I do all my banking, travel booking, shopping and communicating online. Surely in the 21st century, I should be able to vote online? If you are voting to elect the president of your sports club, then online voting is convenient and easy. But it should never be used to elect our government[…]
It’s comforting to see someone as knowledgable and experienced in government computing as Laurence Millar choses to speak out about the dangers of online voting.
He makes all the points you might expect: the risks are too high and the rewards for ratbags are too tempting. We know for certain that criminals and unfriendly governments have intervened in election campaigns. Some even boast about it. So it’s realistic to assume they will turn their attention to an actual vote.
The reality is almost no computer system is foolproof. And few are immune from attackers who are prepared to throw enough resources at breaching security.
But there’s more. Millar writes:
…the chimera of manipulated votes is in itself sufficient to undermine confidence in the result of the election.
And this is just as likely to be the goal of those who would attack elections. Yes, they’d love to manipulate the vote. But they also want to undermine the very idea of a democratic vote.
This suits their purposes almost as much.
Millar’s other points are all valid. It’s worth reading the original post.
Yet something else bothers me about the idea of an online election in New Zealand. Typically projects of this nature are put out to tender and awarded to the lowest bidder.
Tender writers may talk about how the project won’t just go to the cheapest bid, but also about the values, privacy, security and yada, yada, yada that need to be embodied in the system.
We all know the reality. Lower prices win.
We’ve seen this time and time again. Tender responses may be full of piety and goody two-shoes language about protecting this and respecting that.
Words are cheap.
When push comes to shove, saving a few bucks here and there will impress the organisation issuing the tender more than anything else.
It always does.
And even if money is no object and the first tender goes to a first class bidder who does everything right, when it comes up for renewal someone else will be purchasing.
Or the next time. Or the time after that.
Sooner or later cheapskates or, just as bad, companies that are better at lobbying governments than delivering on promises will get the job.
Before you know it there will be an argument for, say, using an overseas cloud provider or a well known brand that hasn’t done a sterling job managing its own digital security in the past.
It is in the nature of these things. Sooner or later we are disappointed.