eDemocracyBlog has recently put forward some arguments in favour of e-voting in response to the Hansard Society’s debate on the subject.
The blog’s author (whom I can’t identify) takes issue with a number of my views which I aim to defend here.
I tend to argue from first principles which requirements any electoral system should meet. These are that elections should be secure, verifiable and anonymous. eDemocracyBlog argues that because not all existing electoral systems, such as postal voting, meets these then my views on e-voting are flawed. I don’t agree at all.
I did actually mention at the Hansard event my concerns about postal voting. But when asked to debate e-voting I focussed on the challenges there, that isn’t to say that existing electoral arrangements are perfect — they aren’t. But just because that is the case in no way makes the case for e-voting. It just further re-inforces our need to focus on fixing the current setup.
The eDemocracyBlog writes:
Related to the security point was Kitcat’s comment that delivering PINs to anyone wanting to vote electronically would create a further threat to security. Yet banks generally seem able to handle the process.
Kitcat also said eVoting could enable “ballot stuffing on a massive scale” which the need to photocopy and complete postal ballots makes more difficult. But for a would-be fraudster it should be far harder to get hold of a large number of PINs than it is to get hold of a blank ballot paper and photocopy it.
Banking is a completely different process to voting: It isn’t anonymous, it’s easy to verify because you receive monthly statements and losses are just a cost of doing business – not the outcome of a binding political election where the stakes are much higher.
eDemocracyBlog is apparently unaware that paper ballots have security marks such as stamps, or watermarks which means you cannot photocopy them. This is why fraudsters try to collect postal ballots, because they can’t produce fresh ballots themselves.
Any smart hacker isn’t going to try to break the system by intercepting PINs (for example) in the postal system. They will crack the computer systems centrally and manipulate the authorisation credentials there or just directly manipulate the results. It’s much easier to change the result on one central computer then thousands of postal ballots, for example. We’ve seen electronic voting results cast in serious doubt in the US, Canada, Japan and many more countries.
As for the possibility of somehow hacking into the system and creating false voting records, it may be possible that details of voters can be held separately from the details of votes, and then matched again during the counting process with each voter told how their vote was registered so that they can report if it was changed without their permission.
If such a process was enabled the vote would no longer be secret, breaching the Human Rights Act (plus our European and UN human rights committments). This would leave people open to abuse, intimidation and family voting. This is not theoretical – it happens with postal voting.
I think Andy Williamson made a telling point that wasn’t rebutted when he noted that banks manage to verify cash machine transactions without ever knowing the cardholder’s PIN.
As I understand it they don’t verify the transactions. They just verify the cardholder details via the PIN. So it’s not the same and it’s very much not anonymous (wave to the camera in the ATM!)
It is also worth pointing out that the current paper-based balloting system is not anonymous either, so again this would seem to be a case of making demands of eVoting which are not equally applied to the existing system.
Only in the UK is our paper voting system not anonymous. In all other modern democracies it is. And citizens of those countries are appalled when they hear of our antiquated system which is a holdover of the Australian system from the 1860s. The Australians switched to anonymous votes before we even adopted the secret (but numbered) paper ballot here in the UK.
Another question is whether any system can be both anonymous and verifiable anyway? If it is genuinely anonymous then who is to tell whether any ballot was cast by a legitimate voter rather than, say, dumped into the ballot box by a corrupt council employee before it is sealed?
Ah, it seems eDemocracyBlog is beginning to come to terms with the difficulty of the problem. It is very difficult to build a digital system which is anonymous and verifiable – in fact I believe it’s not possible with current technology. With paper it is possible, if the paper has security marks so you can trust its source and prevent ballot stuffing.
eDemocracyBlog then goes on to attack the Electoral Commission for failing to set up a certification process for e-voting systems. But it would be up to the Government to empower the Commission to do such a thing, and to provide funds for it to be conducted. It’s my view that certification, while necessary if technology is to be used, doesn’t resolve many of the serious problems with e-voting.
Later on the Commission are again criticised by eDemocracyBlog for failing to develop a strategy for voting modernisation. But this is not a task for the Commission – it is for government to set out their view, try to pass legislation and consult the Commission on the approach.
People do not need to know how something works, or even be entirely confident in its security and privacy policies, in order to use it in their millions. I could perhaps mention Facebook at this point.
This was the same argument made by VoteHere’s Jim Adler against me in the Oxford Union debate on e-voting. Jim argued that people don’t need to understand how a plane works to fly in it. But this misses the fundamental point. With a plane, or Facebook, the results are self-evident. You fly to your destination or your post on someone’s profile appears. With a vote, because it is secret, how do you know it was accurately counted as you intended?
With paper and a public count you are fairly certain, thanks to the known properties of pen and paper, that the outcome will be valid. With an e-vote you can’t have the same confidence.
eDemocracyBlog continues defending e-voting by suggesting the costs will be lower when used on a greater scale than for just the pilots. No doubt, there were one-off costs for the pilots. However I know that several of the providers swallowed significant losses for the pilots just so that they could stay in the market, hoping to win a juicy national contract.
Furthermore the contracts were agreed centrally by the government, not by councils as eDemocracyBlog suggests. So, especially when suppliers provided for several areas, there could have been economies. £58m for weekend voting across our country would be a fraction of the costs e-voting would involve.
There is no need for e-voting to happen. Certainly in the current times of tight budgets, e-voting is extremely unlikely to happen. However I’m sure that it won’t be too long before the spectre arises once more, just because people seem to like the idea of applying technology to everything they can. Thankfully more and more people are becoming aware of the great risks e-voting presents for very limited benefits.