Daily Bulletin


The Conversation

  • Written by Vanessa Teague, Senior Lecturer in the Department of Computing and Information Systems, University of Melbourne

In 2015, more than 280,000 votes were received in the New South Wales election from a personal computer or mobile phone. This was the largest-ever binding election to use online voting.

But federally, the Joint Standing Committee on Electoral Matters has ruled out allowing Australians to cast their vote online, arguing it risks “catastrophically compromising our electoral integrity”.

Despite years of research, nobody knows how to provide evidence of an accurate result while keeping individual online votes private.

Internet voting is similar to online banking, except you’re not sent a receipt saying “this is how you voted” because then you could be coerced or bribed. Your vote should be private, even from the electoral commission.

There are three reasons why Australia shouldn’t move to an online voting system:

  • the system might not be secure;

  • the code might not be correct; and, most importantly,

  • if something goes wrong, we might never know.

The system might not be secure

Computer security researcher Alex Halderman and I (Vanessa) found a serious security vulnerability in the NSW iVote system during March 2015 election. This was caused by some code imported into the secure voting session from an insecure third-party server. It meant an internet-based attacker could have exposed e-votes, changed them, and circumvented iVote’s verification process.

Read more: Thousands of NSW election online votes open to tampering

The vulnerability was repaired, but by that stage, 66,000 votes were cast. Just 3,000 votes determined the result of a disputed seat in the Legislative Council. There is no evidence that the security hole was exploited, but also no evidence that it was not.

Some iVote returns differed notably from those cast by more secure channels. The ALP received about 30% of the votes on paper in the Legislative Council, for instance, but only 25% via iVote. The NSW Electoral Commission (NSWEC) blamed these differences on a user interface design problem, but it might also have been a software error or a security breach.

The code might not be correct

The main use of computers in Australian elections is for counting complicated elections like the Senate and the upper houses of state parliaments. We’ve had the opportunity to inspect some of the code and some of the data. We’ve also found some bugs – which is a good thing, because then they can be fixed.

The vote-counting code used in the ACT is available for scrutiny. The Logic and Computation Group at the ANU analysed the code in 2001, 2005 and 2012 and found three bugs. Luckily they could be corrected before they affected an election.

This wasn’t the case in the 2012 local government elections in Griffith, NSW. Last week, with Andrew Conway and others, we identified a software error leading to a mistake in the 2012 results computed by the NSW Electoral Commission. The software error incorrectly distributed preferences, which meant candidate Rina Mercuri lost a spot on the Griffith council. Without the error, she would have won with a probability of about 91%.

The Australian Electoral Commission very recently purchased a new “Senate counting solution” from the same vendor that made iVote. But the code is unavailable to Australian public scrutiny, despite a Freedom of Information request and a Senate motion ordering the commission to publish it. The code should be made public, and the paper ballots should be available for auditing.

We’d expect a similar rate of error for internet voting code as counting code, but iVote’s code is not available for review. More importantly, there’s no simple way for an outsider to double-check the process.

If something goes wrong, we might never know

With no official account of the iVote run, and no public independent report, we cannot tell whether votes were changed or lost in the 2015 NSW election.

iVote had a limited verification mechanism: voters could ring a special service, enter their receipt number and have their vote read back to them.

An attacker who changed the vote could change the receipt number too, so the voter couldn’t retrieve any vote from the verification service. But the same would happen if voters simply forgot their receipt numbers, or if votes were accidentally lost due to a software bug.

The NSWEC’s online response to our analysis claims:

Some 1.7% of electors who voted using iVote® also used the verification service and none identified any anomalies with their vote.

But there must have been people who telephoned the verification service, but couldn’t retrieve any vote at all. The real question is: of those who tried to verify, what fraction failed?

How electronic voting can work: in a polling place

Secure electronic voting is possible – in a polling place. One simple method to check the accuracy of the process is to print a plain paper ballot that a voter can read and check.

Another method is an “end-to-end verifiable” election system. We worked with the Victorian Electoral Commission to develop the the first such system to run at a state level anywhere in the world.

Under this system, voters cast their votes at polling places using a computer. The system provided evidence to each voter that their vote was recorded as they intended and properly included in the count. It also provided evidence to scrutineers that all the votes were properly processed, without revealing individual votes.

The processes allowed votes to be returned electronically from London with evidence that they were correct, rather than shipping the ballot papers.

Why was it restricted to a polling place? Partly because large-scale voter coercion and identity fraud are harder. Most importantly, because voters can get help to follow the complicated verification process.

Lessons learnt

Election commissions must produce verifiable evidence that the winning candidates were chosen fairly, based on reliable and secure vote-casting and correct vote-counting.

The lesson from the bugs in the ACT and NSWEC vote-counting code is clear: make the computer code available for public inspection so that we can scrutinise it for errors before the election.

Receiving votes from the internet is the easy part. Proving that you got the right result, while keeping votes private, is an unsolved problem.

This article was co-published with Election Watch.

Authors: Vanessa Teague, Senior Lecturer in the Department of Computing and Information Systems, University of Melbourne

Read more http://theconversation.com/election-explainer-why-cant-australians-vote-online-57738

Writers Wanted

Planning a road trip in a pandemic? 11 tips for before you leave, on the road and when you arrive

arrow_forward

Biden's cabinet picks are globally respected, but one obstacle remains for the US to 'lead the world' again

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Business News

Nisbets’ Collab with The Lobby is Showing the Sexy Side of Hospitality Supply

Hospitality supply services might not immediately make you think ‘sexy’. But when a barkeep in a moodily lit bar holds up the perfectly formed juniper gin balloon or catches the light in the edg...

The Atticism - avatar The Atticism

Buy Instagram Followers And Likes Now

Do you like to buy followers on Instagram? Just give a simple Google search on the internet, and there will be an abounding of seeking outcomes full of businesses offering such services. But, th...

News Co - avatar News Co

Cybersecurity data means nothing to business leaders without context

Top business leaders are starting to realise the widespread impact a cyberattack can have on a business. Unfortunately, according to a study by Forrester Consulting commissioned by Tenable, some...

Scott McKinnel, ANZ Country Manager, Tenable - avatar Scott McKinnel, ANZ Country Manager, Tenable



News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion