A Vote of No Confidence

Free and fair elections are a hallmark of a healthy democracy. Not only must the outcome be legitimate, but also, the citizens of the democracy must have confidence and belief in the integrity of the election. Three factors influence public confidence in electoral processes: voter education efforts, hierarchical levels of government and the postelection “winner effect” [1-4]. But what about the technical assurances built into current voting systems? How do they shape perceptions of fairness and accuracy?

Election systems and hardware are considered critical infrastructure in U.S. elections – assets, systems and networks that deliver essential services to society. Because of this, protecting and managing risks through information assurance is of heightened interest. The scope of information assurance has recently evolved to encompass broader concerns related to cybersecurity and information security. However, the five pillars of information assurance – confidentiality, integrity, availability, nonrepudiation and authentication – are still relevant when maintaining the integrity, secrecy, accessibility and verifiability of cast ballots [5].

In theory, these pillars work together to foster trust: Confidentiality ensures voter privacy, integrity prevents tampering, availability guarantees access, nonrepudiation provides proof of submission and authentication confirms voter identity. However, in practice, election systems face adversarial interference and meddling threats, and the states and localities that administer elections are doing so with limited budgets and aging equipment. Thus, a key question emerges when considering the next generation of election systems: Which information security pillars matter most to voters? To our knowledge, no study examines voter confidence in the U.S. election system and its ability to deliver fundamental information security.

To begin answering this question, we distributed a survey to more than 700 state and local election officials (EOs) from seven swing states, two blue states and one red state. We expect EOs to receive authentic feedback from voters because they are the front-line government election representative. Results from this early investigation reveal a clear perceived voter priority hierarchy, with voters valuing integrity and nonrepudiation the most. Confidentiality is the least valued pillar. 

Voter Confidence in the Literature

Educational campaigns by EOs, proximity to the level of government and the “winner effect” significantly influence voter confidence in electoral processes. Suttmann-Lea and Merivaki (2023) and Merivaki et al. (2025) demonstrate that educational campaigns were effective at enhancing voter trust during the 2020 and 2022 elections; targeted communication efforts improved confidence among skeptical voters and increased ballot acceptance rates [1, 6]. Atkeson et al. (2015) and Wolak and Palus (2010) indicate that voter confidence exhibits a hierarchical pattern, with highest trust placed in local elections and progressively decreasing confidence at state and national levels, a pattern consistent with broader government trust trends since the 1960s [2, 3]. Finally, the “winner effect” plays a crucial role – voters whose preferred candidates won typically report higher confidence in electoral systems after elections [4, 7]. Voters typically express greater confidence in local vote counting than in state-level processes and greater confidence in state processes than in national ones [1, 2]. 

Five Pillars of Information Assurance

Information assurance, protecting information assets with combinations of physical, administrative and technical controls, has been a key practice of risk management, especially within government and military contexts, since the early 2000s. As threat landscapes and technology evolved, information assurance broadened into information security, which better reflects the need to protect data across digital environments, adversarial threat landscapes and emerging technologies. However, the traditional definition of information assurance adds methods for accountability by considering nonrepudiation and authentication; information security does not.

Therefore, the five pillars of information assurance are still relevant to critical infrastructure and election systems risk management. Although the field evolved, all fundamental risk assurances cannot be ignored. In particular:

• Confidentiality is the quality or state of being private or secret. An example of confidentiality in an election is secret ballots or privacy envelopes for mail-in ballots. Violations of privacy could reveal who an individual cast a ballot for and put them at risk of personal or professional reprisal, especially in a politically charged culture [8].
• Integrity is the quality or state of being complete or undivided. An example of integrity in an election is ballots not being changed or altered while being cast or counted. Violations of ballot integrity could result in a ballot not being counted as cast or not being counted at all.
• Availability is the quality or state of being accessible, suitable and ready for use. Some examples of availability for voters in an election include Americans with Disabilities Act compliance, as well as convenient proximity of designated polling locations to work or home, polling location hours and ballot casting methods. Violations of availability can result in the inability of voters to cast a ballot or receive results in a timely manner.
• Nonrepudiation refers to the inability to deny having taken an action. Some examples of nonrepudiation in elections are verification that a vote by mail ballot was picked up from a drop box or received by the polling center. Violations of nonrepudiation can result in distrust in the election system.
• Authentication is the act or process of proving that something is real, true or genuine. Some examples of authentication in elections are signature verification on ballots and identity verification at the polling place. Violations in authentication can result in voter fraud.

