I count 29 reports published by the Electoral Commission relating to the 2007 pilots in England. A bumper crop for one of the smallest set of pilots we’ve seen. I’ve not read them all page for page, but I’ve had a good long read. I do think these are the best Commission pilot reports ever and the team should all get a medal for the work they’ve put in to get these out in time for the statutory deadline.
They are really rather critical (good!) in particular, on e-voting, the Commission states that:
…there was insufficient time available to implement and plan the pilots,
and the quality assurance and testing was undertaken too late and lacked sufficient depth.The level of implementation and security risk involved was significant and
unacceptable. There remain issues with the security and transparency of
the solutions and the capacity of th local authorities to maintain
control over the elections.The Commission recommends that no further
e-voting is undertaken until the following four elements are in place:
-
There must be a comprehensive electoral modernisation strategy
outlining how transparency, public trust and cost effectiveness can be
achieved. -
A central process must be implemented to ensure that sufficiently
secure and transparent e-voting solutions that have been tested and
approved can be selected by local authorities. -
Sufficient time must be allocated for planning e-voting pilots.
-
Individual registration must beimplemented.
The Commission cannot support any further e-voting in the absence of a
framework incorporating these recommendations.
On e-voting supplier’s quality management, the Commission comments on all suppliers other than one who did try to be open:
No detailed information was provided by other suppliers about their development and configuration management processes, despite the information being
requested on more than one occasion.
This sounds very much like e-voting supplier tactics in the US.
Furthermore:
The level of security assurance of the pilots conducted in 2007 was
below that associated with other government IT projects, and best
practice in security governance was not followed.
But these rather worrying paragraph crops up:
However, the basic service provision of internet and/or telephone-based
services is a well-understood area, and while there are clearly issues
to be resolved related to security, transparency and usability, the
long-term implementation risk associated with the use of mature
technology within sufficient timescales by appropriately qualified
organisations should be acceptable.
So, yes, strong words from the Commission on failings in the implementation and procurement processes. But the Commission does seem to think that, overall, remote e-voting isn’t that challenging a proposition. I strongly disagree as do the vast majority of computer security academics. Those that are working on secure voting algorithms are focussing on polling station systems, not remote systems. The consensus is that the risks of remote e-voting, in particular, are far from acceptable as eloquently described in the SERVE (and subsequent) reports. I think it’s time to pull out my favourite quote from noted cryptographer and security expert Bruce Schneier:
“Building a secure Internet-based voting system is a very hard problem, harder than all the other computer security problems we’ve attempted and failed at. I believe that the risks to democracy are too great to attempt it.”
Jason Kitcat 