of security, shouldn’t go from “here to 100” on online voting. She believes Tusk “fits into that model of people who have accumulated so much wealth that they then decide they’re going to … take on policy issues.” Due to a lack of communication, Dzieduszycka-Suinat questions Tusk’s passion about particular voting issues.
“He’s never spoken to me. If he cared about overseas and military voters, he might pick up the phone,” said Dzieduszycka-Suinat, who leads U.S. Vote’s initiative called Overseas Vote. “They have completely discounted and dissed and will not include anyone that’s in what is known as the election integrity community made up of cybersecurity experts and computer scientists around the country.”
Security technologist Bruce Schneier said he agrees with the ideas in Wyden’s letter, but he is unsure about who has authority to perform an audit of Voatz.
“Election certification is really weird in this country,” he said. “We don’t have a centralized authority like many countries do.”
Schneier believes Voatz has made questionable claims. For instance, Voatz has stated multiple times, including in its response to Wyden’s letter, that it has to balance transparency with the protection of its intellectual property. Schneier said this explanation is a common refrain from companies that don’t want their security examined and “never makes sense” in the security world. He added that a bounty program doesn’t necessarily allow researchers to examine the entire Voatz system, which would be necessary for the academics to produce papers.
“Honestly, there are any number of researchers that would happily audit their stuff,” he said. “If they’re so confident, then maybe they should open up their stuff to researchers.”
Officials in Utah County, the setting of two Voatz pilots, said the Voatz app is more secure for overseas voting than their existing email method. Neither Schneier nor Dzieduszycka-Suinat found that comparison compelling.
“I think they’re probably not qualified to say one or the other is more or less secure, but I do agree with them that emailing ballots is also not secure,” Dzieduszycka-Suinat said.
More than a year ago, Schneier wrote that U.S. elections are too simple to compromise and that the country should recognize the value of paper in election security. When asked if he could imagine a world where he would feel differently about online voting, Schneier offered a vision.
“It would have to be a world where you almost never get a security update from Microsoft,” he said. “It might be a world where you almost never hear about a data breach at a company. It’s a world where ransomware doesn’t exist. It’s a really, really different world. I have a good imagination, but no time soon.”