Finnish e-voting system must not stay a trade secret
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
A member of Electronic Frontier Finland (Effi), a Finnish association for
promoting digital rights and member of EDRi, has recently sent a request of
information to the Finnish Ministry of Justice regarding their planned
e-voting system. The system will be piloted in the municipal elections
during October 2008 and it is based on a DRE (Direct Recording Electronic)
type e-voting system from TietoEnator Finland and a Spanish back-end
provider, Scytl.
In their response, the Ministry of Justice states that, based on the Act on
the Openness of Government Activities, the documentation that has been
written concerning the specific details of the e-voting system has to be
kept secret on the Documents that have to be kept secret
include documents related to the information security of the system
and documents that contain information about the trade secrets of a
private company, in this case, the systems provider.
Effi’s analysis of the system is only based on high-level documents
provided by the Ministry of Justice and a U.S. patent that has
been granted to Scytl, and is assumed to form the basis of the Finnish
e-voting system core. According to this analysis, the system will
not utilise any voter-verified paper ballot system or even the
electronic receipt system that is detailed in the Scytl patent.
The current, traditional Finnish elections feature a widely
distributed ballot counting process, which is carried out manually and
collectively by the representatives of the competing parties at each
polling station. The results of each polling station are individually
published, providing the representatives with the possibility to
cross-check that the votes at their polling station have been
correctly tallied. The ballots are then separately counted again,
independently of the original count, and archived in case of
further recounts being deemed necessary. The system is quite fast,
providing results in a matter of hours from the whole country, easy to
understand, and very resilient.
The e-voting system as currently proposed would make recounts that
would be independent of the electronic system impossible. It would
also make it possible for a much smaller team of individuals to alter
the election results, as the software, which counts the ballots, is
not public. Since Effi’s original press release, the Ministry of
Justice has unveiled a plan to contract an audit of the software from
the University of Turku in Finland, but this effort seem to be rather
under-resourced when compared to US e-voting system audits,
and is likely to just scratch the surface.
As a counterexample, thirty US states have already made the
voter-verified paper ballot a mandatory part of electronic voting.
For some reason, the Finnish Ministry of Justice has not seen this as
a requirement for the all-electronic voting system in Finland.
Ministry of Justice response to a member of Electronic Frontier Finland
(only in Finnish, 23.01.2008)
http://www.effi.org/system/files?file=om-2008-01-23.txt
E-Voting pilot: Technical implementation and information security (only in
Finnish, 20.06.2007)
http://www.effi.org/system/files?file=Pilotin_tekninen_esittely_v1.0H.pdf
Verified voting (28.01.2008)
http://www.verifiedvoting.org/
Effi: Voting systems must not be trade secrets. (only in Finnish,
25.01.2008)
http://www.effi.org/julkaisut/tiedotteet/lehdistotiedote-2008-01-25.html
Municipal elections 2008: Electronic voting in three municipalities. Press
release from Ministry of Justice (8.02.2008)
http://www.om.fi/en/Etusivu/Ajankohtaista/Uutiset/1201510039860
Web demonstrator and an informational page for the e-voting
system (only in Finnish, 11.02.2008)
http://www.vaalit.fi/sahkoinenaanestaminen/
(Contribution by EDRi-member Electronic Frontier Finland)