Electronic vote poses big security risk

NET RESULT: Last May, during the general election, the State experimented with electronic voting

NET RESULT: Last May, during the general election, the State experimented with electronic voting. Not widely - only a couple of constituencies used the new system.

But the Government showed clear intent to introduce electronic voting throughout the State, with an eventual move to internet-based voting.

We've got a big vote tomorrow, some of it to be conducted electronically. I used to think this was a great idea. Now I am a complete sceptic. I don't think we should be using these systems at all and here's why.

It's not for the reason most people have put forward, that it is cruel to just announce without warning that a politician has lost his or her seat. This perspective was offered many times after the painful scene of Ms Nora Owens finding out, in the glare of TV spotlights, that she had lost her seat in the last election. Simply by offering regular tallies of the electronic vote - say, hourly - would resolve this problem, if people want to retain a running-tally style of reportage on elections.

READ SOME MORE

Alternatively, politicians are hardly delicate flowers. They make it to the Dáil after the rough and tumble of political debate and gruelling campaigns. To suggest that they cannot adjust to a new reality of knowing immediately if they have won or lost is utterly ridiculous. Political skin is among the thickest in the animal kingdom.

No, the reason to object to electronic voting is that, technologically, it still falls shockingly short in terms of security. Any near-term move to internet-based voting would be even more short-sighted.

A report completed in 2001 (after the Florida voting fiasco in the US presidential election) by the California and Massachusetts Institutes of Technology (the report is available at www.vote.caltech.edu/Reports/ index.html) noted that electronic voting machines produce the second-highest rate of unmarked, uncounted and spoiled ballots in US elections over the past 12 years. (Lever machines have the worst rate.)

Industry group the US Public Policy Committee of the Association for Computing Machinery also warned of the inadequacies of electronic voting systems in an open letter to the US Congressional Science Committee: "While we recognize growing public demands seeking a technological solution to voting problems, we urge Congress to review the complex technical issues in formulating voting technology and standards legislation. The potential risks of fully electronic and especially internet-based voting are enormous and comprehensive technical assessments must be conducted by vendor-neutral experts. The well-intentioned but premature establishment of a vulnerable system for voting could result in unintended consequences undermining the confidence, integrity and accuracy of the nation's electoral process."

What are the technological problems? These can be summarised as concerns about the ability to guarantee voter anonymity, auditability, accountability and recountability.

But those can be boiled down to one key problem: computer systems fail. They do not have adequate means of doing the electronic equivalent of recounting a paper ballot without either compromising the anonymity of the individual voter, nor guaranteeing that those who administer the voting system cannot tamper with the vote.

Put it this way: how many developing nations would trust their governments or unknown individuals in generally unknown companies to conduct an election electronically? And why should we, here in the Republic? Both the machines and the voting procedure must be overseen at present by what one expert calls "a technological elite" who understand how they work and how to read their results.

That's why many security experts believe all electronic voting systems must, at the very least, be built on "open-source" computer code - code not held as a proprietary secret by a company, but code in the public domain - that a wide community of computer experts can examine at any time to make sure that malicious code has not been inserted.

Electronic voting machines now are susceptible to tampering, either by those who might want to throw an election a certain way (for political reasons or simply because they were paid off), or by those who might want to sabotage an election.

New York City spent $60 million (€61 million) in 1992 to commission an electronic voting system that it abandoned eight years later because it was deemed to be inadequate and insecure.

In the face of such evidence, the State's insistence on ploughing ahead with electronic voting seems either incredibly naïve or short-sighted. And as for internet voting? Here's what renowned security expert Mr Bruce Schneier has to say about it: "A secure internet voting system is theoretically possible, but it would be the first secure networked application EVER CREATED in the history of computers." (His emphasis, not mine). Can we have paper ballots back, please?

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology