With the 2015 UK general election approaching and the increasingly digital nature of society, electronic voting is once again being promoted as the next stage in the evolution of democracy. But despite the ease and cost-saving opportunities, security questions remain.
In a speech to the University College London Constitution Unit in March 2014, Jenny Watson, chair of the election watchdog the Electoral Commission, revealed the commission was examining a range of ways to make voting more accessible, including “radical options such as e-voting”.
Almost in parallel with this, in November 2013, speaker of the house of commons John Bercow MP announced the formation of the Speaker’s Commission on Digital Democracy. The commission is designed to “make recommendations on how parliamentary democracy in the UK can embrace the opportunities afforded by the digital world.”
The Speaker’s Commission on Digital Democracy has divided its work into five core areas, with electronic voting being considered as a separate issue. A report from the commission about its findings is due to be published in January 2015.
This is not the first time the UK has considered electronic voting – five local authorities in the UK held pilot schemes in 2007. Following these schemes, a report by the Electoral Commission discovered "issues with the security and transparency of the systems, and the capacity of the local authorities to maintain control over the elections."
The UK is not the only country to conduct research into electronic voting. In 2005, The Pentagon in America decided to drop their proposed online voting system which would have allowed overseas military personnel the opportunity to vote in the elections later that year.
More on electronic voting
The reason cited by the deputy secretary of defence Paul Wolfowitz was the inability to ensure the legitimacy of votes. Despite this, the US government continues to employ touchscreen voting machines in their elections.
Electronic voting adopted in Estonia
Estonia is the country which has embraced electronic voting the most, with electronic and online voting being used since 2005 in their local, general, municipal and parliamentary elections. A quarter of voters in the country have used electronic voting during parliamentary elections.
An independently peer-reviewed academic paper about the voting system used during the Estonian 2014 elections was able to demonstrate – through laboratory tests – the system was vulnerable to a series of wide-ranging attacks, which could manipulate the results without being detected. This was despite the Estonian government employing a unique smartcard identity system.
Jason Kitcat, a member of the advisory council for the Open Rights Group – which specialises in electronic voting – defines the three broad groups of electronic voting currently available as:
- Machines in a polling station supervised by people.
- Remote electronic voting (internet voting, voting over digital TV and such like).
- Electronic counting (the counting of paper ballots).
The UK-based company Electoral Reform Services routinely employ an online voting system – as well as postal, telephone and SMS voting – for private institution elections, such as for the council of a society or university. Although important, these are relatively low stakes when compared with the possible repercussions of national elections.
One of the key reasons for the Electoral Commission considering electronic voting is it perceives it will increase voter attendance, especially targeting “an increasingly disenfranchised younger generation”.
Its argument for employing electronic voting is since we spend so much of our life online, with internet shopping and online banking, voting should be no different.
However, the executive director of the Open Rights Group Jim Killock respectfully disagrees.
“The real driver of voter participation is the importance of elections and trust in politicians. You can’t solve those problems with technology," he says.
Another of the arguments for using electronic voting machines is they remove the need for printed paper ballots. However, Kitcat discovered during the UK pilots that were run until 2007, in Sheffield it cost £1 per paper vote and £70 per electronic vote.
Electronic voting costly and insecure
“Electronic voting is a difficult tool to produce,” explains Kitcat. “You have an immovable deadline which is very high risk, with very high security requirements and a lot of people trying to use it simultaneously.”
No system is ever 100% secure, and this is just as true with electronic voting machines. Just as a computer or laptop is susceptible to attacks from malicious software and viruses, so too are electronic voting machines. These can range from insider or outsider attacks, to widespread viruses on the client software.
Professor of security engineering at the University of Cambridge computer laboratory Ross Anderson says when political power is about to change the stakes are very high, which could lead to issues.
“The fundamental problem is you can have subversion of the technical mechanism, subversion of the organisation that does the vote tabulation and announces the result, or you can have coercion of individual voters,” he says.
The parties who might wish to influence a governmental election can be broadly fitted in one of three main groups:
- Political parties wanting to sway the election in their favour.
- Foreign governments wanting a sympathetic government in power.
- Corporations with vested interests in a particular party being in power.
Maintaining an audit trail and accountability
One of the key hurdles in electronic voting is the need for maintaining an audit trail, should a recount be called for. When the vote is stored electronically, it becomes far more difficult to verify and recount the votes.
Many in the computer science world and academia agree electronic voting is a fundamentally flawed idea
Peter Ray Allison
Not only must electronic voting be auditable, the paper trail must be maintained in such a way that voters remain anonymous.
“There has been an awful lot of discussion on the technical means for election mechanisms that are both anonymous and accountable,” says Anderson.
“You submit your vote in some encrypted form so you can check it has been accounted for in a list of cast votes but nobody else can link it to you. There are various approaches to this, from fancy cryptography to multi-part stationery,” he adds.
However, Kitcat says despite the research on preserving anonymity while maintaining an audit trail, there isn't a simple answer.
“The solutions are so mathematically complex they would not be understood by any likely user of the system," he says.
Even if a technique could be found, a method for ensuring system security still needs to be discovered. “The consensus among computer scientists is not with modern-day technology,” states Kitcat. “Maybe in the future, but not at the moment.”
Electronic voting machines are currently programmed using closed-source software, with auditors having to sign non-disclosure agreements in some cases. Thus any security vulnerabilities that are discovered are not being made public knowledge.
There have been arguments for adopting open-source software instead, as a means by which to ensure greater transparency and thereby greater security.
Kitcat wrote the first online voting software, called GNU.free, which was open-source and adopted by the Free Software Foundation. However, both he and the foundation soon came to the conclusion that it was not a very good idea.
The problem came down to versioning. Just because the software was published online, it did not confirm this was the same version or type of source code that was being used in the voting machine.
“Open source is obviously better than not being that, but it does not prevent the problems of securing the computer,” explains Kitcat.
The future of electronic voting
A further important consideration is a significant percentage of the older generation – which is currently the highest-voting demographic – will not wish to use electronic voting machines as they will not be confident in using them. Therefore, electronic voting could never be used exclusively, and other channels – such as traditional paper voting – would have to be maintained.
Despite all of the arguments against electronic voting, people still believe there will be an all-electronic digital environment. Perhaps one day the technology will exist for a secure, anonymous, reliable and auditable form of electronic voting, but it does not exist today.
Many in the computer science world and academia agree electronic voting is a fundamentally flawed idea, and any form of government elections is the one place where technology should not be used, due to the inherent vulnerabilities.
“If you look at the record around the world – Canada, Norway, Italy, France, Germany, the UK and Ireland have all spent millions on electronic voting, either in pilot schemes or in mainstream use, and all have withdrawn from using it because the risks are too great,” says Kitcat.
Likewise, Jenny Watson admitted towards the end of her speech at the University College London the security of the system – as opposed to its accessibility – needs to be considered carefully.
Killock concludes: “Electronic voting in national elections is an expensive and dangerous irrelevance.”