Today no sector remains unaffected by the advance of digital technology. It therefore makes sense that the idea of shifting election voting into the 2.0 era has come quite a long way towards acceptance.
During the most recent parliamentary elections in Australia, the vote count turned into a huge conundrum and it took no less than eight days to decide which party had actually topped the polls. Throughout this period of uncertainty, both the outgoing Prime Minister, Malcolm Turnbull, who was eventually declared the winner, and the leader of the main opposition party, Bill Shorten, both came out in favour of electronic voting, arguing that this would have avoided the post-electoral hiatus. Today the Internet enables people to shop – close to 172 million Americans made online purchases in 2015 – order a taxi or even make an appointment with the doctor. So why not use this channel to elect your political representatives?
A question of efficiency
The proponents of electronic voting say that it would basically make vote counting far simpler, thus saving on time, staff numbers and ultimately money. Australian blogger David Glance points out that the body responsible for counting votes in his country – the Australian Electoral Commission – needs some 175,000 people to manage the process. Nevertheless, in spite of these vast resources, errors continue to occur. During the 2013 elections, 1,375 ballot papers went missing in Western Australia, forcing the voters in that state to return to the polls and cast their votes a second time.
Glance argues that setting up an electronic online voting system would both reduce the number of people required for the electoral process and reduce the risk of errors. He believes that electronic voting would also lead to faster results, improve reliability and even increase voter participation. “Absentee voters could vote from anywhere, the cost of voting would be significantly reduced and the results would be instantaneous and accurate,‟ he underlines. Reducing the abstention rate, which ought to be one of the outcomes of a system that calls for minimal effort on the part of the voter, is one of the main arguments put forward by those pushing for change. “If the ultimate goal is maximising the country’s voting turnout, shouldn’t we develop an Internet voting system? Voting from a computer at home could be far easier than waiting in long lines at polling stations or filling out mail-in forms,” wrote Californian journalist Rick Paulas. During the most recent United States primary elections, the endless queues at polling stations discouraged many voters from casting their votes. In Arizona, some polling stations closed while there were still queues of people waiting outside.
Blockchain to the rescue?
Many of those who advocate online voting are calling for a system based on the blockchain in order to ensure voter anonymity and system reliability. The blockchain is a decentralised database managed through a network of computers, which is designed in such a way that no single computer is responsible for storing and updating the records. Each computer stores an entire copy of the database, together with a history of all the updates made since the very beginning – i.e. an audit trail. Any computer may enter or leave the network at any time without threatening the integrity of the database, which can be fully reconstructed by any individual computer on the basis of the audit trail. Startups such as Follow My Vote and veri.vote are advocating the use of the blockchain for online voting: each vote would be recorded in the decentralised database. The audit trail would ensure that no vote could be secretly changed or deleted and that all recorded ballots were valid – i.e. submitted by a person who is eligible to vote and with no undetected double-voting, and so on.
A blessing for Mormons
Founded in the US in 2000, London-headquartered Smartmatic has developed a number of online voting solutions based on the blockchain. Since launching, the company has worked with the authorities in Uganda, the Philippines, Brazil, Belgium, and in the Western US state of Utah. In March this year, Utah’s Republican voters were able to vote online at their party’s primary, thanks to Smartmatic’s blockchain technology. After registering online and entering some basic personal data, any Utah Republican supporter wishing to vote via the Internet was provided with a cryptographic key to be used when selecting a candidate on the party website.
Salt Lake City.
In addition to the traditional arguments put forward by the standard-bearers of electronic voting, trying out the system in Utah also meant dealing with a specific feature of that state – its large Mormon population. A large proportion of the Mormon community spend many years overseas on missionary duty. Up to now these absentees had to cast postal votes, which is a rather cumbersome way of doing things.
The Estonian model
Meanwhile another US state has just taken a step towards online voting: Virginia has authorised voters to register to vote online. Nevertheless, at the moment they still have to go to a polling station to actually submit their ballot papers.
However, the world online electoral voting champion is a small country of 1.3 million inhabitants situated on the Baltic coast. Estonia gives each of its citizens a digital ID at birth.
Listen to our World Tour piece on Estonia (in French only) on L'Atelier Numérique (L’Atelier Digital)
Estonians are then able to make secure payments on the Internet, launch a company in the blink of an eye… and vote online. Other countries have followed suit: Japan has based its digital identification programme, called MyNumber, on the Estonian system. MyNumber enables citizens to pay their taxes and their social security contributions online. At the moment, however, the system does not include online voting.