There are currently no voting systems that deliver perfect protection across all five pillars, yet each pillar is critically important [9]. As the current equipment ages and the more digitally fluent Generations Z and Alpha enter the electorate, the need emerges to align continued security designs with voter expectations while maintaining and building both confidence and trust. 

Methodology

For this preliminary study, we sent a survey by email during spring 2025 to a random sample of EOs from states that listed employee email addresses online. Additionally, a link was provided to academic researchers in elections security to share with their government contacts. The survey was anonymous, managed via Qualtrics and reviewed by the institutional review board at Towson University. Questions in the survey included demographic data about the state and estimated population density of the communities served by each EO. Eliciting Likert scale and open-ended responses, we presented questions related to the five pillars with a section for the EO to rank the pillars in perceived order of importance to their county or locality. We also queried whether voters had expressed concerns about any pillar during the 2024 U.S. presidential election, or whether the EOs themselves had any concerns with their election equipment and/or administration processes. The response rate was 6.32% (48/759). No question in the survey had a forced response, which resulted in a usable answer  for each question after data cleaning.

Results

Figures 1, 2 and 3 present histograms of EO responses for the five pillars and their perceived importance, confidence in implementation, and impact on voter trust. Each of the pillars was broadly rated highly for these attributes. For every pillar, pairwise Fisher’s exact tests are not significant (p > 0.30 for all tests), indicating that no difference exists between the pillars themselves in terms of importance. This suggests uniform high ratings rather than differentiated priorities. That being said, it is possible that voters simply may not care about information security or don’t communicate their concerns to an EO. The current political and cultural environment in the U.S. may be directly or indirectly driving voters to express their preferences online via social media. Furthermore, the five pillars have not been directly in the national discourse, so voters may not be framing their views in terms of these structured definitions. Future research is needed to tie online posts and colloquial narratives to the pillars, contextualizing voter sentiment.

Figure 1: Voter perception of importance, as communicated to EOs.

Figure 2: Voter perceptions of confidence in methods and technologies, as communicated to EOs.

Figure 3: Voter perceptions of the impact of technology on trust, as communicated to EOs.

The data tells a more interesting story when we consider ranking the pillars. For this, we apply a modified Borda count, assigning 1-5 points per pillar. Borda counts can be used as a method of rank choice but have been subject to criticism in the literature for potential tactical manipulation. However, this is a small sample size in an early study, and value function elicitation or utility was outside the scope of our survey. Borda counts have support for use with partial voting, which are appropriate for this data, as many of our survey responses were incomplete [10]. Figure 4 presents the Borda counts for the five pillars; integrity has the highest count at 69, followed closely by nonrepudiation. This implies that, from the EO perspective, voters find all pillars highly valuable and important. Confidentiality scored lowest, but not at minimum count, suggesting voters view all pillars as important, with subtle distinctions.

Although the Fisher’s exact tests showed no statistically significant differences between the information assurance pillars, the Borda count showed a preference for integrity over the others. This may be because, as a respondent provided in free response, “voters think each item is equally important and of utmost importance.” All pillars of information assurance are inarguably important. However, not all voting technologies fulfill the qualities of each pillar in practice, and the survey results demonstrate that voters do not value them equally. We need to understand which pillars voters value most so EOs can invest in election technologies that best support the qualities of those pillars.

low ranking of confidentiality suggests a “privacy paradox,” in which individuals profess concern for data privacy but trade it for perceived benefits or convenience [11, 12]. This underscores the need for election systems that visibly demonstrate vote accuracy and verifiability, coupled with straightforward communication that demystifies technical trade-offs. In electoral settings, public demand for transparency and verifiability often overrides theoretical desires for secrecy, shaped by social norms and declining expectations of privacy in an online age [13, 14]. These suggestions may inform EOs when planning voter education and outreach efforts.

Comments in the free-response section of the survey referenced nonrepudiation and integrity. Multiple EOs mentioned that voters raised concerns regarding integrity, which were assuaged by on-the-spot voter education, a method shown to be effective [1, 15]. Other comments were more overt, discussing multiple pillars in a single free-form response. For example, one EO wrote: “A few voters expressed disapproval of the concept of ballot secrecy, instead wanting concrete, later verifiable evidence of their vote being for who they wished to vote for and being able to track every ballot to a voter and to be able to record themselves and others within the polling place.” Comments such as these suggested nonrepudiation, confidence and authentication concerns. The implied concern for accountability due to the high ranking of nonrepudiation and authentication indicated the desire for information assurance rather than mere information security.

Conclusions

We acknowledge this is very early work, utilizing a survey instrument predominately in the context of a student research project. That being said, what voters value and perceive to be important remains of concern, especially because strong, widely held beliefs in the integrity of an election are crucial for a functioning democracy. The data also suggests that voters and EOs may not truly understand the implications of and differences between the five pillars. Future work should validate these early findings as well as educate voters on information security principles that contribute to election integrity in the U.S.

References

1. Suttmann-Lea, M. & Merivaki, T., 2023, “The impact of voter education on voter confidence: Evidence from the 2020 US Presidential Election,” Election Law Journal: Rules, Politics, and Policy, Vol. 22, No. 2, pp. 145-165.
2. Atkeson, L. R., Alvarez, R. M. & Hall, T. E., 2015, “Voter confidence: How to measure it and how it differs from government support,” Election Law Journal, 14, No. 3, pp. 207-219.
3. Wolak, J. & Palus, C. K., 2010, “The dynamics of public confidence in US state and local government,” State Politics & Policy Quarterly, Vol. 10, No. 4, pp. 421-445.
4. Sinclair, B., Smith, S. S. & Tucker, P. D., 2018, “‘It’s largely a rigged system’: Voter confidence and the winner effect in 2016,” Political Research Quarterly, Vol. 71, No. 4, pp. 854-868.
5. Committee on National Security Systems (CNSS), 2022, “Committee on National Security Systems Glossary,” March 2, https://www.cnss.gov/CNSS/openDoc.cfm?a=vcJ3uEdUd5ylqnYcC2Zo0w%3D%3D&b=CC2FD5CF2A490C3D68DE8BEB5B325BCB4A04C9C87FB22BE6D09FCD200688B7E07550BCF3B381984B1AC1FAF5DBBA2523.
6. Merivaki, T., Suttmann-Lea, M. & Orey, R., 2025, “Does relying on ‘close to home’ information sources increase voter confidence? Evidence from the 2022 midterm elections,” Social Science Research, Vol. 126, Art. no. 103131.
7. Sances, M. W. & Stewart III, C., 2015, “Partisanship and confidence in the vote count: Evidence from US national elections since 2000,” Electoral Studies, 40, pp. 176-188.
8. Adler, E. S. & Hall, T. E., 2013, “Ballots, transparency, and democracy,” Election Law Journal, Vol. 12, No. 2, pp. 146-161.
9. Bernhard, M., Benaloh, J., Alex Halderman, J., Rivest, R. L., Ryan, P. Y., Stark, P. B., et al., 2017, “Public evidence from secret ballots,” Electronic Voting: Second International Joint Conference, E-Vote-ID 2017, Bregenz, Austria, October 24-27, 2017, Proceedings 2 (pp. 84-109). Springer International Publishing.
10. Emerson, P., 2013, “The original Borda count and partial voting,” Social Choice and Welfare, Vol. 40, No. 2, pp. 353-358.
11. Barnes, S. B., 2006, “A privacy paradox: Social networking in the United States,” First Monday, Vol. 11, No. 9, https://doi.org/10.5210/fm.v11i9.1394.
12. Dienlin, T. & Trepte, S., 2015, “Is the privacy paradox a relic of the past? An in‐depth analysis of privacy attitudes and privacy behaviors,” European Journal of Social Psychology, Vol. 45, No. 3, pp. 285-297.
13. Tan, Q. & Pivot, F., 2015, “Big data privacy: changing perception of privacy,” 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity), 860-865. Hoboken, N.J.: IEEE.
14. Tsay-Vogel, M., Shanahan, J. & Signorielli, N., 2018, “Social media cultivating perceptions of privacy: A 5-year analysis of privacy attitudes and self-disclosure behaviors among Facebook users,” New Media & Society, Vol. 20, No. 1, pp. 141-161.
15. Suttmann-Lea, M. & Merivaki, T., 2022, “Don’t drown the message: The effects of voter education on mail ballot acceptance in North Carolina,” Journal of Election Administration Research and Practice, Vol. 1, No. 2, pp. 69-95.