IT Management: Politics
& Law
E-voting increases risk
of electoral errors and fraud, US expert warns
Thursday 24 October 2002
US problems with e-voting
and suppliers' refusal to allow testing will not fill UK e-voters with
confidence. Bill Goodwin reports.
The Government is pressing
ahead with plans to replace the traditional paper ballot method of voting
with electronic and Internet based alternatives with alarming speed. If
ministers have their way electronic voting could become the norm in local
elections within three years, and in national elections within a decade.
Senior cabinet members see e-voting as a solution to voter apathy. Where politicians have failed to inspire reluctant voters, many hope that text messages and Internet voting will prove irresistible.
The political interest in e-voting has been heavily influenced by the promises of IT and equipment suppliers that it will deliver more accurate and quicker election results at comparable or lower cost.
This persuaded the Government to invest £3.5m in trailing electronic voting systems in the local elections in May this year. This month it issued an invitation to tender for further e-voting trials to begin in 2003. Public consultation is also under way.
With the exception of the Electoral Reform Commission, which has raised questions about the maturity of e-voting technology, there has been barely a note of public dissent. But this week a world expert on e-voting, Rebecca Mercuri of Bryn Mawr College, Pennsylvania, urged Cabinet Office officials to think again.
"It is a known fact that the computer industry does not have the capability, at present, to assure a safe reliable election using only electronic devices," she said. "Investigation of supplier claims and failures of performance in actual elections have demonstrated major flaws."
Mercuri's contention is that e-voting systems present serious security risks and are much more vulnerable to fraud, manipulation and error than the paper-based equivalent.
The laws of computing, she says, cannot allow anyone to be certain that the complex software needed to support e-voting is either fully secure or error free.
As Bruce Schneier, a leading IT security expert, said, "A secure Internet voting system is theoretically possible, but it would be the first secure networked application created so far in the history of computers."
It is inevitable that e-voting systems will be targeted by hackers and criminal organisations. It is easy to imagine disaffected groups launching denial of service attacks to disrupt voting, for example, while personal identification number (Pin) codes, once issued, can be lost or stolen.
Suppliers' refusal to open up their technology to independent testing and scrutiny has added to these concerns. Most manufacturers insist that election officials sign agreements not to divulge details about the workings of their technology before they supply it. As a result, none has been independently publicly scrutinised, and there are no minimum technical standards.
In fact, said Mercuri, "No electronic voting system has been certified to even the lowest level of the US government or international security standards. Any programmer can write code that displays one thing on screen, records something else, and prints yet another result. There is no known way to ensure that this is not happening inside a voting system."
But her biggest concern is that if fraud or error is suspected, current e-voting technologies provide no way for voters to verify that their votes have been properly recorded or counted. There is no way to independently audit the results of such a ballot in case of a dispute.
These risks are not just theoretical. In the last presidential election in Florida thousands of electronically recorded votes disappeared, and in the absence of paper backups, were never recovered. The effects, many believe, may well have been sufficient to affect the outcome of the election.
Practical experience in the US and the UK has provided little evidence to support suppliers claim for the advantages of e-voting. In the trial areas the turnout for the 2002 UK local elections was, on the whole, no higher than in previous years.
Experience in Florida, and at several local UK authorities, has shown that e-voting can be slower than manual counting. It can also be considerably more expensive.
Many observers believe the fundamental problem with e-voting is that the government appears to be using it to provide a technical fix to what is essentially a political and social problem.
If voters are disillusioned with politics and politicians, then giving them the option to vote on the Internet or by mobile phone is unlikely to make much difference.
E-voting