Jason Kitcat

I count 29 reports published by the Electoral Commission relating to the 2007 pilots in England. A bumper crop for one of the smallest set of pilots we’ve seen. I’ve not read them all page for page, but I’ve had a good long read. I do think these are the best Commission pilot reports ever and the team should all get a medal for the work they’ve put in to get these out in time for the statutory deadline.

They are really rather critical (good!) in particular, on e-voting, the Commission states that:

…there was insufficient time available to implement and plan the pilots,
and the quality assurance and testing was undertaken too late and lacked sufficient depth.

The level of implementation and security risk involved was significant and
unacceptable. There remain issues with the security and transparency of
the solutions and the capacity of th local authorities to maintain
control over the elections.

The Commission recommends that no further
e-voting is undertaken until the following four elements are in place:

• There must be a comprehensive electoral modernisation strategy
  outlining how transparency, public trust and cost effectiveness can be
  achieved.

• A central process must be implemented to ensure that sufficiently
  secure and transparent e-voting solutions that have been tested and
  approved can be selected by local authorities.

• Sufficient time must be allocated for planning e-voting pilots.

• Individual registration must beimplemented.

The Commission cannot support any further e-voting in the absence of a
framework incorporating these recommendations.

On e-voting supplier’s quality management, the Commission comments on all suppliers other than one who did try to be open:

No detailed information was provided by other suppliers about their development and configuration management processes, despite the information being
requested on more than one occasion.

This sounds very much like e-voting supplier tactics in the US.

Furthermore:

The level of security assurance of the pilots conducted in 2007 was
below that associated with other government IT projects, and best
practice in security governance was not followed.

But these rather worrying paragraph crops up:

However, the basic service provision of internet and/or telephone-based
services is a well-understood area, and while there are clearly issues
to be resolved related to security, transparency and usability, the
long-term implementation risk associated with the use of mature
technology within sufficient timescales by appropriately qualified
organisations should be acceptable.

So, yes, strong words from the Commission on failings in the implementation and procurement processes. But the Commission does seem to think that, overall, remote e-voting isn’t that challenging a proposition. I strongly disagree as do the vast majority of computer security academics. Those that are working on secure voting algorithms are focussing on polling station systems, not remote systems. The consensus is that the risks of remote e-voting, in particular, are far from acceptable as eloquently described in the SERVE (and subsequent) reports. I think it’s time to pull out my favourite quote from noted cryptographer and security expert Bruce Schneier:

“Building a secure Internet-based voting system is a very hard problem, harder than all the other computer security problems we’ve attempted and failed at. I believe that the risks to democracy are too great to attempt it.”

Apologies – I’m running a blog backlog at the moment so I won’t be winning any prizes for the timeliness of my posts.

Given all the work I’ve been doing with the Open Rights Group on e-voting, I was obviously very interested in what the Electoral Commission’s statutory reports were going to say about this year’s pilots. (Note these reports are only about pilots in England, Scotland will be reported on separately.)

Overall, given how timid the Commission has been in the past, I’m pleasantly surprised by these reports. Still, I’m worried that the Government will read the findings more as ‘must try harder’ than ‘drop it’. This is due recommendations focussing on the appalling arrangements for the procurement and implementation of the pilots. I can see ministers thinking that they should just ‘get that bit right’ and the rest will fall into place.

This ignores that fact that, in the view of many security experts, Internet voting can never meet the requirements for a secure, accurate and private election. There are also very significant computer science challenges in delivering other forms of e-voting. These sorts of issues are difficult to communicate to non-technical audiences, but I’m not actually sure whether even the Commission’s or the Government’s technical advisors understand this.

I did some radio interviews on the day of the reports’ publication and I certainly got the impression that people were feeling more instinctively suspcious of these voting technologies than they might have done five years ago. Yet, Michael Wills (apparently the new elections minister but nothing has been announced), seemed completely divorced from reality in comments BBC News Online added later to their piece on the reports:

“These evaluations point to instances where e-counting and e-voting have worked well, and where electors choose to vote remotely by internet or telephone they often had favourable responses to these innovations,” he said.

