Voting is the free world’s Trojan horse. Valid voters are suppressed. Vote audits are suppressed. Voter registration systems can be hacked. And the worst-case scenario of all looms before us all like a monster in a horror movie: what if voting machines themselves are hacked, the “results” are faked and democracy is quietly cancelled without the general public even noticing?
We do our banking, our shopping and manage our relationships online. But our democracy remains decidedly analogue: in 2017, the simple act of casting a vote requires citizens to trudge down to a polling booth, queue up, and tick a box on a voting slip.
Thousands of people around the country then frantically count votes overnight, with results slowly dripping in through the morning, constituency by constituency.
Wouldn’t this all be a lot easier if we could vote from home on our computers, or even on our smartphones?
Despite the digitalisation of several important aspects of modern life, elections are still largely conducted offline, on paper. Since the turn of the century, e-voting has been considered a promising and (eventually) inevitable development, which could speed up, simplify and reduce the cost of elections, and might even lead to higher voter turnouts and the development of stronger democracies. E-voting could take many forms: using the internet or a dedicated, isolated network; requiring voters to attend a polling station or allowing unsupervised voting; using existing devices, such as mobile phones and laptops, or requiring specialist equipment.
Now we have a choice: to continue trusting central authorities to manage elections or to use blockchain technology to distribute an open voting record among citizens. Many experts agree that e-voting would require revolutionary developments in security systems. The debate is whether blockchain will represent a transformative or merely incremental development, and what its implications could be for the future of democracy.
Blockchain technology originates from the underlying architectural design of the cryptocurrency bitcoin. It is a form of distributed database where records take the form of transactions, a block is a collection of these transactions. With the use of blockchains a secure and robust system for digital voting can be devised.
Blockchain was first introduced by Satoshi Nakamoto (a pseudonym), who proposed a peer-to-peer payment system that allows cash transactions through the Internet without relying on trust or the need for a financial institution. Blockchain is secure by design, and an example of a system with a high byzantine failure tolerance. Bitcoin is considered the first application of the Blockchain concept to create a currency that could be exchanged over the Internet relying only on cryptography to secure the transactions. Blockchain is an ordered data structure that contains blocks of transactions. Each block in the chain is linked to the previous block in the chain. The first block in the chain is referred to as the foundation of the stack. Each new block created gets layered on top of the previous block to form a stack called a Blockchain.
Current Digital Voting Systems
A number of digital voting systems are currently in use in countries around the world. Estonia has had electronic voting since 2005 and in 2007 was the first country in the world to allow online voting. In the 2015 parliamentary election 30.5% of all votes were made though the nation’s i-voting system . The bases of this system is the national ID card that all Estonian citizens are given. These cards contain encrypted files that identify the owner and allows the owner to carry out a number of online and electronic activities including online banking services, digitally signing documents, access their information on government databases and i-voting. Soon after, electronic voting was adopted by Switzerland for its state-wide elections, and by Norway for its council election.
For an electronic voting system to compete with the traditional ballot system, it has to support the same criteria the traditional system supports, such as security and anonymity. An e-Voting system has to have heightened security in order make sure it is available to voters but protected against outside influences changing votes from being cast, or keep a voter’s ballot from being tampered with. Many electronic voting systems rely on Tor to hide the identity of voters. However, this technique does not provide total anonymity or integrity since many intelligence agencies around the world control different parts of the Internet which can allow them to identify or intercept votes.
Estonian I-Voting System: Estonia was the first country where citizens were able to cast their vote using only the Internet and an electronic national identification card. The ID card used in the elections was designed to run on an integrated circuit, a chip. The card is able to create signatures and is easily usable for authentication, encryption, and signatures. The voter has to download the voting application, authenticate using the electronic ID, and if the voter is eligible to vote a list of candidates will be displayed and a vote could be cast. The vote will be encrypted using the election’s public key and signed with the voter private key. As soon as the vote is cast it will be sent to a vote storage server controlled by the Estonian government. Voters could vote multiple times, and only the last vote will be considered valid. This is done to prevent vote buying.
Norwegian I-Voting System: In 2011 Norway used an electronic remote voting system for the country council elections. The system was developed by e-voting vendor Scytl, and was very similar to the Estonian electronic voting system. However, in 2014, the country has discontinued its I-Voting project due to security concerns. One of the main critics Norwegian I-Voting system faced was the fear of votes going public in case of a cyber attack.
