Or why you want to stay with paper ballots
There has been a significant focus over the past two years on the vulnerability and cyber threat risks faced for voting systems at the local level. That focus has typically been on State and local jurisdictions like cities, counties and towns, and resulted in the creation of the DHS Elections Infrastructure Information Sharing and Analysis Center (ISAC) to assist. However, there are other local governance entities at significant risk as well.
Home and condo owner associations (HOAs) abound in many countries as a means of local community governance. They also hold elections for their Boards of Directors and amend their legal instruments. In the past few years, e-Voting has been hyped to these associations as a kind of snake oil. While online polling may be useful for gauging sentiments on issues, it can go horribly wrong when used for key governance activities. The following is an actual recent case study of what, by any measure, was an e-Voting debacle.
A Northern Virginia homeowners association thought it would attempt e-Voting for an election of Directors and amending covenants. During the process of notifying homeowners and balloting, one homeowner who happened to be a cybersecurity expert thought something was wrong with what he was seeing and took screenshots. The simple ten-digit number for verifying identity seemed insufficient, and the embedded links to other sites inexplicable. What he subsequently discovered revealed the profound challenges faced by these associations. Tracing the information brought back memories of Cliff Stoll's Cuckoo's Egg tracking.
It turned out the e-voting provider was actually a one-person Oregon company that had been administratively dissolved for several months; that its headquarters was a small local law office, and the mailing address was a strip mall UPS mailbox. Technically, the service was being run on a server in a small Salt Lake City office, and the purported online security was a free 3-month quickie digital certificate that involved no identity checking. The balloting process also involved a "registration" screen to capture homeowner information with a link to a Florida LLC also run out of a UPS mailbox on a local server. Although the Oregon provider's online brochure suggested it had many satisfied customers, the server in Utah revealed only one other HOA customer in Texas.
When the cybersecurity expert (who also happened to be a lawyer), examined the HOA Board minutes to see how the arrangement was approved, the record revealed a sole source award based on a recommendation of the association's management contractor, and that it was one-tenth the amount normally charged. No one apparently checked the Oregon State records, which showed the e-Voting company was dissolved by the State Corporations Office — which was a common occurrence in the provider's corporate record. It turns out that the e-Voting awardee also was a sponsor at the association management contractor's tradeshow.
When the e-Voting agreement was obtained, what was found was equally disturbing. It was a one-sided, unconscionable license agreement where the association conveyed homeowner records to the provider to harvest and use for other purposes. Not only was no security provided, but the association was required to indemnify the e-vote provider against almost every possible harm! The really ludicrous provision was an attached "privacy policy" that cited at the outset that its website "follows principles set out in" an official-looking document. The citation was actually a 1980 report from the Paris-based OECD organization dealing with the politics of the time - U.S. based data processing companies - and ten years before web technology was even developed.
After all this became known, the association quickly switched back to paper ballots for its election, although the adoption of its covenant amendments remains open to challenge. However, it has no real ability to recover the homeowner records and additional information collected through the e-Voting provider's registration process.
There are important lessons here. The bottom line is that paper ballots sent by postal mail retain many critically necessary features like integrity, auditing, ease of use, and compliance with multiple applicable legal requirements. Paper ballots also automatically resolve issues like who has the authority to vote when several parties own the property. The Americans with Disabilities Act requirements are especially important for senior communities, and paper ballots are generally sufficient.
Conversely, homeowner and condo associations have no real cyber defense capabilities. Nor do these entities have the ability to assess and evaluate the completely unregulated gaggle of providers of e-Voting services that abound across the Internet or their proffered licensing arrangements and privacy policies. Indeed, these providers could exist anywhere today.
The problems here are local, interstate, and international in scope, and action going forward is urgently needed. Local Property Owner Associations plainly should not be using e-Voting for significant governance requirements that require any legal sufficiency, as neither the associations nor their management contractors have essential legal and cybersecurity technical skill sets. The risks of e-Voting far exceed benefits that are basically vacuous.
State legislatures need to adapt their laws to either exclude e-Voting for local governance actions, or if allowed, only using companies subject to regulatory mandates that include compliance with essential standards, certification, and continuous monitoring. Federal and State agencies responsible for elections security and consumer protection such as the Department of Homeland Security (DHS) and the Federal Trade Commission (FTC) at the national level, need to devote resources and impose e-Voting provider requirements.
Written by Anthony Rutkowski, Principal, Netmagic Associates LLC