“The purpose of pilots is to learn lessons for the future and we will do so.”

Despite the commission saying security needed to be “strengthened”, Mr Wills said: “We are pleased that the evaluations point to a high level of system security and user confidence in e-voting systems tested and that the security and integrity of the polls was not compromised.

“We have also made considerable improvements to security of elections more widely.”

If this is their belief inside the Ministry of Justice then we are doomed to yet more botched e-voting pilots in the future and a continued prioritisation of convenience over security in all our elections.

The Open Rights Group will be taking our views to fringe events at the party conferences this autumn in the hope that we can engage local and national politicians on an issue which intimately affects them all.

The Electoral Commission’s reports are available from their website.

ORG’s report into the May elections can be downloaded from our site.

Steven Murdoch & Richard Clayton, two of our observer team in Bedford, have three good posts on the pilots over at the Cambridge University Computer Security blog ‘Light Blue Touchpaper’:

• The role of software engineering in electronic elections
• “No confidence” in eVoting pilots
• Electoral Commission releases e-voting and e-counting reports

Coverage:

• The Guardian
• BBC News Online
• The Register
• ZDNet
• VNUnet
• Bedford Today

Debra Bowen, California's Secretary of State has just completed an incredible project which has dramatically and unquestionably shown leading e-voting systems to be riddled with extremely serious security flaws.

Bowen commissioned a distinguished array of talented computer security academics to review voting systems certified for use in California. The reviews, which included source code analysis, identified a huge number of security vulnerabilities – the number and scope of which has shocked even the most hardened e-voting critics. Bowen decertified the systems reviewed, recertifying some of them in very specific cases, with conditions, such as to enable disabled voters to continue voting unaided.

These voting companies have been saying 'trust us' for years, dodging open reviews and informed criticism based on work by experts such as Harri Hursti. Despite claiming to have fixed the holes previously identified in their systems. The reviews show that the holes hadn't been fixed – and more were found. As Avi Rubin wrote on his blog, “The more these machines are studied, the worse they look.”

ES&S, the only vendor certified in California to have conducted e-voting in the UK this year, directly tried to obstruct the review process by failing to deliver source code and documentation within the timetable specified. Maybe ES&S saw the writing on the wall, and played hardball with a government to protect their business interests of those of the government and voters. This company should not be allowed to do business in the UK.

The reports, hacks, problems and glitches keep piling up; it's only the vendors who are trying to pretend everything is ok. It's tragic that it has taken this long for the United States to start publicly addressing the fundamental problems with e-voting. Thankfully in the UK and across most of Europe we still have chance to stop these systems being introduced before it's too late.

California Secretary of State site with full reports, press releases and much more

Wonderful coverage of the reports and aftermath:

• Ed Felten and Dan Wallach on 'Freedom to Tinker'
• Avi Rubin's blog

Months of work, 25 observers monitoring the elections, stacks of Freedom of Information requests and a lots of coffee. These are some of the ingredients that have gone into ORG's May 2007 Election Report.

When we began planning our observation mission we never expected for a moment that our observers would spot so many problems. But they did and we've had to follow them all up. The report details the serious technical, usability and procedural problems monitored in Scotland and England. It also provides some insight into the high level of spoilt ballots in Scotland.

You can download the report from here.

I know I've been harping on about the problems with e-voting and e-counting for a long time but I was still surprised by the scale and number of problems experienced last week in England and Scotland.

The Open Rights Group observers did amazing work with a huge number of sleepless nights racked up between us all. We're in the midst of collating the data from all the different areas we observed so that I can get down to writing our overall report, which is going to be much bigger and more detailed than originally planned. So blogging here will slow down for a bit while I plough through the data.

The report will be launched in London on June 20th so I haven't got long at all!