As voter turnout has steadily declined in recent years, Elections Canada has focused on increasing participation by studying Internet-based voting alternatives. The appeal of online voting is obvious. Canadians bank online, take education courses online, watch movies online, share their life experiences through social networks online, and access government information and services online. Given the integral role the Internet plays in our daily lives, why not vote online as well?
The NDP experience provides a compelling answer.
There are ways to build anonymity and oversight into an online election process, but as the NDP experienced, there is no way to guarantee it will be disruption-free. In the NDP’s case, 10,000 computers were used in a distributed denial-of-service attack designed to overwhelm the online voting system and effectively render it unusable for authorized voters.
The only real surprise about the attack is that it took anyone by surprise. Not only is a denial-of-service attack typically cited as the most likely security disruption, the NDP experienced much the same thing at its last leadership convention in 2003. Reports from that convention – which only involved a single ballot to elect Jack Layton as the new party leader – indicate that there was a denial-of-service attack that similarly delayed the voting process.
Online voting threats are not limited to denial-of-service attacks. Security experts point to the danger of counterfeit websites, phishing attacks, hacks into the election system, or the insertion of computer viruses that tamper with election results as real world threats to an Internet-based voting system.
While several Canadian municipalities have successfully used Internet voting, those elections were unlikely to be viewed as “targets” for attack since groups seeking to disrupt an online election will likely prefer to take aim at high profile events that offer maximum exposure.
Douglas Jones and Barbara Simons, the authors of the forthcoming book Broken Ballots: Will Your Vote Count, note that “people running pilots are likely to declare success, in spite of any problems that might crop up. However, it is dangerous to draw conclusions from what appears to be a successful Internet voting pilot. If the election is insignificant, there is little to no motivation to sabotage the election.”
National or provincial campaigns clearly qualify as sufficiently significant to represent an inviting target. There are no “do overs” with elections nor the possibility of keeping online polling open for hours or days to ensure that all citizens can exercise their right to vote. Elections Canada may be anxious to increase voter turnout, but the recent NDP experience suggests that jumping on the online voting bandwagon could place the validity of the election process at risk.
Voting is certainly never accurate
The anti-online-voting activists have far too much faith in the current system. The number of humans involved alone, along with the existence of recounts, should give us pause. Single votes don’t matter because they *literally might not get counted*. This is even if all the humans involved are benevolent and we don’t take into account any of the other things that can/do go wrong. Human error alone is a big deal.
Elections rely on the fact that usually the winner wins by more than the standard error in votes. The question should not be what would the error be if we switched to online voting, but rather: would the increased participation keep the margin high enough that it wouldn’t matter (or, more likely, be better!)
I agree with the above, the biggest problem with our current electoral system is legitimacy due to low voter participation. I would expect online voting would push up the participation rate, and even more so for the younger demographic that is underrepresented.
Of course the flip side is while there are errors is physical ballot systems, the possibility of hacker induced inaccuracies could be of a greater magnitude. I’m sure there are ways to make the system as secure as possible but as the media industries know ‘nothing is unhackable’ given enough incentive.
Those are the pros and cons as I see it, like any new system it will be a trial & error exercise … but I think eventually we will get there.
Misunderstanding of technology key problem
Not surprising, there is a C-11 link to this story. If the owner isn’t in control of their computer, or legally able to remove any foreign technological measures to verify security, then who really is casting a vote?
I obviously disagree with the other two commenters. Changing from a secret paper ballot to online voting is a fundamentally different voting system — not a simple extension. In a country that is concerned with people hiding their faces at polling stations, we would be moving to a system that allows someone else to be present at the voting computer (physically in case of spouse or person who purchased the vote, or digitally in the case of malware author) and to manipulate the vote in undetectable ways.
This is not to say that the current paper voting system is perfect, as it is not. But people understand the paper far better, and even with those flaws it is orders of magnitude harder to manipulate than an entirely misunderstood online and/or ballot-less voting system.
