Inside the Multimillion-Dollar Plan to Make Mobile Voting Happen
The world of election security is often a quiet, academic one, populated by cryptographers and computer scientists meticulously dissecting vulnerabilities. It was in this milieu, at an annual conference on voting technology in Washington, DC, that Joe Kiniry, a security expert with a deep specialization in elections, found himself approached with an intriguing proposition. A woman, representing a wealthy, anonymous client, expressed an interest in funding innovative voting systems designed to boost voter turnout. Her question was direct: Did he have any ideas? Kiniry’s response was immediate and cautionary. “I told her you should stay away from internet voting, because it’s really, really hard,” he recalls, a testament to the immense complexities and inherent risks he understood so well.
Kiniry would soon discover the identity of the mysterious benefactor: Bradley Tusk. A name synonymous with political strategy and corporate problem-solving in New York City, Tusk had built a considerable fortune as a consultant and fixer, famously aiding companies like Uber in navigating and fending off regulatory challenges. His early investment in Uber stock had propelled his wealth, and now, he was eager to dedicate a substantial portion of it to a cause he believed could fundamentally reshape American democracy: online voting technology. Despite Kiniry’s initial reservations about the inherent difficulties, Tusk’s persuasive vision and the promise of a rigorous research project eventually swayed him. For Kiniry, it was an opportunity to delve into a challenging area, pushing the boundaries of what might be possible in secure digital elections.
Today, the fruits of that unlikely collaboration are being unveiled. Tusk’s philanthropic venture, the Mobile Voting Foundation, is proudly releasing VoteSecure, a groundbreaking, cryptography-based protocol designed to enable secure ballot casting directly from smartphones – both iPhones and Android devices. This isn’t a proprietary, closed system; rather, VoteSecure is entirely open source, readily available on GitHub. This transparency invites a global community of developers, security researchers, and academics to scrutinize, test, improve, and build upon its framework. The initiative has already garnered significant traction, with two election technology vendors reportedly committing to integrating VoteSecure, potentially as early as 2026. Tusk, ever the visionary, asserts that mobile voting holds the key to revitalizing and saving American democracy. However, as Kiniry initially warned, the journey from a secure protocol to widespread legislative acceptance and public trust will undoubtedly be the "really, really hard" part.
The Visionary Behind the Plan: Bradley Tusk’s Crusade
Bradley Tusk’s obsession with mobile voting is not a recent whim; it’s a conviction that has simmered and intensified over several years. Around 2017, he began translating his vision into concrete action, funneling funds into smaller-scale elections that utilized existing technologies to facilitate voting for specific demographics, such as deployed military personnel and individuals with disabilities. His commitment is substantial, estimating a personal investment of $20 million to date, with plans to continue injecting capital into the endeavor. When pressed on his motivations, Tusk articulates a profound disillusionment stemming from his extensive experience working with government entities. He believes his vantage point has afforded him a panoramic view of systemic failures, leading him to identify a singular "pressure point" capable of rectifying numerous discrepancies between what citizens deserve and what they actually receive: significantly higher voter participation.
"We get lousy, or corrupt, government because so few people vote, especially in off-year elections and primaries, where the turnout is dismal," Tusk states emphatically. He posits that a dramatic increase in primary turnout – for instance, from 9 percent to 37 percent – would fundamentally alter the political incentives for elected officials. Such a shift, he argues, would push politicians towards more moderate stances, diminishing the rewards currently associated with extreme rhetoric and partisan finger-pointing. For Tusk, mobile voting is not merely a convenience; it’s a logical imperative. "To Tusk, mobile voting is a no-brainer: We already do banking, commerce, and private messages on our phones, so why not cast a ballot?" he questions, highlighting the incongruity of entrusting sensitive financial and personal data to smartphones while balking at their use for civic duties. He sees himself as a reluctant pioneer, driven by a sense of urgency: "If I don’t do it, who is going to do it?" he asks. His concern extends to the very fabric of the nation: "If it doesn’t happen, I don’t think we’re one country in 20 years, because if you are unable to solve any single problem that matters to people, eventually they decide not to keep going."
Crafting the Secure Solution: VoteSecure
Before embarking on developing a new system, Tusk commissioned Kiniry to conduct a thorough evaluation of existing online voting platforms, including some that Tusk himself had previously funded. Tusk’s trust in Kiniry’s expertise is absolute: "Joe is considered the absolute expert on electronic voting," he affirms. When Kiniry’s assessment concluded that these systems were insufficient to meet stringent security and verifiability standards, Tusk made a pivotal decision: the most effective path forward was to build a solution from the ground up. He subsequently hired Kiniry’s company, Free & Fair, renowned for its expertise in election security, to develop what would become VoteSecure.
It is crucial to understand that VoteSecure is not a ready-to-use, "turnkey" application. Instead, it is a robust backend protocol – the secure engine that powers the process. It will require the development of user interfaces and other complementary components to become a fully operable voting system. The protocol itself incorporates sophisticated mechanisms designed to empower voters. These include methods for individuals to independently check the accuracy of their cast ballots and to verify that their vote has been successfully received by the election board and correctly transferred to a corresponding paper ballot – a critical audit trail feature that addresses a common concern in digital voting. This multi-layered approach aims to instill confidence and provide transparency at every step of the voting process.
A Cautious Rollout: Strategy for Acceptance
Tusk’s strategy for introducing mobile voting is pragmatic and incremental, recognizing the inherent resistance to change in such a sensitive domain. His immediate next step is to "run legislation" in a select few cities, aiming to secure legal authorization for mobile voting in local contests. "Start small—city council, school board, maybe mayor," he outlines, believing that success in these smaller, less scrutinized elections will serve as crucial proof of concept. "Prove the thesis. The odds of Vladimir Putin hacking the Queensborough election seems pretty remote to me," he quips, acknowledging the scale of security concerns while emphasizing the initial scope. Indeed, some local elections in Alaska are already slated to offer mobile-phone voting options next spring, utilizing software developed by Tusk’s foundation – an early test case for the VoteSecure approach.
Kiniry, while committed to the project, concurs with the cautious approach, acknowledging that it is "way too soon" to consider mobile voting for national elections. Tusk, however, is playing a longer game. He is betting that with repeated successful implementations in local contexts, these systems will gradually become familiar and, crucially, earn public trust – potentially even surpassing the trust placed in traditional paper ballots over time. "Once the genie’s out of the bottle, they can’t put it back, right?" he muses, drawing parallels to other transformative technologies he has worked on. "That’s been true for every tech I’ve worked on." But before the genie can be freed, it must first navigate a gauntlet of skepticism and technical challenges. And as Tusk himself implicitly acknowledges, getting that genie out is "no cinch."
The Battle Lines: Skeptics vs. Proponents
The introduction of mobile or internet voting invariably ignites fervent debate, and the loudest objections consistently emanate from the very experts who safeguard the digital world: cryptographers and security specialists. These professionals often argue that the inherent safety risks associated with online voting are, at present, insurmountable. Among the most vocal critics are two luminaries who were present at the same 2017 conference as Kiniry. Ron Rivest, the "R" in the iconic RSA protocol that underpins internet security, a recipient of the prestigious Turing Award, and a former MIT professor, remains unconvinced. His verdict is stark: mobile voting is far from ready for prime time. "What you can do with mobile phones is interesting, but we’re not there yet, and I haven’t seen anything to make me think otherwise," Rivest states. He critically observes Tusk’s approach: "Tusk is driven by trying to make this stuff happen in the real world, which is not the right way to do it. They need to go through the process of writing a peer-reviewed paper. Putting up code doesn’t cut it." This highlights a fundamental disagreement on the methodology for validating such critical systems, emphasizing academic rigor over practical deployment as a first step.
David Jefferson, a distinguished computer scientist and voting expert, echoes Rivest’s skepticism, despite acknowledging Kiniry’s standing as one of the nation’s foremost experts in voting systems. Jefferson views Tusk’s ambitious undertaking as fundamentally flawed, if not outright doomed. "I’m willing to concede rock-solid cryptography, but it does not weaken the argument about how insecure online voting systems are in general," he asserts. "Open source and perfect cryptography do not address the most serious vulnerabilities." Jefferson’s critique points to a deeper concern: even if the cryptographic protocol itself is impeccable, the multitude of external attack vectors – from malware on a voter’s personal device to sophisticated nation-state hacks targeting servers – presents an intractable problem for ensuring true end-to-end security and auditability in a distributed, consumer-device-based system. The "perfect cryptography" argument, for these experts, often sidesteps the practical realities of a compromised environment.
Defending the Innovation and Facing the Ultimate Hurdle
Kiniry, naturally, offers a counterpoint to these criticisms. "We’ll get to that," he says of the peer-reviewed paper, indicating that the academic validation process is part of their long-term plan. He argues that by "releasing the first version of it, we have provided the community with something like the equivalent of half a dozen papers for review." This position underscores the open-source community’s ethos of transparent code as a form of immediate, iterative peer review, allowing real-world testing and feedback to inform future iterations. Tusk is even more direct in his dismissal of the critics. "They’ve never seen what we’ve built," he retorts, suggesting that their objections are based on preconceived notions rather than a thorough understanding of VoteSecure’s specific design and safeguards. He contends that the "zero-tolerance approach" adopted by many security purists ignores the inconvenient truth that even current, traditional voting systems are not without their imperfections and vulnerabilities.
However, all these technical and academic arguments about the safety and verifiability of mobile voting may ultimately prove secondary to an even greater, more pervasive challenge: public trust. In the not-too-distant past, when Tusk first became consumed with the concept of mobile voting, discussions about election safety were largely conducted under the dispassionate guise of science, mathematics, and meticulous accounting. The public, by and large, held a reasonable degree of trust in their voting systems, a trust substantiated by numerous studies consistently showing that election fraud accounts for only a minuscule fraction of votes cast. That era of relative trust, tragically, has evaporated.
In the current political climate, largely exacerbated by the actions of a "sore loser," the entire issue of election integrity is fraught with doubt, suspicion, and deep-seated animosity. Introducing an unfamiliar alternative like mobile voting into this volatile environment would be akin to pouring cordite onto a simmering fire. Even if a mobile system were unequivocally verified as 100 percent secure by every credible expert, all it would take to cast a shadow of suspicion over an entire election would be a single, ill-intended, and unsubstantiated charge that some external force had hacked the system. The chilling precedent of Dominion Voting Systems serves as a potent reminder. Despite being unequivocally vindicated through legal processes and independent investigations, the company was left so profoundly tarnished by baseless accusations of fraud that it ultimately underwent a change of ownership and a rebranding.
Yes, internet voting, and by extension mobile voting, is "really, really hard"—and the technical challenges, while formidable, are likely solvable with continued innovation and rigorous development, as Kiniry and Tusk believe. But the truly intractable problem is less about code and more about human nature: how to convince an electorate, deeply fractured and conditioned to distrust, to accept a vote count it doesn’t like, regardless of the technology used. This profound crisis of confidence, rather than cryptographic vulnerabilities, might be the ultimate, insurmountable barrier to Bradley Tusk’s multimillion-dollar plan to revolutionize democracy. The genie of mistrust, once released, is far harder to put back in the bottle than any technological advancement.
