Statement on Vulnerabilities in Online Voter Registration Systems
Washington, D.C.– The following is a statement from John Fortier and Matthew Weil, director and associate director, respectively, of the Democracy Project at the Bipartisan Policy Center, in response to a new report published in the journal Technology Science that questions the security of voter data in online voter registration systems:
“Most states offer voters the opportunity to register to vote and to change their registration record online. Online voter registration improves access and provides better integrity of the voting rolls. Both Republican and Democratic legislatures and governors have adopted this reform, and it was a key recommendation in the 2014 report of the bipartisan Presidential Commission on Election Administration, whose work continues at the Bipartisan Policy Center.
“The report published last night in the journal Technology Science raises concerns about potential vulnerabilities to online voter registration systems. While some findings should cause officials to consider enhancing security protections for these systems, states must not roll back the option of registering online.
“Citizens can typically only use their states’ online voter registration portal if their information already exists in the state’s DMV records, and registrations submitted through the online system are not automatically made to the underlying voter registration database.
“Local or state election officials confirm voters’ eligibility and correct residence, and changes made through the online portal prompt a mailed paper notice to the voter. All changes to the voter registration database are logged for auditability. If problems arise on Election Day, voters can cast a provisional ballot, which is counted when the underlying registration issue is resolved and eligibility is confirmed.
“The report highlights the possibility that hackers might acquire voter file and other personal data to change the address or party affiliation of voters before Election Day, ultimately causing havoc for the voter and the voting system. It is a serious concern, but voter registration completed through the mail on paper has some of the same risks and other additional vulnerabilities. No system is 100 percent secure.
“The authors of the report are right to identify potential vulnerabilities. But it would be a mistake to throw out a system that provides so much convenience and integrity to the voting process. Instead states must reevaluate security and administrative protocols with an eye towards always improving the voting experience for all Americans.”