Voting results show misunderstanding advance preferential ballot the bigger problem
NDP and Scytl were quick to blame outside evildoers, doing the technology a great disservice, but consider this: 5300 advance voters, or over 20% of the advance ballots that supported someone other than Topp or Mulcair didn’t rank the candidates and therefore didn’t get to vote in later ballots. These are people who misunderstood the preferential ballot. Possibly a similar number didn’t understand how to register to vote online or left it until too late. Being unable to take the volume from 10,000 addresses and a few hundred thousand ineligible voting attempts over the course of a day is puzzling for a party with 130,000 eligible members most of whom had not voted in advance. Did a large proportion of the voting attempts come from members honestly trying to vote in the subsequent rounds, not having understood that it was too late?
@Russel “we would be moving to a system that allows someone else to be present at the voting computer”
You point is well taken, as I said we will probably get there one day but there but this is not ready for prime time as of yet. In regards to your point above, I would think there would have to be some form of bio-metrics such as facial recognition, that would be easy enough to do. Still, lots of things to consider as you say.
Online voting would be orders of magnitude worse than any problems with the paper system
People always say “if we can bank safely online, why can’t we vote online”, but the two are fundamentally very different. With banking, you want to ensure that you know who did what transaction. With voting, you want to know that the person voting is eligible to vote, and hasn’t voted before, but you don’t want to know how they voted. With banking, you can look at your bank balance and transaction history to verify that everything is as it should be. How would you know that your vote was counted correctly ?
You could remove the anonymity for online votes, which would mean that you could set up a system where people could check how their vote was counted, but then what do you do if and when people complain that “I voted for X but the system says that I voted for Y” ? And how do you know for sure that the system isn’t saying that the vote was for B but is counting it for Z ?
Then you add in the fact that votes would be entered at people’s home computer. Those computers are routinely compromised by malware, and you have no way of knowing what’s actually running on them. Not even if you build all the software from source (you still have to trust the compiler, and compilers have been compromised).
Stephen Paul Weber talks about the standard error in votes. The simple fact is that you can’t trust votes submitted online *at all*. The error is 100%, so any increased turnout would be worse than useless.
Find me an online voting proponent who is also a computer scientist and who isn’t trying to sell you an online voting system. They don’t seem to exist, which is very telling…
RE: Chris Brand
“Find me an online voting proponent who is also a computer scientist and who isn’t trying to sell you an online voting system. They don’t seem to exist, which is very telling…”
Right. Unfortunately, computer scientists simply aren’t taken seriously by journalists, politicians, or the public. Not yet, at least.
You’ll notice that, the people who are most strongly pushing e-voting, are often those who are otherwise oblivious to how the Internet works. (E.g. Globe and Mail, Toronto Star*, Liberal party officials like Alfred Apps…)
Maybe they think that supporting e-voting makes up for their technophobia.
*I’m aware that Geist has a column with the Toronto Star, but anyone who has read that paper knows that its editors are light-years away from his views. They feature his column for appearances only.
The Secret Ballot
Being able to vote without telling the world which way you’ve voted is a fundamental part of democratic elections. Maintaining the secret ballot through an online process is tenuous, at best ; there are simply so many ways to intercept/record that information, there is simply no certainty that your vote would actually be known to no one but yourself.
Additionally, we have groups like the CRIA insisting that people be denied internet service if they are suspected of behaviour the CRIA doesn’t care for. This, to me, is giving them the power to take away my right to vote, in a voting process employing the internet. I suspect if we were going to implement an online voting component to elections, I think we would also have to declare internet service a basic democratic/human right in Canada, as well.
Perhaps, in a proportionally represented government, a vote on the less-fundamental issues (Should we keep using the penny? Should we continue funding the PEARL Arctic Weather Station?) would be a good way to engage the voting public, ensure the government continues to *represent* the needs of the citizenry, perhaps make a decent test of the flaws & strengths of a method managed through the internet.