Difficulties with Current E-Voting/I-Voting
One can argue that there are three main requirements in facilitating elections. Firstly, all votes must come from registered voters who can cast a maximum of one vote. Secondly, the final count must reflect all votes cast. Finally, the casting of the vote must be ‘receipt-free,’ so that a third-party cannot determine how a user had voted, to prevent vote buying and coercion. After all, the private ballot is of the utmost importance.
With onsite e-voting, the machines themselves pose a liability; the possibility of malware on the client side machine that monitors the user placing their vote and then later changing their vote to a different candidate. Further, the presence of trojans, viruses or other software when the vote is cast can cause nefarious interference.
Additionally, the machine can also be the target of attacks if the servers that store the encrypted data are hacked. As each voting station across a nation will access the server to store the data, the machines are key access points and thus a vulnerability. This was the case, allegedly, with the latest US presidential elections.
On the other hand, internet voting poses difficulties with validating the user, as the system requires sending information to a server to verify the voter is who they say they are. As a result, there could be issues with the user’s computer being compromised or difficulties arising out of using public WiFi to vote.
There is also the client issue of integrity, such as if the user’s device is compromised, allowing a keylogger, for example, to record the user’s credentials and use them to vote against the will of the original user. Verifying the user presents an issue for the privacy of the vote, since the server will record the time of voting, alongside a personal identifier, potentially usurping the protections in place to guard the freedom of voting, since governments could identify the voter and how they voted. Hackers can also manipulate the verification software into thinking a vote has been cast – or cast differently. This conflicts with the receipt-free approach.
Moreover, log-in credentials can be stolen, misused or forgotten, potentially locking someone out a vote or allowing another to vote as they wish. Additionally, the lack of a paper trail to combat the aforementioned privacy breach would make auditing the results harder.
To quote Ronald Reagan: “Trust, but verify.”
Is Blockchain the Solution?
An undoubtable advantage of blockchain is the inability to retroactively edit ‘blocks.’ Once a vote is in the chain, with the voter being declared as voted, it is un-editable, creating ‘an immutable and tamper-proof way,’ to store the vote. Any attempt to edit the chain would invalidate the later versions, showing that there had been tampering. This provides protection against attempts to alter the votes thus eliminating one of the avenues for voter fraud: manipulating the voting database.
Since elections are a trusted system, there is no need to protect against a centralised power, as the nature of the elections provide that there is a centralised authority giving oversight. As such, this would allow the central authority to oversee the encryption nodes which store and distribute the chain, protecting against tampering in real time. With onsite devices or internet voting, it is harder to audit such systems on the fly.
While blockchain was explicitly designed for transactions on a public ledger, without central oversight, its characteristics make it malleable to support voting systems. Designed as a solution to double-spending in e-cash situations, this can ‘also ensure there is no double voting, and its transparency and public availability make it auditable.’ Votem CEO, Pete Martin, adds that blockchain is ‘fault-tolerant, you cannot change the past, you cannot hack the present, you cannot alter the access to the system, every node with access can see the exact same results, and every vote can be irrefutably traced to its source.’
Furthermore, each voter has the ability to change his or her vote at any time during the process, using their unique ID that is attached to the chain.
“Technology has changed dramatically in the last decade, but America's voting machines are rapidly aging out.” Brennan Center for Justice, America’s Voting Machines at Risk
Startups Working on Voting Machine Technology
Sovereign, launched by the non-profit Palo-Alto-based Democracy Earth, is an open-source and decentralized democratic governance protocol for any kind of organization. Sovereign seeks to rethink the ways in which a citizen can vote on the myriad political objectives in his or her state. The company emerged from Y Combinator and has raised $220,000. Sovereign combines the idea of delegative democracy, aka liquid democracy, with blockchain technology. By distributing a certain number of votes over time, the application allows users to spend their votes like tokens on certain mandates.
The Boule Foundation, launched in February 2017, is taking a similar approach to blockchain voting, developing a system that allows election organizers to purchase tokens with which their electors can vote. They’re also working to provide a secure and anonymous gateway to confirm the vote. The company has impressive advisers on its bench, including the United Nations Internet Society Blockchain Advisor, and is currently holding a creative pre-sale initial coin offering (ICO) through September 24, based in bitcoin of course.
Follow My Vote
Virginia-based Follow My Vote hews close to a theme, incorporating on July 4, 2012 and raising its latest round (undisclosed) on July 4, 2016. Follow My Vote develops open source end-to-end verifiable blockchain voting software for use in government-sponsored elections worldwide. Follow My Vote’s mission is to promote truth and freedom by empowering individuals to communicate effectively and implement non-coercive solutions to societal problems.
