Earlier this month, the French government announced that it was cancelling plans to allow citizens abroad to vote over the Internet in legislative elections this June. Calling allegations of Russian hacking in western countries worrisome, the National Cybersecurity Agency of France (ANSSI) described the current risk of cyberattack as “extremely high,” and advised “that it would be better to take no risk that might jeopardize the legislative vote for French citizens residing abroad.”
In February Emmanuel Macron’s En Marche (Onwards!) party alleged that their campaign was the target of ‘fake news’ put out by Russian news agencies and they had been victims of cyberattacks. Following these allegations, outgoing president Bernard Hollande called a meeting of the French Defense Council and asked for a report on “specific monitoring and protection measures, including in the cyber domain, to be taken during the election campaign.”
Since 2012 French citizens abroad have been allowed to vote online in legislative elections but not in those for president. A system purchased from the Spanish-based vendor Scytl is used for facilitating the transmission of voted ballots. With online voting no longer allowed, the French government has made other means available for citizens to exercise their right to vote, including extending the deadline to register for postal and proxy vote.
Given heightened cybersecurity concerns in the US, the security measures taken in France should serve as a model. Even in light of foreign interference in our own election this past November, 33 states still allow some voters to cast their ballots over the Internet.
Verified Voting has long warned about the dangers of Internet voting, pointing out that there is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future. American voters deserve verifiable systems, and proof of accurate election outcomes.