“It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything.” – Joseph Stalin
We recently had an election in the US – you may have heard about it. In the run-up to the election, and in its aftermath, candidates from all parties have raised the specter of the vote being hacked. Even long established technology magazine Scientific American asked: “Is the vulnerability of computerized voting systems to hacking a critical threat to our national security?”.
Maybe, maybe not. There’s no hard evidence that any hacking was done to the voting and tabulating process. Of course, a really good hacker doesn’t leave fingerprints.
But, according to a report in New York magazine, a group of prominent computer scientists and election lawyers claim that “the share of votes received by [Hillary] Clinton was significantly lower in precincts that used a particular type of voting machine” According to security guru Bruce Schneier, “The magazine story suggested that Clinton had received 7 percent fewer votes in Wisconsin counties that used electronic machines, which could be hacked, than in counties that used paper ballots.”
Anecdotal accounts of the dead and non-citizens voting, as well as tales of people voting multiple times in multiple localities have not been proven. In fact, only a handful of votes from these sources have been validated over the past dozen years. No, it’s as Stalin alluded in the quote above – it’s not the people who vote but the tabulation of the voters that could be easily manipulated.
So can we, as technologists, see a way to insure the integrity of the vote, a valid count of the votes and the election of an officeholder that’s free from hacking? Perhaps the Blockchain could be the answer.
In a recent paper, Philip Nicholas Boucher, of the EU Parliamentary Research Service, wrote: “The blockchain protocol is a means of logging and verifying records that is transparent and distributed among users. Usually, votes are recorded, managed, counted and checked by a central authority. Blockchain-enabled e-voting (BEV) would empower voters to do these tasks themselves, by allowing them to hold a copy of the voting record. The historic record could then not be changed because other voters would see that the record differs from theirs. Illegitimate votes could not be added, because other voters would be able to scrutinise whether votes were compatible with the rules (perhaps because they have already been counted, or are not associated with a valid voter record). BEV would shift power and trust away from central actors, such as electoral authorities, and foster the development of a tech-enabled community consensus.”
I don’t think there’s any need to remove electoral authorities from their role, provided the votes are transparent and can be shown to be properly cast and tabulated. In fact, a recent start-up (2012) in Blacksburg, Virginia USA believes they’ve created a way to do just that. FollowMyVote explain their method as:
“When using our blockchain voting system, the voter would download and install the Follow My Vote voting booth on the personal device of their choice (i.e. desktop computer, laptop computer, smartphone, or tablet). From there, the voter would submit the appropriate identity information in order to have their identity verified by an Identity Verifier, which would be approved by the organization hosting the election ahead of time. Once their identity is verified, the voter would be able to request their ballot, at which point they are issued their correct ballot type by the Registrar. The voter would then complete their ballot and securely submit their vote(s) to the blockchain-based ballot box. To obtain proof of casting their ballot, the voter would have the option to print out a receipt. If allowed by the organization hosting the election, the voter may vote early and could even re-enter the Follow My Vote voting booth to change their vote if they change their mind in the days leading up to the election. When the polls close on Election Day, the most current votes submitted by each voter would be considered the official votes; and, voters would be allowed to follow their vote into the ballot box to ensure that their vote was cast as intended and counted as cast. If they choose to do so, each voter would also be allowed to audit each ballot in the ballot box to confirm the vote totals being reported by our blockchain voting system are accurate, without revealing the identity of each voter.”
The FollowMyVote scenario allows each voter to use their own device, but security experts have long warned that this is susceptible to computer hacking (via malware and/or phishing) which could change a person’s vote. The FollowMyVote people recognize this problem (“The greatest risk of compromise from malware will be on desktop and laptop computers, where the operating systems do not have as strong of a security model, and malware can be difficult to find and remove. Because of this, Follow My Vote will recommend users only vote from these computers using a live operating system (a temporary computer operating system which runs in RAM and is used only for voting), which will neutralize the threat of malware on the computer while the Follow My Vote application is running and storing data on the computer.”)
I’m personally skeptical about how that would work in practice, but by utilizing centrally located voting places (such as the current polling stations) with hardened systems and certified malware-free operating systems and apps (which could be on a tablet running a purpose-built OS) and utilizing Blockchain technology for recording, tabulating and safeguarding the votes then I believe that all hints of hacked votes can be removed from the system and its integrity restored. And all at a lower cost than constant vote recounts by hand!