As is often the case, some observers are quick to point a finger at technology. Were electronic voting or vote counting machines compromised? The results of recounts in Michigan, Pennsylvania, and Wisconsin, and the subsequent comparison of manual and automated count results, will shed some light on the issue. Those truly interested in ensuring fair elections need to focus on the bigger picture.
In a perfect world, elections would be simple. Each person eligible to vote would cast one ballot, they would be tallied without error, and the results reported. But, as anyone who has been involved in an election knows, our world is far from perfect.
From a security perspective, whether voting at a corporate annual general meeting or electing a Member of Parliament, the first fundamental issue is identifying individuals eligible to vote. In the absence of a universal national identity document, Canadian jurisdictions accept an assortment of identification, the vast majority of which do not prove citizenship. In federal elections, the voters list is updated from income tax return information, and identifies most eligible voters. Exception processes are in place to avoid denying citizens the right to vote.
These processes can be described, at best, as somewhat accurate. The primary security control is that, if a large number of people not on the voters lists appear, both election poll staff and scrutineers are likely to take notice. While it is possible that the occasional eligible voter could be denied the opportunity to vote, it is more likely that an ineligible person may be allowed to vote. Adjusting the identification rules is, itself, highly political; certain candidates may benefit from stricter or looser identification rules. Federal legislation was tabled last week which proposes seven changes to the Canadian electoral system. The bill intends to increase voter participation while enhancing the integrity of federal elections.
The act of voting is also problematic from a security perspective. The goal is to capture the true intent of the voter, but any system can result in errors. Electronic voting machines could suffer from integrity issues, or the voter might just press the wrong button. Counting machines, such as those used in City of Ottawa municipal elections, read the voter’s bubble sheet in front of them, and immediately indicate if an error is detected. In the absence of a display, there is no way for the voter to know, with confidence, that their vote was read correctly.
In federal elections, Canadians are currently asked to place a mark in the circle beside the name of the person for whom they wish to vote. While a small number of individuals intentionally spoil their ballot by writing messages on it, it is astounding how many people have difficulty following the simple instructions, perhaps due to language or cultural barriers. When the ballots are manually counted, poll workers, monitored by candidate representatives (also known as scrutineers), are tasked with determining each voter’s intent. This, combined with manual tabulation, does result in errors.
Since human errors, made in good faith, appear to be acceptable, it stands to reason that some level of error must also be acceptable in electronic voting. It is possible that humans charged with manually tallying votes could attempt to influence the results. Other poll workers and scrutineers serve as a control to limit the likelihood and magnitude of such manipulation. Electronic voting architectures should carefully consider this model. Any design should ensure it is technically feasible for two completely independent computer systems to operate in parallel and arrive at the same result, or at least within an acceptable margin of error.
Canadians already rely on the Internet for a variety of personal, business, and government services. It only makes sense that, at some point in the future, Canadians will have the option of casting their ballot online. Getting there will require innovation, including sophisticated controls against voter fraud and overcoming endpoint vulnerabilities. It will also require political will and the confidence of citizens.
Have a security question you’d like answered in a future column? Email firstname.lastname@example.org
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…