Column E-voting over the internet is by common consent a bad idea.
It has certainly had what looks like a very uneven history, with a handful of pilot projects usually leading to fairly stern analysis saying it’s not fit to scale. No independent paper trail, no recounts, an immediate susceptibility to wholesale fraud: sticking paper in boxes has all that and more in its favour. Democracy is too precious to risk on such a flaky idea.
That all sounds fine, until you look at the state of non-electronic democracy right now. Tomorrow, the most powerful democratic state in the world goes to vote, and it is a chaotic, corrupt, incomprehensible mess.
The US presidential election is based on ideas dating from before the invention of the telegraph or railways, when communication across the nation was difficult and time-consuming. Fifty-two different states with fifty-two different voting systems feed into an electoral college designed in the days of slavery.
People line up during first day of early voting in the 2020 presidential election in Arlington, Virginia. Residents there have voiced concern over voter suppression despite recent legal tweaks making it easier to vote in the state
Last time, as it usually does, the Republican party lost the popular vote and won the presidency; it has spent much of the time since trying very hard to suppress the votes of people it doesn’t like.
That’s before a pandemic which thrives on people travelling and mixing in public venues with others, and a President who has said he won’t accept the result unless he wins. A secure, verifiable system would negate that nonsense.
There is a tiny dribble of e-voting in America, but in the 2016 elections only 100,000 such votes were cast. If the US had a single electronic voting system across the country, with access for those without the right personal technology, and it was reliable, trustworthy, and efficient, then democracy would be much better served. No wonder there’s such strong pressure against it.
So, can online voting ever be reliable, trustworthy, and efficient? Can you prove a vote has been cast by a properly registered voter, that this is the only vote they cast, that malware hasn’t interfered on client or server, that fraud isn’t being committed by bribed system managers, that the communications infrastructure hasn’t been compromised by powerful enemies?
Hell yes. For a start, a single electronic voting system can be multiple independent voting systems: the concept of three independently designed systems checking on each other has been standard in aviation for decades. You think blockchain voting is vulnerable? Fine, add end-to-end encrypted and verified old fashioned client/server. You think backdoors are a bad idea? So does everyone – open source the lot.
How about denial of service? What if on election day, all the servers go down in a hail of packets, and everything is choked off? That would be bad. But such attacks are finite, they get nullified over time as their source and nature are identified and blocks set in place. In any case, there doesn’t have to be one election day. There can be an election week, or a month, or an election that terminates when a certain number of votes have been cast, or local voting to large numbers of independent servers who amalgamate their votes later, or whatever. You don’t have to model electronic voting on systems that were designed before the telephone was invented. A new government has to be decided on by the end of the last one’s term, and everything else is up for grabs.
But the best answer to anyone saying “it can’t work” is to show it working. There is a long-standing and effective electronic national voting system already in use in Estonia.
It has been going in one form or another since 2001, and in the pre-pandemic 2019 parliamentary elections nearly 44 per cent of votes were cast using it. It’s had its controversies and security concerns, and remains very actively discussed, but in many regards it looks much as one might hope. The election server code is open and on GitHub, the voting protocols are open and anyone can write a client. There are constant calls for improvement, including through multiple independent parallel systems, and there is independent auditing. It’s not perfect, but it works.
That’s the thing about electronic voting: we have lots of technologies that can be applied to it and lots of ways of verifying the system, and all have some imperfections. But give the system strong principled design rules, a framework of legal protection, the sort of continuous adversarial testing that the wiser corporates employ, and you have a system that improves itself. We know how to use a DevOps-style approach to testing, deployment, instrumentation, and automated compliance checking. It works.
I started out thinking electronic voting was a very bad idea, and it certainly can be. But I’ve watched the internet grow over the decades and the nature of software, security, distributed systems, and process-based engineering grow with it. With political will, a commitment to doing things right and to keeping the voting public in the loop and engaged with the debates, we can and should follow Estonia’s lead.
And with electronic voting in place, there are lots of good questions about how it could be used to increase participation in democracy. Not the madness of constant referendums, but certainly the possibility of building in new checks and balances to the power of the state – if there had been a national stop button available in the UK, it would have been pressed several times in the past year alone. And tell me that we couldn’t do better with an app than the House of Lords.
Finally, what if instead of one country trying to disrupt another’s elections, it provided them? What if a safe, secure, and verifiable election could be gifted to people in authoritarian states, out of reach of their governments? That’s a whole new level of hard – but I’d vote for it.
Believing in democracy means reinventing it faster than the bastards can break it, and in our new distributed technologies we have the tools to do just that. ®