Why e-voting is a bad idea for Australia (and maybe the world)
VOTING in Australia has long followed the same formula – use pencils to mark on a piece of paper behind a cardboard booth, then folding said paper and slotting it into a box.
For years, having humans manually count paper ballots have created an electoral system that is deemed highly secure and tamper-resistant. Compulsory voting in the country has helped secure against suppression tactics that have affected elections in the US and the UK.
In the digital age, it is tempting to move voting online; the Australian Electoral Commission (AEC) tried dabbling in e-voting in 2013. However, experts warned that e-voting brings more harm than good.
The trouble of electronic voting has been in the spotlight for the past few years at DefCon, the world’s largest hacker conference taking place annually in the US, where hackers have been showcasing vulnerabilities to the US election equipment, databases, and infrastructure.
In fact, this year an 11-year-old managed to hack into replica websites to manipulate vote tallies in just 10 minutes.
Electronic voting systems in Australia
Australia trialed electronically assisted voting way back in 2007 in an attempt to make voting more accessible to the visually impaired.
In 2017, close to 300,000 voters in the New South Wales elections used the iVote system, which allows voters with a disability to vote using the internet or telephone as an alternative to voting at a polling station.
Beyond that, the country also trialed voting across a secure network for Australian Defence Force personnel serving overseas.
During the 2013 federal elections, the AEC piloted the use of electronically certified lists (ECLs). ECLs allow voters to be marked quickly off voting rolls, reducing queues. Electronic scanning and ballot counting were also introduced in 2016 but soon became the subject of an inquiry.
If there’s anything to take away from DefCon, it is that as long as there are digital systems, hackers will attempt to compromise it. Online voting will never be truly secure, as the risk of a successful attack will always remain.
Voters, beware of manipulation
It’s not just the risk of getting hacked. For the government, to ensure elections are secure, it must rely on private contractors. That comes with its own risks as well.
Earlier this year, the Australian National Audit Office found that transport suppliers and contractors delivering a new ballot scanning did not meet security requirements.
Separately in June, the Joint Standing Committee on Electoral Matters found that the AEC needed to update its IT infrastructure to support its core election and voter roll management systems.
Having said that, the largest threat isn’t in the lack of absolute security in voting systems — it’s misinformation.
In a piece written by Tom Sears, Ph.D. Candidate, UNSW Canberra Cyber, Australian Defence Force Academy, University of New South Wales, it was found that even if the voting systems are sound, information manipulation on other technological systems remains a very real threat that will affect election outcomes.
Attackers can actively try to undermine the public’s belief in the players, the process, or the outcome itself. For example, stealing and leaking information from a major party.
Another tactic is, instead of attacking voting machines, hackers change the data held by the AEC. This will force the agency to publicly admit fault, which will undermine the people’s confidence in the system.
With all the news surrounding misuse of social media, it’s hard to ignore that online platforms remain a very tangible risk.
Rival parties may steal membership database and the electoral roll of a party with weak security, locate the social media accounts of said members, and use social media manipulations to influence an active, vocal group of voters.
Safeguarding future elections
To mitigate risks, the Australian government recently created an Electoral Task Force comprising of several government agencies to safeguard against foreign interference in future elections.
As the threat of influence via social media becomes more prominent, Sears suggested that the task force must have enough powers to request takedown of content deemed to be interfering with the electoral processes.
“Too much coordination between the government and social networks could be incompatible with a free and open public sphere. But faced by a challenge with few clear solutions, every available option should be considered,” Sears wrote.
However, e-voting solutions aren’t headed to the grave. Development for better voting solutions remains a need in the digital age.
One of the possible solutions is to use blockchain to create a verified, secure voting system. Australian company Horizon State is deploying the system in Sumatra, hoping to scale up for future Indonesian elections.
It’s currently unclear if blockchain is the answer, but in the meanwhile, the adage of “don’t fix what ain’t broken” is perhaps the best way forward.
- What’s holding back Australia’s race to tech leadership?
- The APAC just beat the west at digital transformation — EIU study
- Building confidence in compliance with GDPR and other regulations
- Talent gap widens as India battles for data skills
- Understanding the state of Australia’s cybersecurity efforts