Slide 1

Slide 1 text

Questions to ask about Internet Voting Richard Akerman July 2016

Slide 2

Slide 2 text

2

Slide 3

Slide 3 text

The Source Code of Democracy Voting Procedure Delivery of ballot to elector 150 (1) Every elector who is admitted to vote shall be given a ballot by the deputy returning officer. Instructions to elector on receiving ballot (2) The deputy returning officer shall explain to each elector how to indicate his or her choice and fold the ballot so that its serial number and the initials of the deputy returning officer are visible and shall direct the elector to return the marked and folded ballot. Manner of voting 151 (1) An elector shall, after receiving a ballot, (a) proceed directly to the voting compartment; (b) mark the ballot with a cross or other mark in the circular space opposite the name of the candidate of his or her choice; (c) fold the ballot as instructed by the deputy returning officer; and (d) return the ballot to the deputy returning officer. 3

Slide 4

Slide 4 text

Pull Request 4 http://www.parl.gc.ca/ERRE-e

Slide 5

Slide 5 text

The County Election, 1846 5 https://commons.wikimedia.org/wiki/File:The_County_Election,_Bingham,_1846.jpg Public domain

Slide 6

Slide 6 text

The Hustings, 1828 6 https://twitter.com/ElectionsCan_E/status/751101013084479489

Slide 7

Slide 7 text

Voting • Has been designed • Design can be examined in terms of risk • Design can be examined in terms of entire system 7

Slide 8

Slide 8 text

Does the design limit voter coercion? 8

Slide 9

Slide 9 text

Low Medium High Zero 9

Slide 10

Slide 10 text

Coercion Risk Analysis • Voting takes place in a public area (with observers) • Marking the ballot takes place in private, alone • Once the ballot is in the ballot box, it is “detached” from the identity of the voter – no one including the voter can prove how they voted 10

Slide 11

Slide 11 text

11 Can the voting process be understood and examined?

Slide 12

Slide 12 text

Public Understanding • “all essential steps of an election are subject to the possibility of public scrutiny unless other constitutional interests justify an exception” • The Constitutionality of Electronic Voting in Germany 12 https://commons.wikimedia.org/wiki/File:Ibm_pc_5150.jpg by Ruben de Rijcke CC BY-SA

Slide 13

Slide 13 text

Some numbers • 1995 - 50.58% to 49.42% • May 2016 - 50.3% to 49.7% • June 2016 – 51.9% to 48.1% • List of close election results 13

Slide 14

Slide 14 text

14 Is the entire system secure?

Slide 15

Slide 15 text

New Bug 15 http://xkcd.com/1700/ CC-BY-NC

Slide 16

Slide 16 text

16 Copyright © 2014 Richard Akerman https://www.flickr.com/photos/rakerman/14551345714/ Licensed in the Creative Commons CC-BY

Slide 17

Slide 17 text

17 https://commons.wikimedia.org/wiki/File:Walls_of_Constantinople.JPG CC BY-SA

Slide 18

Slide 18 text

18 https://commons.wikimedia.org/wiki/File:Dardanelles_Gun_Turkish_Bronze_15c.png Public domain

Slide 19

Slide 19 text

In the digital world • Copyable expertise • Scale • Distance – which means you may be facing other nations • Detectability 19 Computers can lie

Slide 20

Slide 20 text

Volkswagen 20 In a world where more and more objects are run by software, we need to have better ways to catch such cheaters. As the Volkswagen case demonstrates, a smart object can lie and cheat. It can tell when it’s being tested, and it can beat the test. New York Times – Volkswagen and the Era of Cheating Software by Zaynep Tufekci, September 23, 2015 https://commons.wikimedia.org/wiki/File:VW_Golf_TDI_Clean_Diesel_WAS_2010_8983.JPG by Mariordo Mario Roberto Duran Ortiz CC BY-SA

Slide 21

Slide 21 text

The Problem with Eve Eve Alice Bob 21 client server malware

Slide 22

Slide 22 text

Code Quality 2 22 http://xkcd.com/1695/ CC-BY-NC

Slide 23

Slide 23 text

High risk • “We believe that online voting, especially online voting in large scale, introduces great risk into the election system by threatening voters’ expectations of confidentiality, accountability and security of their votes and provides an avenue for malicious actors to manipulate the voting results.” – May 2016 • Neil Jenkins, Senior Advisor for Cybersecurity Capabilities and Strategy at the US Department of Homeland Security 23

Slide 24

Slide 24 text

Recommendations from computer scientists 24 • To protect the accuracy and impartiality of the electoral process, US ACM makes the following recommendations: – All voting systems -- particularly computer-based electronic voting systems -- embody careful engineering, strong safeguards, and rigorous testing in both their design and operation; and, – Voting systems should also enable each voter to inspect a physical (e.g., paper) record to verify that his or her vote has been accurately cast and to serve as an independent check on the result produced and stored by the system. Making those records permanent (i.e., not based solely in computer memory) provides a means by which an accurate recount may be conducted.

Slide 25

Slide 25 text

An Advanced Canadian System • “We need to be more bold and confident.” – David Lennie, SVP, Data & Analytics • Massively distributed (over 65,000 nodes), fast (parallelized) and verifiable counting, high resiliency, high integrity, no maintenance, pop-up democracy at scale • Better than US • Better than UK • Better than Australia 25

Slide 26

Slide 26 text

Learn More 26 https://www.coursera.org/learn/digital-democracy

Slide 27

Slide 27 text

Get Involved • Submit a brief to the Parliamentary Committee – one brief can be submitted per person; – the deadline for the submission of briefs is 11:59 p.m. (EST) on Friday, October 7, 2016; – Briefs may be sent to the Committee by email ERRE@parl.gc.ca • http://papervotecanada.blogspot.ca/2016/06 /how-to-participate-in-erre-special.html 27

Slide 28

Slide 28 text

Questions • Does the design limit voter coercion? • Can the voting process be understood and examined? • Is the entire system secure? 28

Slide 29

Slide 29 text

Richard Akerman papervotecanada@gmail.com @papervote http://blog.papervotecanada.ca/ Disclaimer: Personal opinions only. Copyright © 2016 Richard Akerman, licensed in the Creative Commons Attribution-Noncommercial 2.0 Canada

Slide 30

Slide 30 text

Annex Videos • Tom Scott (8 minutes) • Andrew Appel (21 minutes) • J. Alex Halderman (1 hour 13 minutes) Reports • BC Independent Panel on Internet Voting • Assessment of Electronic Voting Options – Australian Parliament • Independent Report on E-voting in Estonia 30