If they want to incraese voter turnout….
make it mandatory. With failure to comply resulting in a fine that escalates with each offense by that individual.
Yeah, you’d end up with a lot of people spoiling their ballots in protest, but you’d still end up with a higher turnout, and probably more useful votes, overall.
Municipal
“While several Canadian municipalities have successfully used Internet voting”
I don’t think we can know that. We can only know that any electronic fraud was not detected (also assuming appropriate methods were capable of finding it).
“those elections were unlikely to be viewed as targets”
I disagree there as well. Part of a successful attack is not being detected. While it’s more work to orchestrate many campaigns rather than just one, if nobody cares enough about municipal campaigns, then that’s the best place to start meddling, where careers are launched.
Selling your vote
If a person is permitted to vote in a location that is unsupervised, then there is no way to prevent that person from allowing another person to witness their vote. In that case, votes could be sold, and votes could be coerced, since the person buying/coercing could demand to watch the vote being cast. This applies to voting by mail, voting online, and a number of other possible scenarios. The only way that I can see to prevent this is to allow the voter to change the vote later on; but that would not be a perfect cure for the problem.
Paper works.
The Accessibility Argument
For anyone who is worried about his or her ballot not being secret, the introduction of online voting does not mean that paper will be removed as an option.
I reject the argument that online voting makes coercion and vote buying possible or that it will lead to a significant increase in these practices. It is currently possible to have someone accompany you into the voting booth. I’m blind and have had people accompany me into the voting booth and even mark my ballot. So far as I know, you do not have to be blind or otherwise disabled to have someone accompany you. And even if this is restricted to a disability accommodation, there is nothing stopping someone from either coercing or paying someone to vote in a particular way and requiring that person to snap a photo of the marked ballot. Yes, a person could mark the ballot, take a photo, and get a new ballot, but as someone pointed out, there are ways, such as allowing someone to change his or her vote, of avoiding coercion and vote buying with an online system. If this isn’t already an issue, there’s no reason to think that the introduction of online voting will make it one.
No doubt there are problems with online voting. But one reason I welcome it that hasn’t been mentioned is that it would be far more accessible. Not all polling locations are wheelchair accessible, there are no sign language interpreters at polling stations, materials are typically not available in Braille or in other alternative formats, people who cannot manipulate a pencil cannot mark their own ballot; in short, the current practice is filled with barriers that make it harder for disabled people to vote. Nearly all of these barriers would, or at least could, disappear entirely if we switched to allowing online voting.
15 to 20 percent of the population is disabled, and that’s going to increase as baby-boomers age. This is a significant proportion of the population that does not have easy access to voting by paper ballot. Assuming the problems with online voting are not insurmountable, then if what it takes is a concerted effort and a financial commitment to address these problems, I’m all for it.
Robocalls or hacking?
Pick one.
Opensource
I believe any online voting platform that gets used should be developed in an open-source environment. Too much power lies in the hands of any private enterprise contracted to develop such a system.
I’m 35 and never voted in my life so far, because there is no one worth voting for.. Why perpetuate mediocrity!
Ah…. the classic rant of people who try to justify to others why they never vote.
It never gets old.
@Marc Workman
Marc,
Thank you for your input — I sympathize with your predicament, and I can understand why e-voting is appealing. I agree that the current paper ballot system throws up all sorts of accessibility barriers. More work should be done to improve accessibility under the current system.
However, the barriers introduced by the current system cannot outweigh the fundamental problems with e-voting.
“Assuming the problems with online voting are not insurmountable, then if what it takes is a concerted effort and a financial commitment to address these problems, I’m all for it.”
It is for sheer mathematical and technological reasons that e-voting is not possible; it isn’t a question of effort or financial commitment. And, no, it doesn’t matter if the software is open-source or not, as another person suggested.
To understand this better, I recommend reading the article authored by the computer scientists, which Geist linked to. In particular, you should read up on cryptographer Bruce Schneier’s thoughts on the issue.
