You can’t make online voting secure just by wishing it so

viral-voting-cover-imageLike many who were raised on the optimistic visions pre-cyberpunk SF gave us, this isn’t the future I expected us to have. By now, we should all be travelling everywhere by jetpack or hoverboard, except for our holidays where we’d have to go to our local spaceport to get the rocket that would take us to hotels in orbit or the moon. We did get some parts of the future right – computer screens everywhere and phones in your watch, for instance – but those bigger parts of the vision proved either technologically impossible, or just far too impractical and complicated to supplant the old way of doing things.

If we were going to do everything on a computer – I don’t think we used ‘online’ back then – we’d definitely vote by computer when The Future came into being. After all, in what way could walking (or hoverboarding) to your local polling station to use a pencil to mark a piece of paper with your voting preference be part of The Future? No, we’d surely do that by computer, and then Robo-Dimbleby would be able to instantly announce the results on the holographic BBC.

Unfortunately, we never made it to that future, and instead we have to deal with one where secure online voting is currently about as feasible as jetpacks or hoverboards, no matter how much its advocates want to pretend otherwise. Consider this, from a security analysis of Estonia’s electronic and online voting system:

What we found alarmed us. There were staggering gaps in procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers, such as Russia. These attacks could alter votes or leave election outcomes in dispute. We have confirmed these attacks in our lab — they are real threats. We urgently recommend that Estonia discontinue use of the system.

(And if you think that means just the Estonian system is flawed, go read a lot of the links here)

Security issues are a problem for online and e-voting at a basic level. This is widely known, and easily discoverable which is why reports like this one (full PDF) from WebRoots Democracy which completely ignore them are very disappointing.

We’d all like to make voting easier and increase turnout in elections, but we’d all like jetpacks too and we can’t magically make them happen just by wishing for them. The problem with this report is that it reads very much like someone claiming they have a working hoverboard because they deny the existence of gravity. The report is 86 pages long, and the first mention of security doesn’t come until page 74. Up to this point, the report has been an absolute blizzard of statistics (many of them irrelevant to the point they’re ostensibly making) and factoids, but the solitary page on security doesn’t bother to look at any evidence. There’s one footnote to the entire section, and that’s solely to confirm that the Government uses cloud storage. There’s no mention of any of the many studies into the security of online voting or reference to any experts in the field. Finally, the conclusion to the section comes:

Despite this, the public will rightly expect their vote, the bedrock of democratic societies, to be secure. This however should be a challenge for the pilot phase of an online voting roll out. It shouldn’t be something that discourages Governments from looking into online voting.

In short, online voting should be secure, so the Government should make it secure. That’s it. The fact that it isn’t secure, and no one has yet come up with a practical and reasonable way to make it even as secure as the current system is gets completely glossed over. While the rest of the report is falling over itself in its eagerness to use statistics from the big online companies, it seems that no one behind the report even bothered to look up the Open Rights Group or similar organisations, let alone contact them. This is just wishing away problems because the authors have already decided that online voting is the future, so it must be made to happen.

Just consider the myriad security issues that apply to online voting, starting with securing the device the vote is cast on and the basic question of making sure that the person logged in is the person casting the vote, not a friend, family member or party worker who’s going to ‘help’ them vote. (If you think that’s a problem now with postal voters, just imagine how much easier online voting will make it) Then add to that the problem of making sure the vote is transmitted, recorded and counted securely and accurately while maintaining the anonymity and secrecy of an individual’s vote. That is much more than ‘a challenge for the pilot phase of an online voting roll out’, it’s a series of fundamental problems that have to be addressed before you even begin to consider piloting.

I find myself wondering just who is behind this report. WebRoots Democracy have an About page on their website and a list of the various people involved, but doesn’t make any mention of how this report (which mentions surveys and research they’ve commissioned) and their other work was funded. There’s no facility for donations or memberships on their site, but someone must be paying the bills and we already know that there are several companies eyeing up the money to be made from online voting. Is this a genuine grassroots – sorry, web roots – independent report from people who want more online voting or a piece of corporate astroturfing?

Online voting might bring benefits to our democracy, and it might increase participation and turnout, but I’m always deeply suspicious of anyone who tries to sell you on an idea by focusing heavily on the positives and glossing over the negatives. It’s easy to declare that online voting should be secure, but wanting something and making it happen are vastly different things. Anyone who’s spent any time online will have seen how frequently security is compromised, even without the unique problems of verification that come with online voting, and it should be enough to give anyone a pause for thought. Trying to bounce everyone into accepting online voting by shouting “The internet’s great!” while paying no attention to the security threats behind the curtain is putting our democracy at a massive risk.

3 thoughts on “You can’t make online voting secure just by wishing it so”

  1. I wrote about this here. My current opinion on this is that, even if online voting could be made secure to the satisfaction of experts (and I don’t personally believe it can be), it still should not be used.

    The voting process we use today can be explained to the average voter in about ten minutes and they don’t need to trust somebody else’s opinion, though they do need to have some trust in the checks and balances that oversee the process. A system that voters can’t understand as being secure, reliant on expert testimony, is not a desirable voting system.

Comments are closed.