I am thrilled to be able to report that the California email voting bill SB908, was defeated in the Assembly Elections Committee. It needed 4 votes to pass the 7 member committee. There was 1 vote in favor, 3 opposed, 2 abstentions, and 1 absent. The same bill that sailed through the Senate 23-11.
This is a clear victory for small but dedicated groups of election integrity advocates, working in conjunction with Debra Bowen’s office, and networking throughout the state and the country. The message was clear, concise, and compelling, (email voting is way too risky) and repeated to the committee members many times by all of you over the past 2 1/2 weeks.
We wish to thank everybody for their solidarity. We are looking forward to more such victories in the future.
Jim & the Voting Rights Task Force
We fail only if we quit, and we are not quitting.
- Text of SB 908
- Latest status of the bill
- You can download the legislative analysis written July 1 from
Why Email Voting Is Dangerous
- Legislators are supporting the bill because they want to help the troops. The legislative analysis did a poor job of looking at technical issues of “photoshopping” the ballots as they are relayed across the global Internet. The analysis also failed to look at insider and denial of service attacks which can affect county elections servers.
- In just one week, the CIA, IMF, US Senate, CityBank, and other high security sites were all hacked.
- Emails travel through many computers (routers) on their way to their destination. From overseas, this could include computers in Russia, China, Iran, and other undemocratic countries. Email attachments are not encrypted, which makes it easier for any computer to “photoshop” the ballots and and accompanying signatures.
- There is no reliable way of even knowing if an attack has occured. With no paper trail, there is no way to recover from a serious problem. Also, there are also no provisions for checking that the ballots are received and counted correctly.
- Chinese or Russian hackers should not be allowed to vote in Californian elections at all, let alone massively.
- The bill requires voters to waive their right to a secret ballot. In certain employment situations, that may not be fully voluntary.
- The main point is: Emails over the Internet is not a secure means to transmit voted ballots.
What To Do
- Please write the legislators.
- You can use a sample letter that has been prepared here.
From the Experts
Debra Bowen, California Secretary of State.
Letter to Senator Runner, April 27, 2011
Dr. David Jefferson, Cyber Security Expert,
Lawrence Livermore National Laboratory and voting technology advisor to five California Secretaries of State.
Email Voting: A National Security Threat in Government Elections
David Jefferson’s Comments to the FCC on Internet Voting,
and the Computer Technologists’ Statement on Internet Voting
Dr. Ron Rivest, Cyber Security Expert, MIT
Overseas Vote Foundation
Emailed Ballots: A Security Assessment
Let’s Hear It: Do You Want to Email Your Ballot?
– Jim Soper Takes On Internet Voting in California
More Good Links
I will add one other point. I lived overseas for 17 years, so the frustration of voting from abroad is personal with me. But as a senior software engineer, and the author of CountedAsCast.com, I know how dangerous Internet voting is, and what the implications of an email voting bill are for California, and for national security. On the balance, email voting is simply not worth the high risks of insider or external attack. “Photoshopping” email attachments as they travel over the Internet through computers in unfriendly countries is just too easy. Also too easy is digitally flooding the email servers of Los Angeles and other large counties on Election Day in a denial of service attack, blocking any hope of ballots arriving on time. The email system proposed offers no redundant backup; no way to collect, count or check the ballots when technology breaks down. And it will.
San Francisco Voting Systems Task Force
In its upcoming report to the San Francisco Board of Supervisors, the Task Force states the following:
– “Recommendation on Voting Systems“, final draft.
Elections are one of the most important routes to power and influence in this country, therefore, we must assume that somebody (or a whole bunch of somebodies) will try to hack them. This is not paranoia. Considering how much hacking and other computer-takeover activity of other sorts (viruses, Trojans and so on) already goes on, at multiple levels, and how many major companies and government institutions have been broken into, it would be surprising if there were NOT a substantial number of individuals figuring out every possible way to disrupt or influence elections.
With proper systems in place, current methods can do a pretty good job of blocking or catching threats to regular voting at the polls. Email voting is much more difficult to protect. Allowing it is opening the barn door and saying, “Hey, wolves, lookie here…”