Why online voting creates more problems than it solves

Election Polling Station SignAThere’s a new law in politics: whenever there’s been an election with a disappointing turnout (so, pretty much any time there’s an election in the UK) someone will pipe up with ‘we should vote on the internet, that’ll boost turnout’. Someone (occasionally me) will point out that there are lots of problems with the idea of online voting, most notably that creating an online balloting process that’s acceptably secure and secret is the sort of problem that stumps computer scientists.

The response is usually to wish away these problems (which, to be fair, is something even MPs do) and assert that because we can do other things online, we should be able to vote. Now, I could try and explain here why voting is different to banking or shopping, but others have done the job for me, so take a few minutes to watch one or both of these videos:

(The Princeton TED talk is longer and goes into more detail, while the Computerphile one is more entertaining, but they complement each other nicely)

The important point to note is that our current system of voting wasn’t created from scratch but evolved over time through various innovations that have helped to improve security and protect the secrecy of the individual’s ballot. It’s a process that gets regularly stress-tested (usually every May, with other localised tests throughout the year) and has proved that in most cases it can deliver what it needs to (unless you live in Barnet, of course). For online voting to have anything like the same degree of reliability, there are a whole lot of practical issues that need to be resolved. People – like me – who don’t want the sudden adoption of online voting aren’t doing it because we get some nefarious thrill from driving down turnout but because we have genuine concerns that it can deliver the secure and secret election process that everyone desires. I’d love to be able to vote online, but I’d also love to be able to fly and I’m not going to jump off a cliff in the hope I figure out how to do it before I hit the ground.

In the meantime, if you want to boost turnout in elections, there are other ways to do it. You could give councils more powers, so people regard voting for them as more important. You could change voter registration laws to make it easier for people to be automatically registered when they interact with any form of government. You could invest more in running elections to enable more information to be sent out to voters about what posts entail and who the candidates are. You could move polling days to weekends or make election days public holidays, so polling stations are open when people have more time to get to them. You could even adopt an electoral system that makes an individual’s vote more likely to count to motivate them to vote. Sure, none of these match ‘do it on the internet’ as the magic bullet that will solve all problems, but none of them introduce a vast range of new problems either.

Democracy is hard work, and making sure it runs smoothly is a complicated process. There are rarely trouble-free shortcuts to making complicated processes that run important things simple, and online voting is no exception. If you’re convinced it’s wonderful, then you have to address its flaws and people’s concerns, not wave them away because they’re inconvenient truths.

Worth Reading 181: Poisoning Ptolemy

With the dissertation over, I can get back to blogging some more. So here, have some links:

Not such a good idea: Why you should think twice about online voting – a good article setting out the flaws with online voting.
I work in PR – and we’re all terrible people – Also, water is wet. But this is an interesting insight.
Hard to be a god – An interesting essay from Ken Macleod on the intersections of SF and politics.
If the Hinkley C nuclear deal looks astonishing, that’s because it is – The strange economics of nuclear power are getting stranger.
My current reckons on Tim Farron and the Lib Dems – A good summing up of the current state of the party by James Graham.

Worth Reading 162: A season of baseball

Philip K. Dick was right: we are becoming androids – “The deep problem, for Dick, wasn’t that mechanisms might become more manlike. It’s that men might be reduced to mechanisms.”
Why I Just Cancelled My Direct Debit To The Electoral Reform Society – Andrew Hickey on how their shilling for online voting has lost them his support.
Because good people doing bad things does not happen only in sepia – Crooked Timber’s Maria Farrell on the flaws in Britain’s defence and security policies, highlighted by Philip Hammond’s recent speech.
China’s Tensions With Dalai Lama Spill Into The Afterlife – The Dalai Lama says he may not reincarnate. Showing an unexpected interest in theological matters, the Chinese Government and Communist Party insist he will.
The lost key to the crown jewels – How English cricket was lost to terrestrial television, and then kept away from it, no matter how good for it the return might be.