I think a better idea would be to devote effort and finances to improving accessibility under the current paper-ballot system. I hope that computer scientists and citizens who require accessibility can work together on this issue.
Thanks again for your input, and good luck.
@Marc Workman
Marc,
Thank you for your input — I sympathize with your predicament, and I can understand why e-voting is appealing. I agree that the current paper ballot system throws up all sorts of accessibility barriers. More work should be done to improve accessibility under the current system.
However, the barriers introduced by the current system cannot outweigh the fundamental problems with e-voting.
“Assuming the problems with online voting are not insurmountable, then if what it takes is a concerted effort and a financial commitment to address these problems, I’m all for it.”
It is for sheer mathematical and technological reasons that e-voting is not possible; it isn’t a question of effort or financial commitment. And, no, it doesn’t matter if the software is open-source or not, as another person suggested.
To understand this better, I recommend reading the article authored by the computer scientists, which Geist linked to. In particular, you should read up on cryptographer Bruce Schneier’s thoughts on the issue.
I think a better idea would be to devote effort and finances to improving accessibility under the current paper-ballot system. I hope that computer scientists and citizens who require accessibility can work together on this issue.
Thanks again for your input, and good luck.
Mr
Let’s put it this way – online voting will have to be put in place, unless we want only a certain demographic to vote and decide the future for all of us. Keeping voting offline is a great way to keep the working classes and the youth out of the voting system. So the logic ‘it’s hard therefore we should not do it’ just does not work here. Like law in technology you have to stay a step ahead of the bad guys. You cant sit back and give up just because it did not work once. If it’s denial of service, find out how it happened and prevent it. If you know anything about technology you know that to interfere with a system you have to send in information. Current models on which out networks are made may or may not have the ability to track how or where these interferences originated. But we can thru experience integrate these technological requirements in to our systems, whether by regulation or just the way the voting hardware is structured. And we can put in severe penalties in the criminal code for attempts to disrupt this system. So the moral of the story is, lets find a way to make it work and not harp on why it cannot be done.
There are ways
I agree that online voting isn’t ready for prime time – yet.
There is a dovetail of various technologies coming into play that will allow secure, reliable, and even anonymous, online voting. There are even techniques that can allow all of this, and still allow an individual voter to “verify” their vote is in the system as they wished, and still remain anonymous.
But we can’t “model” online voting processes on the existing offline voting processes. We need to start from scratch and create a set of criteria that embodies all the existing requirements and adds whatever we decide should be “additional features” of online voting.
In the case of the DDOS under discussion, the answer is remarkably simple. Multiple, edge hosted systems much like the Akami network with a private backbone to a central server farm.
Likewise, many other issues can be addressed one piece at a time. Phase things in slowly, perhaps by setting up automation at voting booths that function as a “shadow” to the existing offline system and generate a paper trail that is handled the same as today.
The biggest issue will be one of public trust. That the complete chain of software must be open source available is a requirement, not an option. Enlist the technology literate as both contributors to the process and as testers attempting to break it.
Speed up the development process by using it to get an official constituent “district pulse” on various issues (referendum style), for input to our representatives. This last point has potential to change “representative politics” tremendously, even if we never reach the point of true online voting for our representatives. And it becomes a solid test platform to develop the system, and public trust.
@Mark. There have been a lot of people suggesting making voting mandatory as a means to get people to actually vote.
For instance, in federal elections spoiled ballots are ignored.
Mandatory voting also requires EC to have good voters lists. They don’t. If they did then you wouldn’t have anywhere near the number of people registering (legitimately) at the polls. For instance, because my mail goes to a PO box (I live in a rural area), EC won’t put me on the permanent voters list by virtue of marking such on my income tax receipt. And they don’t do door-to-door enumeration any more. So, I could avoid voting and they wouldn’t be any the wiser. In the last election, I voted at about 5 pm. I was the 17th person who registered at the poll, and there was a total of around 330 votes cast at that poll.
To make mandatory voting viable, EC would need good (and accurate) voters lists, and would need to either account for spoiled ballots or have a none of the above option.