Experts warn of “unacceptable” risks
General enthusiasm for online voting is certainly growing, but meanwhile many experts are sounding the alarm. In 2014 researchers at the University of Michigan went through the Estonian model with a fine-tooth comb, and spotted a number of security breaches. Most seriously, the servers used to count the votes were found not to be immune to cyber-attacks: “There are protections in place to make sure the servers aren’t compromised. But if they are, they can output any vote totals they want,” warns J. Alex Halderman, an Assistant Professor of Computer Science and Engineering at the University of Michigan, who worked on the report. David Dill, Professor of Computer Sciences at Stanford, sounds the same alarm: “Estonia is vulnerable to cyber-attacks. In my opinion they’re crazy to use an Internet-voting system!” He argues that “in the current state of current technologies, the risks associated with online voting are totally unacceptable.”
A potential danger to the democratic system
The main risk, from his point of view, is that some voters may lose faith in the election results. “In most cases an election requires a secret ballot, which means that the identity of the voter must be entirely removed from his/her vote. If some votes are manipulated or modified, fraud may occur and may be completely undetectable.” This would obviously jeopardise the entire democratic process: “The potential that electoral fraud could go undetected would mean that the result couldn’t be trusted, even when in actual fact there is no fraud. If there’s any doubt about an election, which is often the case, there’s no way to backtrack and check that the result is really correct, as the proof and documents needed to do so don’t exist with an online voting system,” he points out.
Some commentators have even suggested doing away with the principle of anonymous voting, which poses just as great a risk for democracy. The proponents of online voting retort that the current system does not provide an unbreachable defence against electoral fraud either, given that ballot box stuffing, counting errors and other weaknesses are inherent in any voting system. It remains a fact however that switching to online voting would be a leap into the unknown.
Viruses and malware
There is also a very real risk that viruses and malware may be used to infiltrate voters’ computers. “There is no adequate solution to this problem. Anti-virus software has gaps in it and Internet users are not sufficiently informed or meticulous about security. Millions of personal computers are controlled by criminals, via botnets ,‟ worries David Dill. "The risks are almost limitless. A voter could for example be taken to a fake voting site, which would then enable the hackers use his/her identity to vote in a different way.”
This concern is shared by David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory: “We’re not even remotely close to guaranteeing that there’s no malware on your computer.” Such malware is capable of modifying or deleting the vote cast by the computer’s owner without leaving any trace: “The malware might erase itself a half second later, and so there might be no evidence,” warns Jefferson. One of the major risks is what is known as ‘denial of service’, which can bring a voting site down by overloading it. Then there is ransomware, malicious software able to take the completed ballot papers hostage and then sell them to the highest bidder: “Imagine the crisis if somebody encrypted the votes and said [to the government], ‘For one million, I’ll give you the key,’” Jefferson underlines.
Profound institutional changes
The problems posed by electronic voting are by no means limited to computer security, points out David Dill. Implementing this type of system would also involve far-reaching institutional changes: “The legislative system would have to change in order to take account of the new ways elections might fail. For example, if an algorithm indicates that the trustworthiness of an election has been compromised, what can be done? Tribunals in the United States have always been extremely reluctant to annul elections, even when there is solid proof that a technical problem has distorted the result,” stresses the Stamford University Computer Sciences Professor.
Last but not least, David Dill doubts the key argument put forward by supporters of online voting – i.e. that it would reduce abstention rates: “In the United States, extending voting to postal voting has not increased participation and other online voting experiments around the world have not done so either. Using an electronic voting system therefore risks sacrificing the credibility of our electoral system for no gain whatsoever,” he concludes.
The good old methods…
To justify their scepticism, these experts cite a number of experiments that have been less than convincing. In 2000, an online voting system was set up for primary elections in Arizona, which was attacked by hackers. The experiment was repeated in Washington D.C. in 2010, this time specifically inviting the general public to try and hack into the system so as to test its resilience. Within 48 hours, J. Alex Halderman’s team had managed to penetrate the system. The latest experiment conducted in the state of Utah also suffered setbacks. Some voters encountered bugs that prevented them from voting, while others repeatedly received error messages when they tried to navigate on the website.
David Dill points out that elections are simply too important not to be a prime target for hackers. “In order to assess the security of any system, you have to take account both of the difficulty of attacking it and the motivation level of potential attackers. A jeweller has more reason to fear robbery than a junk shop owner. The opportunity to control an elected office may attract very large sums of money, even at local level. So there are reasons to believe people would want to affect the outcome of elections and we need to take precautions. A well-designed paper voting system, with observers from the different parties, is the best thing we have at the present time,” he argues.
Nevertheless, some experts would not shut the door to new attempts at online elections in the future, once adequate security conditions are in place: “If we want to do electronic voting, we need to agree that there is a certain amount of risk. But that risk isn't insurmountable,” says Paul Kwan, a computing expert from the University of New England. However, Kwan is not very optimistic that politicians will push hard to overcome these risks as “there are other issues that might be a priority for politicians.”
So, while the concept of online voting might seem to be part of the spirit of the times, the cyber-security experts seem to have, for the moment at least, kicked it into the long grass…