Touting its secure online voting platform, Follow My Vote develops open source, end-to-end blockchain voting software for use in government-sponsored elections worldwide. With the ability to audit the ballot box and watch elections progress in real-time, Follow My Vote’s voting machine technology offers what they call “unparalleled electoral transparency.”
V-Initiative, a New York based company, has been focusing on delivering open-source voting solutions based on Bitcoin’s blockchain: “Our goal is to be able to distribute 100% fraud proof, 100% anonymous, digital votes so that we can re-imagine the way democracy works in a digital age.”
Blockchain Technologies Corp (BTC) is another company hoping to replace temperamental voting systems. “America’s voting machine technology – or lack thereof – is a looming crisis,” states the company. BTC claims to conduct “secure, tamper resistant elections by using the blockchain as a high-tech audit trail to ensure voting records are transparently verifiable and all votes are unique.” Blockchain Technologies have been showcasing their “Blockchain Apparatus” platform by conducting straw polls after GOP Republican debates around the USA. The voting platform creates non-financial distributed ledger records, and can be customized to accommodate different clients and their needs.
“The blockchain enables so many great things that were never before possible. While many people are focused on financial applications, we are bringing the security and transparency it enables into the election process.”- Nick Spanos, CEO of Blockchain Technologies Corp.
Votem Corp. is currently funded by its founder Pete Martin, an SAP veteran and develops mobile voting platform that enables users to securely cast votes in elections around the world. It offers Votem App that allows a large demographic of smartphone users to cast their votes on the go. The company also provides ABVote product line that includes various products, including online and mobile voter registration and absentee ballot request for absentee/military/overseas and disabled voters. In addition, it offers Vote4DC online and mobile apps. The company was incorporated in 2016 and is headquartered in Cleveland, Ohio.
Sycltl is a bigger player in the field, offering a variety of secure electronic voting and electoral modernization solutions for the public and private sectors. Founded in 2001 and based in Barcelona, the company has raised $126 million, with Vulcan Ventures one of the most notable. Its patented security technologies, incorporating unique cryptographic protocols, carry out all types of electoral processes electronically, securely, and in an auditable manner. Scytl was spun off from a university research group and it shows—its current patent portfolio is the largest in the industry, composed of more than 40 international patents in election security. Over the past decade, it has managed over 100,000 electoral events electronically across more than 35 countries, including Canada, the United States, Mexico, Switzerland, Bosnia-Herzegovina, and many more.
Founded in 2009, the company has raised $18 million from Bessemer Venture Partners, Peter Lynch—the former manager of Fidelity’s Magellan Fund—and others. Clear Ballot has introduced a new class of tools and a modern approach to voting, enabling unprecedented speed, accuracy and transparency that officials and the voting public have sought for decades. Designed for ease-of-use, Clear Ballot's browser-based software, used with commercially available scanning hardware, scales to election jurisdictions of all sizes and responds directly to the budgetary realities of counties and municipalities. Clear Ballot election technology has been used in six states and is in process for national certification. Some of Clear Ballot's firsts include the nation's first 100% automated, independent statewide audit for the 2016 Presidential Election in the State of Maryland.
Votebox, a New York company founded in January of this year, develops cutting-edge internet voting and governance solutions for the public and private sectors. They have raised an undisclosed amount from D.C.-based incubator 1776. Votebox helps organizations manage their governance in a seamless and decentralized way. Votebox’s mission is to facilitate the way organizations manage their governance. Votebox uses the latest innovations in Internet Voting technology to build a software that gives organization a complete control over their voting events and provides their voters with an awesome experience. Votebox has started building consumer survey apps and progressively evolved towards secure voting applications. Votebox's early prototype was used to decrypt more than 6 million electronic ballots.
Case Study: Blockchain Voting for Peace – Colombia
In order to give Colombian expatriates a voice in a 2016 Peace plebiscite and test the potential of Blockchain technology in electoral processes, the tech non-profit Democracy Earth Foundation set up a digital process that allowed Colombian expats, who were unable to vote through the official process, an opportunity to participate in a plebiscite on whether to approve a peace treaty. This process raised interesting questions for governments about the future use of blockchain in electoral processes, and in the public sector more broadly, and could potentially lead to new ways to ensure the integrity of the election process.
Download the Case Study