Digital democracy debate: MPs demand hoverboards for all by 2020

digitaldemocracyThey had the Digital Democracy debate in Parliament this morning. This link should take you to a transcript for the rest of today, but I’ll need to go to Hansard in the morning to get a permanent link to it. (UPDATE: Here it – hopefully permanently – is) That does show just one of the problems we have with the concept of ‘digital democracy’ and as I said before, I think a lot of the Commission’s proposals, especially around education and participation, are very good and the next Government needs to work to introduce them.

However, all those good ideas flee the room the moment online voting gets discussed. What we get at that point is the MPs doing the equivalent of demanding that everyone gets their own hoverboard by 2020, regardless of what the laws of physics might say about that possibility. If the House of Commons wants to ignore the laws of physics, it damn well should be able to!

Eppur si muove, as they say, and if I had better Latin, or any Latin at all I’d add ‘and yet it’s still not secure’ to all their beliefs that everything will be fine with online voting if we just wish for it hard enough. Robert Halfon gave a speech that was a masterpiece of Parliamentary because-I-wish-it-so nonsense, that in a true online and digital democracy would have been littered with ‘[citation needed]’ markers as he spoke. For instance, in one short paragraph of his speech:

People want new options[citation needed], and it is up to us to provide them with some[dubious claim – why can’t the people generate their own?]. We must not fool ourselves: the decline in voter participation is strongly linked[citation needed] to the fact that new generations interact in different ways[citation needed] and therefore require different ways of appealing to them[citation needed].

He then later goes on to discuss Estonia’s online voting as though no one had pointed out the many many security holes in that system but then, it seems that anyone who wrote to him about voting security was apparently ‘abusive’ and using a ‘farcical argument’ because our current voting system is not perfectly secure. By the same logic, the next time Mr Halfon needs to replace a bucket with a hole in it, I shall recommend he buys a sieve.

Robert Halfon is not alone in suddenly shedding any demands for reasonable evidence in order to embrace the bright shiny precious of online voting. Tom Brake manages it too, telling how a survey on Facebook reached a whole eleven people of which seven were in favour of it, and someone called Andy thinks it can be made secure. There’s your slogan: Online voting – Andy says your vote is safe.

There is a point here, and it’s that MPs need to be sceptical about claims of the proposed benefits of online voting because there are far too many people out there who’ll happily ignore all the flaws in the hope of making large sums of money from it. For an example, see this blog post from Electoral Reform Services (the commercial arm of the Electoral Reform Society) which asserts that online voting, and particularly their version of it that they want to sell to you, is perfectly safe.

It may be that we’re just days away from a breakthrough in security that will make online voting safe, just like physicists might now be putting the final working touches to the gravity-nullifying devices that will make hoverboards a reality. Then again, it might never come, and rushing ahead as though it will definitely come is asking for disaster. When we get tweets like this from MPs:

I wonder what else they would like to legislate will happen before 2020? If Parliament wants to put serious investment into electronic security (particularly to educating people to keep the computers they’d be voting on free from viruses and malware) then maybe we might get somewhere, or at least the spinoff benefits of improved security systems would benefit us all. If they just want to rush ahead regardless, we’re all in trouble.

A ‘digital democracy’ can’t ignore security

digitaldemocracyThis morning, there’ll be a Parliamentary debate in Westminster Hall on the report of the Speaker’s Commission on Digital Democracy.

Overall, it’s a good report which you can see here. It proposes some interesting and useful new ideas for opening up Parliament and giving people new channels to get involved and be informed, while generally not running away with itself and succumbing to the techno-evangelism that has people proclaiming that the internet will solve all our problems.

However – you knew there’d be a however, didn’t you? – it drops the ball when it comes to online voting. Not quite as badly as the ‘Viral Voting’ report last week did, but it has a very worrying approach to security in its conclusions. Yet again, there’s an expectation that security problems don’t have to be bad if we want to pretend that they’re not bad, rather than facing them head on.

The section in question is here. The Commissioners deserve credit for speaking to the Open Rights Group and including their comments in the report which sums up the problems very well:

“Voting is a uniquely difficult question for computer science: the system must verify your eligibility to vote; know whether you have already voted; and allow for audits and recounts. Yet it must always preserve your anonymity and privacy. Currently, there are no practical solutions to this highly complex problem and existing systems are unacceptably flawed.”

