Why online voting is not like online banking

A security analysis of Estonia's online voting system found, among other things, that Wi-Fi credentials had been posted on a wall opposite a video camera. (See "Security Analysis of the Estonian Internet Voting System" link below.)

A security analysis of Estonia’s online voting system found, among other things, that Wi-Fi credentials had been posted on a wall opposite a video camera. (See “Security Analysis of the Estonian Internet Voting System” link below.)

No sooner had Winnipeggers gone to the polls on Oct. 22 to elect a new mayor and city council than did demands begin to emerge for the whole voting process to be moved online — as is starting to become traditional after just about any election.

Often, the comparison to online banking is made. If people can use the Internet to shift thousands of dollars around in the comfort of their homes, why can’t they use the Internet to choose their councillors, mayors, school board trustees, MLAs and MPs while clad only in their underwear?

This question was effectively responded to in a 2011 Elections B.C. discussion paper on Internet Voting.

In Section 3.0 of the paper, Elections B.C. includes a comment that might come as a slight shock to online banking users. “Online banking was not introduced with the expectation that it would be a fraud-proof means of conducting banking transactions,” the report says.

“The business case for online banking rests on the assumption that the degree of fraud is off-set by reduced operating costs and convenience benefits to clients.”

In short, a bit of fraud here and there is essentially a cost of doing business — something that would not (or at least should not) be tolerated from any elections agency.

Service reliability is also critical. “If an Internet banking service is unavailable, clients can simply try again later,” the report notes. “In the case of an election, a service disruption for any number of reasons (e.g. denial of service attack, hacking, software bug or hardware malfunction, power or network outage) could disenfranchise voters by delaying or invalidating their votes.”

Elections and banking transactions are also subject to completely different kinds of accountability standards.

“Banking transactions are identifiable from end-to-end. They require user authentication through passwords and PINs and the client’s identity follows the transaction through to its completion.”

By contrast, “a voting transaction must begin by authenticating the identity of the voter to confirm their eligibility,” the report notes.

“To preserve secrecy, the vote transaction must then be disassociated from the voter’s identity . . . This [secrecy requirement] makes it much harder to protect the system against fraud and to detect fraud that has occurred.”

“If evidence of tampering with an Internet vote comes to light, there is no ‘before state’ to return to in order to resolve the issue. By contrast, in the existing voting system, ambiguous results are resolved by having voter-marked and verified ballots reconsidered and counted again by another individual, such as a judge.”

The report also goes on to note other more obvious differences between online banking and online voting, such as that online voting would provide easy opportunity for the open buying and selling of votes, and would shift voting activity away from the scrutineers and election workers who are tasked with ensuring that the entire voting process is beyond reproach.

So let’s put to rest the argument that being able to bank online is any indication that being able to vote online is a good idea. They are two totally different processes held up to radically different standards.

Those with a further interest in this topic might enjoy reading:

  • Security Analysis of the Estonian Internet Voting System, which found stunning deficiencies in that country’s online voting system, such as that “operators used a PC containing other software, including PokerStars.ee, to build the official voting client for distribution” and that “on occasion the operators appeared to be deliberately evading us.”
  • Online Voting: Rewards and Risks, produced by the Atlantic Council in cooperation with Intel Security and McAfee. This report includes the caution that “the twin goals of anonymity and verifiability within an online voting system are largely incompatible with current technologies,” and that, “unlike paper ballots, electronic votes cannot be ‘rolled back’ or easily recounted” in the event of a disputed outcome.
Advertisements

About theviewfromseven
A lone wolf and a bit of a contrarian who sometimes has something to share.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: