The announcement last month by House of Commons Speaker John Bercow of a commission on digital democracy has kicked the debate over e-voting back to life in the UK.
For many years it has been a rather odd debate in the UK because, all too rarely, this is an area where (back when Labour was in power) large sums of money were spent on extensive pilot schemes before, based on the evidence gathered, the idea was dropped. It is how policymaking should work: have an idea, test it and then make a decision based on the evidence.
Yet the evidence gathered through those pilots has since almost completely dropped out of the debate, as if mere evidence doesn’t matter when you can spin exciting tales of technological change, young people and the future.
Of course, technology and our attitudes to it move on, so the failure of those previous pilots to show that e-voting raises turnout to any significant extent does not mean that will necessarily always be the case. Other lessons, however, have a timeless nature.
First, any e-voting technology that requires a special IT set-up just for an election is inherently fragile. Setting up (and then dismantling) an IT system each of the relatively rare times an election comes round is loaded with risk and cost.
Second, and related to this, e-voting needs to be evaluated in the context of not just whether the technology works but also how reliable the systems for managing it are likely to be. The pilots threw up plenty of issues about technology requiring management skills that the electoral administrators did not have. That is a recipe bound to lead to problems – which is why e-voting is not just about the technology, it is about its practical management.
Third, e-voting has to reach a far high quality standard than systems of apparently equivalent importance, such as financial ones. That is because voting is secret and so – unlike your bank account – no-one knows what the result should be and no-one has other documentary evidence to show whether or not it is right or wrong (unless there are printed ballot paper receipts, though even those only audit one small part of the system). You know if your bank account balance is wrong – and can trigger remedial action. No-one knows if an election result is wrong.
If the Speaker’s commission is to do a good job, it will need to study each of these three issues carefully.
* Mark Pack is Party President and is the editor of Liberal Democrat Newswire.
16 Comments
A sound principle to apply to the legislative panic that often surrounds information technology and digital rights issues, is simply to apply the same standards to acts, processes, etc, that use computers, as would apply if the same were done without the use of a computer.
Our paper-ballot based electoral process has been developed over the years to be something that is a) secure, and b) seen to be secure, to a high standard, in the case of in person voting a polling station; perhaps less so in the case of postal voting.
It is fairly trivial to create a secure evoting system; it is somewhat harder, and some would argue impossible, to create one that can be seen to be secure.
So the question is whether we would tolerate a paper-based system that was secure in principle, but could not be seen to be secure. Would we tolerate, for example, the abolition of the right to inspect ballot boxes at the beginning of the day to ensure they are empty, or the right to observe ballot boxes being opened and votes counted?
The problem here is not that computers are incapable of performing some task assigned to them. They are capable. The problem is that they are capable of performing others tasks unseen, and do not lend themselves to transparent operation.
The vital attribute of the locked steel box is not its capacity to hold ballot papers, but it’s incapacity to manufacture and destroy the votes it is supposed to contain – an incapacity that computers lack.
The technological solution to this problem will, therefore, not revolve around general purpose computers, but rather around some as yet uninvented bespoke device that retains the vital incapacity of the locked steel box.
It’s little-known that thanks to computerised vote counting, the margin of error in several 2009 Greater London Authority elections was greater than the majority. This indicates that computerised vote counting (which is not the same thing as computerised voting) needs to be considered carefully. It’s also significantly more expensive.
Problems with computerised voting in the USA should be considered – it is basically impossible to create a secret electronic voting system which anybody other than a computer expert can verify is accurate, and there aren’t enough independent computer experts to properly observe a large-scale computerised vote.
Personally, I’d like to retain manual counting and scrap overnight counts. There’s no need for an election to be declared within 4 hours of the polls closing, other than to keep Jon Snow’s swingometer happy, and daytime counting would be more accurate and cheaper.
I think the speaker should look at the house of commons first – the voting method used in the house is beyond old fashioned – walking into a room while men with sticks count you is medieval. If they wont accept a modern voting method why should the speaker suggest inflicting it on the rest of the population
Put a stake through its heart!
Having browsed through John Bercow’s rather wordy and rambling speech (4000+ words), I think the following paragraph (~90 words) contains the real meat:
“Digital democracy will have some universal features but others which vary nation by nation. It is yet another change which pushes against formality and for flexibility. Its elements might include online voting, e-dialogue between representatives and those represented, increased interconnectedness between the functions of representation, scrutiny and legislation, multiple concepts of what is a constituency, flexibility about what is debated when and how, and a much more intense pace for invention and adaptation. What we are talking about here is nothing less than a Parliament version 2.0.”
[source: http://www.parliament.uk/business/commons/the-speaker/speeches/speeches/designing-a-parliament-for-the-21st-century/ ]
As we can see, the terms of reference are for a much wider consideration of the role of technology to facilitate participative democracy than just electronic voting at election time.
I wonder what Bercow means by all that? I wonder if he has the slightest idea of what he means?
As for e-voting. it could work okay as long as (1) it takes places in polling stations, (2) there is a paper back-up (ie the voting machine prints off a complete ballot paper which the voter checks and puts into a ballot box next to the machine), and (3) there is a secure encryption/retrieval system which allows for the electronic vote to be retrieved in the event of dispute.
Allowing voting from PCs, tablets, phones and whatever new devices are invented in the next couple of years is a recipe for massive rigging of elections as well as stealing of individual votes. As we have seen in too many places with postal and proxy votes – which caused election judge Richard Mawrey QC to refer to Britain as “a Third World country”.
One plus side for electors (though perhaps not for political parties) is that electronic voting in polling stations could allow anyone to vote at any polling station in the appropriate electoral area (eg anywhere in the UK at a General Election).
Close results are a problem. Do you declare them straight away (there is little point in an electronic recount which will just churn out the same numbers). Or do you defer it for a manual recount and what then happens if the numbers are different? (As they will be in most cases). Or…? (There are questions about checking the integrity of the electronic systems if it’s close – but by whom and with what transparency for ordinary mortals)?
If further checking is required but not as a continuation of the same count, there is the intriguing idea of declaring a “provisional result” which is not final and conclusive. Not sure how that ties in with getting a new government in the indecent haste we expect in this country!
In my view it’s all a can of worms but if people are going to look at it all we need to understand the issues.
Tony
I’ll just take this moment to point out that end-to-end voter-verifiable electronic voting systems are a thing that exists. None of the commercial operators are interested in building one and all the electronic vote counting systems that have been used for actual elections are worthless junk, but such schemes have been invented by researchers. These are systems where you can prove, to yourself and anybody interested, that your own vote was counted (in)correctly, but not what that vote was. As such they provide a much higher level of reliability than paper counts (if everybody verifies their vote, the margin of error is zero). This is accomplished by including cryptography in the system, and mutually-distrusting agents (the representatives of all political parties) as guardians of the key material (the system contains enough information to identify which ballot is cast by which individual, but this can only be accomplished by active collusion of all agents to subvert the system).
I find it interesting that here we are considering all the defects of e-voting, without considering how wholly unfit-for-purpose the current system is – which is probably the reason e-voting has been able to linger as an issue.
In the British political system there seems to be a universal unwillingness to face up to the blatant truth that electoral fraud and incompetence is pandemic throughout our system.
A small sift of one voting box in a local election in Nottingham found that 80 odd dead people had decided that this particular election was important enough for them to interrupt their otherwise eternal slumber.
The police decided not to investigate – and the then head of the local police authority decided this was completely legitimate. Of course, his own independence could be called into question considering that he was the leader of the leading local party at the time. (This is not to say that he was bias.)
Public confidence in our system would not be inspired should anyone care enough to really scrutinise it, which may explain why there is such an unwillingness to face this issue head-on. In my opinion, E-voting is, therefore, just a slightly jazzy sideshow to mask and disparage the real issue – the ineffectual nature of our current system.
As such, regardless of whether e-voting in some form could be part of a solution or not, this is the issue we must be concentrating our focus on.
just a thought: if we are contemplating going ‘electronic’, then we could take it a whole step further…..
I have been intrigued over time by the number of questionnaire based systems that appear on facebook and elsewhere, such as ‘political compass’, ‘who should I vote for’ and any number of more trivial ones, which after a stream of questions are able to say where you are politically/ which party you should vote for/ etc. It should be a relatively simple step to identify the ward or constituency of the respondee, crosscheck their answers with the answers already supplied by each of the candidates(not the parties!). Then rather than advising the voter who they should vote for, simply provide a ‘vote’ button at the end, job done.
@Andrew Suffield: It may be possible to build “end-to-end voter-verifiable electronic voting systems”, but there is no way of being sure that they are actually being used. As Joe Otten says, the important issue is not whether the system is secure, but whether it is seen to be secure. Computers perform tasks unseen, so even if the system claims to be an “end-to-end voter-verifiable electronic voting system” there is no way a non-expert user can tell if it is indeed verifying their vote, or if it is just programmed to automatically produce the answer expected of it. A computer system is inherently a black box, and the requirement for voting secrecy precludes any external verification of the result. The paper system may not be absolutely 100% error-free, but normally it does not need to be: the number of errors just needs to be less than the number of votes between the winning candidate and the runner-up, and we can always do recounts when it becomes an issue. The great advantage of the paper system is that it allows end-to-end independent scrutiny by non-experts (and it also can only be subverted by “active collusion of all agents”).
