Wednesday, 28 November 2007

E-Voting could improve on our 100 year old system

E-Voting systems are, by their very nature, complex systems that involve segregation of processes, advanced cryptography and rigorous development methods, and Jason is correct to point out that administration of such complex systems is a difficult area to address. It is therefore unsurprising that many of the current implementations of e-Voting systems have been, shall we say, lacking in a number of key areas. Academics tend to concentrate on the development of a new idea (for example a cryptographic protocol) rather than attempting to build a complete functional system that can be used correctly by stakeholders ranging from electoral administrators and council workers to the general public.

But this doesn’t mean that such a system can’t be built: simply that it is unlikely to emerge organically from academia or from the Open Source Software community. The only realistic environment that’s going to be able to engage all the stakeholders and create an electronic voting system is the business community, and only then if there is the incentive of a ready market. It wouldn’t be cheap to develop (the cost of a team of 10 developers working for a year would be around £400,000 for salary costs alone), but the cost of developing and implementing e-Voting systems pales in comparison to the costs of other government sponsored initiatives (see the NHS computer systems, ID cards, etc.) and can be further mitigated by leveraging the solutions into non-statutory commercial environments.

In fact, remote voting systems are similar in many ways to already existing sensitive on-line applications (despite Jason’s claims) and many of the lessons learnt in the remote banking sector can be applied to the remote e-Voting sphere. Verifiable auditing that guarantees immutability of audit records, message tracking and double checking, exception reporting, all of these are applicable to the area of electronic voting.

One final thing, which I hear denied so often by people that do know better, and on which the whole debate about e-voting seems to turn: currently voting in the UK is NOT anonymous! Your ballot paper has a number on it, and the number is written down against your name on the electoral roll. This information can only be released under judicial order, but it is entirely possible for your vote to be found after it is cast. We’ve had this system for over a 100 years, and it seems to be the elephant in the room for the anti-e-Voting campaigners in the UK. Because of this legal requirement e-Voting systems can be very similar to banking and e-commerce systems, since there is always a final link that can be examined by a judge if severe problems arise.

E-voting, in other words, may be complex to implement and administer, but is technically feasible to develop, and not too dissimilar from already existing, secure commercial systems - and has the potential to duplicate, or even improve on, our existing 100 year old system.

Cross posted from OurKingdom