Unfortunately, when faced with the fact that “there are no practical solutions to this highly complex problem”, the Commissioners don’t then adopt the sensible position that efforts need to be made to try and solve that problem before any real deployment of online voting can begin. Instead, they talk about how ‘the concerns about security must be overcome’. Not the issues or the fundamental problems, just the concerns. They then go on to recommend that ‘in the 2020 general election, secure online voting should be an option for all voters.’ And they can all be given a jetpack or a hoverboard as a reward for voting, I expect.

Yet again, the cart is being placed several miles ahead of the horse. Trying to push for implementation of an idea by a certain date in the hope that fundamental problems can be solved by then is asking for trouble, and for a system to be rolled out (probably alongside a massive PR campaign to assure that it’s perfectly safe) that’s riddled with security issues. I understand the appeal of online voting, and I understand the appeal it has for politicians who want to be seen to be engaging with technology, but engaging with technology means understanding it, and understanding it means accepting that security is a fundamental issue not a peripheral concern.

If you really want secure online voting to happen, then you’ll need to spend a lot of money and time developing a secure system, in the same way our current voting system evolved over time in response to security challenges. Rushing something through to meet an arbitrarily imposed deadline is always going to see security being compromised, and that’s an attitude we shouldn’t accept when our entire democracy is at stake.

You can’t make online voting secure just by wishing it so

viral-voting-cover-imageLike many who were raised on the optimistic visions pre-cyberpunk SF gave us, this isn’t the future I expected us to have. By now, we should all be travelling everywhere by jetpack or hoverboard, except for our holidays where we’d have to go to our local spaceport to get the rocket that would take us to hotels in orbit or the moon. We did get some parts of the future right – computer screens everywhere and phones in your watch, for instance – but those bigger parts of the vision proved either technologically impossible, or just far too impractical and complicated to supplant the old way of doing things.

If we were going to do everything on a computer – I don’t think we used ‘online’ back then – we’d definitely vote by computer when The Future came into being. After all, in what way could walking (or hoverboarding) to your local polling station to use a pencil to mark a piece of paper with your voting preference be part of The Future? No, we’d surely do that by computer, and then Robo-Dimbleby would be able to instantly announce the results on the holographic BBC.

Unfortunately, we never made it to that future, and instead we have to deal with one where secure online voting is currently about as feasible as jetpacks or hoverboards, no matter how much its advocates want to pretend otherwise. Consider this, from a security analysis of Estonia’s electronic and online voting system:

What we found alarmed us. There were staggering gaps in procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers, such as Russia. These attacks could alter votes or leave election outcomes in dispute. We have confirmed these attacks in our lab — they are real threats. We urgently recommend that Estonia discontinue use of the system.

(And if you think that means just the Estonian system is flawed, go read a lot of the links here)

Security issues are a problem for online and e-voting at a basic level. This is widely known, and easily discoverable which is why reports like this one (full PDF) from WebRoots Democracy which completely ignore them are very disappointing.

We’d all like to make voting easier and increase turnout in elections, but we’d all like jetpacks too and we can’t magically make them happen just by wishing for them. The problem with this report is that it reads very much like someone claiming they have a working hoverboard because they deny the existence of gravity. The report is 86 pages long, and the first mention of security doesn’t come until page 74. Up to this point, the report has been an absolute blizzard of statistics (many of them irrelevant to the point they’re ostensibly making) and factoids, but the solitary page on security doesn’t bother to look at any evidence. There’s one footnote to the entire section, and that’s solely to confirm that the Government uses cloud storage. There’s no mention of any of the many studies into the security of online voting or reference to any experts in the field. Finally, the conclusion to the section comes:

Despite this, the public will rightly expect their vote, the bedrock of democratic societies, to be secure. This however should be a challenge for the pilot phase of an online voting roll out. It shouldn’t be something that discourages Governments from looking into online voting.