One of the reasons that e-voting keeps on surfacing is as a way of increasing voter participation. This ignores the herd of elephants in the room which are trumpeting that people don’t vote because a) they are very unhappy with politicians but b) voting on whole doesn’t change much because most votes are wasted in the FPTP system.
There’s the real problem and even if all the problems with e-voting could be solved, it won’t change a thing unless the electoral system changes.
The last time around (c.2000) there were a host of polls commissioned by various tech magazines which claimed to show that lots of people would be far more likely to vote if they could do so electronically. What those polls (or, more likely, the reporting of them by the advocates of e-voting) failed to show was that a move from “I’m definitely not going to vote” to “I might possibly vote if the sun is shining and I win the lottery” is hardly going to boost turnout.
Ironically, most of those tech magazines are no longer around…
It is in fact possible to be sure of this, as voter-verifiable means exactly that: each voter can prove, conclusively and inviolably, that their own vote was counted correctly, and they do not rely on the functioning of anybody else’s computer systems to do so. Furthermore the well-designed systems also prove to the political agents that the system as a whole is working correctly, and they can go around asking to see their own supporters’ receipts and validating those.
This is a rather different statement. Yes, it does require expertise to perform the verification step. However it does not require any specific expert. Anybody who wishes to verify the system has two options: they can gain the expertise themselves, which is not too hard if they are trained in any mathematical discipline, or they can locate any expert that they trust and get that person to do it for them. Such experts would be widely available if we used a system like this, because all the technical people would learn how to do it, mostly because it’s cool.
In this scenario we assume that every major political party will have their own experts validate the system and hence be confident that none of the other major players are abusing it. Since the only way this system could be abused is with the active collusion of all the parties that could get elected anyway, we can assume that the system is “good enough” on the basis that if all three major parties are willing to collude to abuse the system then the outcome doesn’t matter anyway.
This statement is simply incorrect; you don’t understand cryptography and what it can do. We can do things with numbers that you will find surprising. We have systems that can let two mathematicians shout numbers across a room full of experts and after a while they’ll both know something nobody else in the room can, and we have systems that let you prove to the room full of experts that you know something, without revealing to them what it is. We can externally verify the result while maintaining voting secrecy, with the proviso that the system requires a group of mutually-distrusting agents to participate in the counting process (which we have already: it’s the political counting agents).
@Andrew Suffield:
That’s what I mean: you need technical expertise to understand the counting process. In contrast, understanding the paper counting process requires no technical expertise of any kind, just common sense.
So it’s necessary, if you are not able or prepared to learn the technical knowledge required to understand the system, to delegate the oversight to someone else who does have it (or claims to). Sorry but not acceptable in a voting process involving a secret ballot.
I do understand about cryptography. I just think it misses the point here. The paper voting process allows independent scrutiny by NON-experts. You can prove to a room full of non-experts that the votes are counted correctly, without knowing who voted for whom. As far as I am concerned, this feature is an absolute requirement of voting based on the secret ballot, and any derogation of it (such as requiring technical expertise to understand the counting process) is absolutely unacceptable. And the paper counting system is known to work. E-voting is thus a solution in search of a problem.
“You can prove to a room full of non-experts that the votes are counted correctly, without knowing who voted for whom. “
Yes, but you can’t prove that ballot papers haven’t been removed from or inserted into the ballot box between the polling station and the count. The present system relies on trust to a large extent.
A system that allowed individual voters to check that their votes had been counted correctly would be an improvement in that respect.
Chris
Yes, but you can’t prove that ballot papers haven’t been removed from or inserted into the ballot box between the polling station and the count. The present system relies on trust to a large extent.
The ballot boxes are sealed, and the seal can be inspected when polls close and when the boxes are opened. When I happen to have been by a polling station when polls close, I’ve always made a point of witnessing the sealing of the box, just to indicate this is all part of the way the system can be guaranteed by the way it uses physical objects to protect secrecy and to deliver the count as people voted. OK, this is not perfect, so I think it might be an idea if there was a provision for representatives of the candidates to ride back with the ballot boxes to where the count takes place.
On e-voting, I work as a Computer Scientist, and I do not know a single person who works in the same profession who is in favour of e-voting.