Appeared
in the Toronto Star on April 1, 2012 as Internet Voting Carries Risk As
Shown By NDP Experience
The recent New Democratic Party convention in Toronto may have done
more than just select Thomas Mulcair as the party's new leader.
It may
have also buried the prospect of online voting in Canada for the
foreseeable future. While Internet-based voting supporters have
consistently maintained that the technology is safe and secure, the
NDP's experience - in which a denial of service attack resulted in long
delays and inaccessible websites - demonstrates that turning to
Internet voting in an election involving millions of voters would be
irresponsible and risky.
As voter turnout has steadily declined in recent years, Elections
Canada has focused on increasing participation by studying
Internet-based voting alternatives. The appeal of online voting is
obvious. Canadians bank online, take education courses online, watch
movies online, share their life experiences through social networks
online, and access government information and services online. Given
the integral role the Internet plays in our daily lives, why not vote
online as well?
The NDP
experience provides a compelling answer.
Democracy depends upon a fair, accurate, and transparent electoral
process with independent verification of the results. Conventional
voting may typically require heading down to the polling station, but
doing so accomplishes many of these goals. Private polling stations
enable citizens to cast their votes anonymously, election day
scrutineers provide oversight, and paper-based ballots can be
re-counted if needed.
There are ways to build anonymity and oversight into an online election
process, but as the NDP experienced, there is no way to guarantee it
will be disruption-free. In the NDP's case, 10,000 computers were used
in a distributed denial-of-service attack designed to overwhelm the
online voting system and effectively render it unusable for authorized
voters.
The only real surprise about the attack is that it took anyone by
surprise. Not only is a denial-of-service attack typically cited as the
most likely security disruption, the NDP experienced much the same
thing at its last leadership convention in 2003. Reports
from that
convention - which only involved a single ballot to elect Jack Layton
as the new party leader - indicate that there was a denial-of-service
attack that similarly delayed the voting process.
Online voting threats are not limited to denial-of-service attacks.
Security experts point to the danger of counterfeit websites, phishing
attacks, hacks into the election system, or the insertion of computer
viruses that tamper with election results as real world threats to an
Internet-based voting system.
While several Canadian municipalities have successfully used Internet
voting, those elections were unlikely to be viewed as "targets" for
attack since groups seeking to disrupt an online election will likely
prefer to take aim at high profile events that offer maximum exposure.
Douglas Jones and Barbara Simons, the authors of the forthcoming book
Broken
Ballots: Will Your Vote Count, note that "people running
pilots
are likely to declare success, in spite of any problems that might crop
up. However, it is dangerous to draw conclusions from what appears to
be a successful Internet voting pilot. If the election is
insignificant, there is little to no motivation to sabotage the
election."
National or provincial campaigns clearly qualify as sufficiently
significant to represent an inviting target. There are no "do overs"
with elections nor the possibility of keeping online polling open for
hours or days to ensure that all citizens can exercise their right to
vote. Elections Canada may be anxious to increase voter turnout,
but
the recent NDP experience suggests that jumping on the online voting
bandwagon could place the validity of the election process at risk.
Slashdot, Digg, Del.icio.us, Newsfeeder, Reddit, StumbleUpon, TwitterTagsShareMonday April 02, 2012 |