With respect to electronic voting, there is a few issues. What I’ve not seen addressed here is simply how do you confirm that the person has the information needed to vote, and that it went to the proper person? I read a number of cases in the NDP leadership convention where registered members never received their online or preferential voting packages. Now, if the NDP sent it be Canada Post, do we know that those who received the package was the intended recipient? I get mail for one or more of my neighbours at least once per year. What would have prevented me from using that package to vote even though I am not an NDP supporter? The obvious thing is to send the voting info in two packages to reduce the impact of misdirected packages, but it still takes time to detect this.
@Anon-K
As you correctly point out, there are issues to be addressed. As you also point out, each of these issue can be addressed. Perhaps a specific suggestion isn’t optimal, but that doesn’t mean a different suggestion can’t be better. In you particular example, what happens when you throw the mechanisms for online income tax verification into the mix with your idea?
The point is that these issues can be addressed, some individually and some systematically. Just because it’s difficult, doesn’t mean we should ignore the benefits.
It seems like too many people are looking for a “silver bullet”, one answer, solution. These kinds of problems rarely have such answers, the “problem” needs to be broken down into sub-parts. The solution will end up being a cocktail of interlocking answers, not a single silver bullet. We need some honest brainstorming, with involvement from many disciplines.
It is proven that the voter activity has steadily been decreasing in the recent years and I am not surprised by that fact, as more people fin it as a lack of time and that there are no candidates worth their votes. Canada is very advanced country with stable economy and it seems normal for them to look for options to make the voting adjusted for the wide online audience,probably with the idea that the number of the voters will increase. But I am also thinking that such method can be used for speculations and manipulations of even higher percentage of people. So I also consider that the “transparent electoral process” can be best achieved in the poll stations under strict control.
House Cleaning London
So, we can do million dollar trades online, but can’t vote? We can file our taxes online, but can’t vote? The technology already exists to secure the infrastructure and the data. It’s just the will to do it that we lack.
Will
@Angus Chan – There also exists the ability to big-dollar trades with someone else’s dollars, access the funds belonging to someone else, intercept the communication of someone filing their tax return. It is unfortunate that there are so many skilled people with the will to do *that*, that makes the viability of online voting questionable. I know if there was an election in Canada today, I wouldn’t trust the outcome of a landslide majority by any one party, if electronic voting was employed. Just the fact that the process has to be filtered through private, corporate infrastructure, is enough to make it an unacceptable process IMO.
@Danux
As I stated above, the biggest issue isn’t technical, it’s public trust.
Our current offline system developed over time, with additional checks put in place whenever there were doubts raised. We need to approach the “social” side of online voting in a similar fashion, step by step, gaining public trust in the processes along the way.
Use less critical issues to “test” the processes. I suggested a referendum style “constituency pulse” as one mechanism for this testing. Such a “pulse” doesn’t have to be binding on the elected representative, any more than “constituency feedback” is today. But it can serve as the testing ground.
Don’t assume that the skills needed to secure or attack such processes are only in the hands of the “black hats”. There are many more “white hats” with the same, and usually much better, skills than the black hats. We aren’t omniscient, but we are very good. Just give us a decent testing ground. This isn’t something that will be developed overnight, nor will it come from some secret lab somewhere.
Assumptions
@oldguy : Don’t assume that the skills needed to secure or attack such processes are only in the hands of the “black hats”.
Where did I make that one-sided, black-and-white assumption? I would prefer you refrain from speaking for me, you’re not omniscient 😉
But, taking your assertion to point, the fact that a cadre of white-hats would have to be employed in order to defend the process from the malicious types, indicates to me that we would be introducing a level of complexity to a system that isn’t, for the most part, broken to begin with. Really, it opens up a whole new possibility of ballot manipulation by foreign-political/foreign-private interests, who don’t even have to leave their labs in their home country. At least now, they have to be physically present in order to pollute it.