In short, online voting should be secure, so the Government should make it secure. That’s it. The fact that it isn’t secure, and no one has yet come up with a practical and reasonable way to make it even as secure as the current system is gets completely glossed over. While the rest of the report is falling over itself in its eagerness to use statistics from the big online companies, it seems that no one behind the report even bothered to look up the Open Rights Group or similar organisations, let alone contact them. This is just wishing away problems because the authors have already decided that online voting is the future, so it must be made to happen.

Just consider the myriad security issues that apply to online voting, starting with securing the device the vote is cast on and the basic question of making sure that the person logged in is the person casting the vote, not a friend, family member or party worker who’s going to ‘help’ them vote. (If you think that’s a problem now with postal voters, just imagine how much easier online voting will make it) Then add to that the problem of making sure the vote is transmitted, recorded and counted securely and accurately while maintaining the anonymity and secrecy of an individual’s vote. That is much more than ‘a challenge for the pilot phase of an online voting roll out’, it’s a series of fundamental problems that have to be addressed before you even begin to consider piloting.

I find myself wondering just who is behind this report. WebRoots Democracy have an About page on their website and a list of the various people involved, but doesn’t make any mention of how this report (which mentions surveys and research they’ve commissioned) and their other work was funded. There’s no facility for donations or memberships on their site, but someone must be paying the bills and we already know that there are several companies eyeing up the money to be made from online voting. Is this a genuine grassroots – sorry, web roots – independent report from people who want more online voting or a piece of corporate astroturfing?

Online voting might bring benefits to our democracy, and it might increase participation and turnout, but I’m always deeply suspicious of anyone who tries to sell you on an idea by focusing heavily on the positives and glossing over the negatives. It’s easy to declare that online voting should be secure, but wanting something and making it happen are vastly different things. Anyone who’s spent any time online will have seen how frequently security is compromised, even without the unique problems of verification that come with online voting, and it should be enough to give anyone a pause for thought. Trying to bounce everyone into accepting online voting by shouting “The internet’s great!” while paying no attention to the security threats behind the curtain is putting our democracy at a massive risk.

Online voting won’t work, but that won’t stop them from introducing it anyway

As part of the ongoing attempt to sell off every part of the British state that isn’t nailed down (while issuing a tender to recruit a specialist nail removal company), it looks like attention is turning to elections and voting because those are exactly the sort of things you want to entrust to the lowest bidder.

Even less surprisingly, it’s being driven by the ‘Hey! Why can’t we vote online?’ mantra, in which people who really should know better pretend that the well-documented security issues of moving voting online can be ignored. The companies who stand to make a tidy profit from this are very good at pretending these issues don’t exist, or that they can easily solve them, providing someone throws enough money at them to do so. In the same way that companies pretended making an IT system for the NHS was essentially a trivial problem that could be solved by throwing enough money at it, it’s in the e-voting companies’ interest to pretend that their business model doesn’t have fundamental flaws that don’t have quick fixes.

The problem, though, is that none of these genuine concerns will be listened to. Pushed on by the dual carrot of being able to be seen to be embracing technology while looking like they’re saving money, I fully expect the next government to rush ahead with some form of electronic/internet voting and those of us who try to raise concerns will be dismissed as Luddites for imagining that pencils and paper are somehow better than the internet. But hey, who cares about security and the integrity of the ballot when you can bring in something shiny, new and seemingly cheaper until all those unexpected glitches bring the bill in at double what it used to be?

Worth Reading 136: Amateur broadcasting starts here

Have England’s universities been privatised by stealth? – How fees have radically changed higher education.
Some Thoughts On Online Voting – Why introducing it would bring in a whole load of new security concerns.
Iran: The Ayatollah succession question – A report from Open Briefing that explains a very different political culture very well.
Modern money and the escape from austerity – Does modern money theory offer us a completely different way of running the economy?
Square this circle: Common sense, UKIP and the decline of deference – “Things like this make me not envy politicians. How do you make policy when you have to appeal people who think 15% of girl’s under 16 are pregnant, but which has to be implemented by people who know it’s nonsense?”