The security of the electoral process is critical for all elections. There are always points at which those wishing to manipulate the system could attempt to manipulate vote data. System security is especially important for electronic voting and counting systems, which may introduce new vulnerabilities into an election process.25 These vulnerabilities include external security threats to the security of the system, as well as internal threats of manipulation by those with official access to the system. These technologies are inherently less transparent than paper ballots, where all steps in the voting and counting process are observable. If electronic voting and counting systems are to be trusted by electoral stakeholders, it is important that the security challenges presented by the use of the technology are understood. Mechanisms must be in place to mitigate these security challenges, and any security breaches should be easily identified.
The security of electronic voting and counting systems has become an increasingly important public issue. Early systems were implemented with very few, if any, security mechanisms or checks and balances to ensure that they accurately recorded and reported on votes cast. The 2000 U.S. presidential election can be seen as a global turning point in terms of the scrutiny that technology-based electoral systems were subjected. While technology was certainly not the only problem in that election, it clearly showed that technology, even if well-established, was fallible; checks and balances were essential if voters and contestants were to trust the results generated by technology. This lesson later manifested itself across many aspects of electronic voting and counting, including a much greater scrutiny of the physical security of electronic voting and counting machines and investigations into the possibility of infiltrating the code which runs the systems.
Electronic voting and counting machines and results systems did not fare well under this additional scrutiny. Despite the denial of suppliers and often election administrators, numerous security flaws were found in electronic voting and counting machines by IT security experts in several countries (such as the U.S., the Netherlands and Germany), some with well-established systems of electronic voting and counting. Such cases weaken public confidence in the integrity of electronic voting and counting machines and demonstrate the need for increased vigilance against emerging security risks.
It is clear the issue of physical and logistical security of voting and counting machines and associated communication networks are keen concerns for electoral stakeholders that are important for the integrity of elections. Voting machine suppliers and election administrators have had to increase the measures implemented to ensure this security is achieved, both in terms of voting machine design and in terms of control procedures relating to access to electronic voting machines and systems. The problem is that, as technological solutions ensure system security is improved, so are the ways in which systems can be hacked and manipulated.
As a result, one of the key ways in which these security concerns have been mitigated is through the development of effective audit mechanisms for electronic voting machines, such as the VVPAT. This ensures that, when audit trails are routinely checked, even when a security breach occurs, it can be detected.
25 For more detailed information on this topic, please refer to the following sections in Part 2: Procedural and Legal Frameworks; Procurement, Production and Delivery; Security Mechanisms; Project and Risk Management; Election Day (Set-Up, Testing, Security, Troubleshooting); and Internet Voting.
Emerging Electronic Voting Standards