Netherlands: Opposition to Electronic Voting

Netherlands Case Study

Last updated on December 17, 2013

In July 2006, the campaign “We do not Trust Voting Computers” was initiated by Rop Gonggrijp, founder of the first Internet provider in the Netherlands, and a number of other computer experts.52 The group started its campaign following the March 2006 municipal elections, when electronic voting machines were introduced in Amsterdam for the first time. Although the vast majority of municipalities in the Netherlands used electronic voting machines by this time, Amsterdam had long remained one of the few that still used traditional pencil and paper voting. 

The initiators of “We do not Trust Voting Computers” were concerned about the security of the electronic voting machines in use and their lack of auditability. The group sought to publicize their concerns and generate public debate about their use. The campaign set up a website (http://wijvertrouwenstemcomputersniet.nl) and sought to further investigate the use of electronic voting computers through a series of State freedom of information requests. 

Both the Amsterdam City Council and the MOIKR responded to the freedom of information requests, providing copious documentation about the electronic voting systems, which the campaign posted on their website in late July 2006. The documents revealed several serious security flaws in the systems, as well as demonstrating the extent to which the government had outsourced the election process to equipment suppliers.

Although the campaign generated a certain amount of media interest from the start, the publication of documents and the reaction to it by the technology suppliers brought increased media interest and coverage. SDU accused the campaign of disclosing confidential documents and pursued legal action (ultimately unsuccessful) to remove the documents from the website. NEDAP similarly criticized the actions of the group, accusing it of a conspiracy and assuring the public that voting machines are extensively tested. TNO also protested against the freedom of information request, and, in particular, the publication of its testing reports of the voting machines, which it said contained confidential information. 

The first public reaction from the MOIKR came in late September 2006, following the broadcast of an investigative report on the TV channel TROS RADAR, which raised questions about the security of voting machines. The MOIKR released a statement assuring the public of the security of voting machines and announcing that additional safeguards would be put in place prior to the general elections, including sealing of voting machines, extra protection of the software and extra checking of the software by TNO. 

In early October, “We do not Trust Voting Computers” released a security analysis53, detailing the findings of independent computer experts who bought two NEDAP ESB3 voting machines from a city council and investigated the machines vulnerabilities for five weeks’ time. These findings were highlighted and widely publicized in an investigative news report54 broadcast on national Dutch television. The 17-minute broadcast shows how experts were able to replace a memory chip in the voting machine in less than five minutes that allowed them to manipulate the results of an election. The program raised serious questions also about the system’s complete lack of security safeguards and the lack of physical security of the machines while in storage and during transport. The program also questioned the testing of the voting machines by TNO, as TNO only tested one voting machine (out of 8,000) every four years, and did no security testing. Finally, the broadcast showed experts playing chess on the voting machine, having reconfigured the computer for this purpose to demonstrate that the voting machine was an ordinary computer. 

The accompanying written security analysis demonstrated the security vulnerabilities of the NEDAP ESB3 and detailed several possible ways to attack the system. Such attacks included the ability to compromise secrecy of the vote through the detection of radio emissions outside of a polling station. According to the experts, a relatively simple radio device could be used for this purpose. The analysis concluded that, given the vulnerabilities of the system, the NEDAP ESB3 could not be made to meet any responsible security criteria and should not be used for Dutch elections. It further concluded that the Dutch legal requirements, which the NEDAP ESB3 met, did not consider any security issues and were insufficient for regulating the use of electronic voting machines.


52 The group established itself as a non-partisan foundation on 29 August 2006.

53 Gonggrijp, Rop, et al., “Nedap/Groenendaal ES3B voting computer: a security analysis”, available at http://wijvertrouwenstemcomputersniet.nl/English.

54 Dutch TV-news program EénVandaag, see video clip at: www.veoh.com/watch/v505707dgewqMsB.

NEXT:

Netherlands: Reactions to Concerns

 

Copyright 2019 © - National Democratic Institute - All rights reserved