Online voting might cause more votes to be cast, but all it would really do (IMO) is make it easier for people who don’t care about politics, to cast a ballot. I don’t foresee people who, currently, don’t care about an election, suddenly taking a greater interest because they can vote from home. We may get more ballots cast, but there is no political will behind it. The easier process, I think, would entrench political apathy, reduce the exercise to the conscious equivalent of a “buy-it-now” action. Making it easier to act on something which has no relevance to them, does not make it necessarily better. It only technically increases turnout, it doesn’t address the root issue of political apathy.
Having said all that, for minor political issues (not elections, not referendums) I would be happy to give internet voting a day in court. If the government said “We wants citizen’s opinion on whether to retain or discontinue the penny. Here are the arguments in favour of keeping it, here are the arguments in favour of dropping it, and here is the website to cast your ballot.” These would be for things which, perhaps, the secret ballot may not be entirely necessary. It seems to me that, while anonymity on the internet is good for debating the merits of one intellectual point or another, when it comes to acts like finances, voting, legal matters, a record of the action & associated identity are too key to the legitimacy of the transaction, to do without.
@Danux
If I implied that I was speaking for you, I apologise. It was not my intent. I was attempting to address your stated concern about highly skilled “black hats”.
As you seem to imply, the issue is one of trust. I know the technology, it’s limitations and it’s benefits, and it’s development cycles. But there is no way I can easily impart that knowledge to the average person that simply “uses” a computer or network. Ultimately, that may be the deciding factor in keeping an offline system. Anyone can look at each step in an offline system and understand the steps. They still need to trust that people are doing those steps accurately, but they can understand it.
“doesn’t address the root issue of political apathy”
I’ve done personal research on this for quite few years. For the most part this apathy tends to float around the attitude of “what’s the point?”. Things like the Occupy Movement and other demonstrations seem to have a bigger political effect that anything they do at the ballot box. Today’s society focus is more about issues, not representation.
If I can roughly summarise; The concept of selecting a representative based on geographical location no longer meets our democratic needs, which leads to apathy at the ballot box. There are various ideas on how we can address this, but all of them are dependent on being able to implement non-geographical voting – trustworthy online voting. We can’t reasonably think about any alternatives until this point has been resolved.
So in one sense I agree with you, online voting alone won’t address political apathy. But it would put the fundamental tools in place so that we *can* attempt to address that apathy.
I’ve already mentioned that bringing in online voting for the narrow purpose of a non-binding referendum style “constituency pulse” would be a good testbed for development of both the technology and the trust. That alone could be enough to shift our political structures enough to enhance participation. Extend it a bit at a time to regional and national levels, broaden the scope to more issues.
A lot of us older folk just don’t have the stamina to camp out on side walks any more 🙂 But even we are more focused on issues and not representation. We do the best we can with the representation choices we have, but we grew up with these limitations and accept them. The younger generations didn’t and don’t, they simply “tune out” at election time.
Your point about anonymity not being strictly required for a testbed like I described above is noted, and I agree. But if the goal is to build secure and reliable tools that can serve a larger purpose, it is an integral part of the “feature set” required.
Politics don’t have the techno brains…
This is so ridiculous. Many Canadians file their Income Tax online. I don’t see Revenue Canada having any problem with fraud, or bogus applicants and hacks into their system. The NDP’s bad experience is because they hired the wrong IT people to work on their system. Real IT are competent enough to protect the system from hacks and fraud.
Seriously, the Canadian Government’s computer system is sooooo old and fragmented. God… their infrastructure is sooooo archaic with designs from the 1940s. Very stupid. It is a web of confusion and disorder. I cried when I saw one of their station still on Windows 98 and some of their stations on Windows 2000. Gawd. They do not pay enough when they asked me to come in to do consultation. My advice for them to upgrade their system and standardize their technology across in forest manner was rejected. They are just sooooo stupid. All our tax dollars to Canadian Government with such lousy IT infrastructure, what a waste. It all just goes to their pockets. SAD and pathetic.