BLOCKCHAIN & VOTING

What’s wrong with voting?

According to the Government Blockchain Association, there are three main concerns when it comes to our current voting systems. It comes down to three aspects: (i) fallible systems, (ii) accessibility, and (iii) public mistrust of institutions & systems. Accessibility is of the outmost importance. It comes down to voter experiences with voter roll errors, voter identification issues, intimidation (especially with minorities), and misinformation (ex. prisoners and felon convicts are not aware they can vote in the state of Illinois). Such accessibility also affects weaker voter turnout in addition to the inability to leave from work, apathy and registration difficulty.[1]

Some systemic failures have occurred across country, for example, in Los Angeles County Primary Elections in 2018 where a software error resulted in nearly 120,000 voters being left off the printed voter rosters. During the US Presidential Election (2016), there were claims of corruption or interference by both the Republican Party and Democratic Party. The Green Party called for a recount in a number of states. During the Alabama Gubernatorial Election (2002), a computer glitch removed votes from one candidate, added them to another candidate. A re-tabulation took place under suspect circumstances. We cannot forget the US Presidential Election (2000) resulting in a Florida recount. Id.

When it comes to public mistrust, these are valid concerns. During the DEFCON annual cybersecurity conference held in Las Vegas, in 2017, the Voting Machine Hacking Village Demonstration showed that all of the 24 U.S. voting systems used in the US were capable of being hacked within 4 days. Currently many states have fully electronic voting systems with no audit trail. In the United States, there is no federal right to public access of records in order to evaluate electoral outcome accuracy. The states have restrictions too. Id.

U.S. states do not grant public access to voting records. They use proprietary systems to tally votes using trade secret software. They do not publicly report detailed election data by vote type and location. They do not conduct publicly verifiable post-election manual audits of election outcome accuracy. Models and simulations are used to detect anomalies between polls and election results and such disparity results in a loss of confidence in the integrity of election results. Id.

According to the Heritage Fund, there were 1,132 proven instances of voter fraud, 983 criminal convictions, 48 civil penalties, 79 diversion programs, 10 judicial findings and 12 official findings.[2]

Blockchain - Estonia Case Study

With just 1.3 million people, Estonia is only three decades removed from Soviet Rule, and the Estonian’s have not seen a wide-spread Russian hacking of its voting systems. That is because since 2005, the Estonian government has adopted a blockchain voting system before blockchain was even a word. To add, 99 percent of its public services is now electronic. This includes 99 percent of patients’ health data that is now digitized.[3] There are four layers of security in Estonia’s E-Voting that one can learn from:

1. First, you enter your ID card in your computer through a USB card reader. You have two pin codes, one to verify yourself and the other is your digital signature. So, first you log in to the voting system by entering your pin code and verifying that it is actually you who is sitting behind the computer and then you choose the candidate you want to vote for. Then you sign your vote. The Electoral Commission won’t know whom you voted for. [4]

Note: One of the main arguments that e-voting is not safe is that the chairman of a company could force all employees to sit behind the desk and vote for a specific candidate. But the system allows you to change your vote as many times as you want. If you are forced to vote for Candidate A, you can go home and cast your vote again. Or you can go and cast a paper ballot, which will annul your internet vote.[5]

2. After you submit your vote via the desktop computer, the voter has the ability to use her mobile phone to separately connect to the electoral servers via a different set of tools and services to see how her vote was recorded and to verify that it is correct. Therefore, there are two different devices/systems – one to cast your vote, the other to check your vote, decreasing the likeness of your vote being able to be changed. [6]

3. Estonia has several small databases instead of one big government database. It has established databases outside of the country. It has agreements with Luxembourg where its data embassy is located. [7]

4. All the above systems are on a blockchain.

What is impressive is that nearly 30% of the Estonian population casts its ballots from a computer using e-voting where nearly 50-60% of the population participate in elections.[8] That is exactly what we need: increasing voter turnout, increasing enfranchisement, educating the masses, changing perceptions, protecting the integrity of our elections while enhancing their credibility. This can only be achieved by adopting blockchain. If we see blockchain as a tool rather than some desired outcome, we can achieve safer and hackless elections.

Characteristic and Solutions Needed

From the Estonia E-Voting example we can bring out four characteristics of a better voting system: (i) security, (ii) transparency, (iii) mobile voting, (iv) cross-party trust. Applying the blockchain system to voting can speak to (1) secure mobile voting, (2) transparency, and (3) infallibility.[9]

With mobile voting, it will be convenient, easier to register, take much less time, and also reduce the risk of discrimination and intimidation as there will be a mobile ID verification system. Through the nature of blockchain technology, transparency in the system will allow for more-reliable vote counting, and faster, more accurate results which could make a recount debacle obsolete. Id.

Infallibility of the voting system is also due to the nature of the blockchain technology due to its decentralized, cryptographic, dependent, and publicly verifiable characteristics which makes the system private and secure by design. If the votes are logged into the system on a blockchain, the system is immune to cyberattacks and tampering. Id. Votes are unalterable by any force once logged, as seen by this distributed ledger diagram:

Paper ballots could one day become obsolete, although they should still remain in force, but slowly moved away from. Paper ballots can be physically destroyed or tampered with, where digital votes on a blockchain cannot. Remember that the Estonia model allows you to continue changing your votes and annulling any previous vote with a paper ballot, therefore this could be implemented by design. Id.

Another layer of security besides having a valid ID, could be biometric identification such as a fingerprint or retina scan requirement which would ensure that voter fraud is impossible. Any claims made of voter fraud made about a blockchain-based election would be rendered entirely unfounded by reality. Id.

[1] https://www.gbaglobal.org/

[2] https://www.brennancenter.org/publication/heritage-fraud-database-assessment

[3] https://www.zdnet.com/article/e-estonia-what-is-all-the-fuss-about/

[4] https://courses.cs.ut.ee/2015/infsec/fall/Main/EstonianID-card

[5] https://globaljournalist.org/2017/11/estonia-test-case-for-russian-hacking-threat/

[6] https://courses.cs.ut.ee/2015/infsec/fall/Main/EstonianID-card

[7] https://www.cnbc.com/2018/08/14/estonia-not-concerned-about-a-possible-russian-cyberattack-president-.html

[8] https://globaljournalist.org/2017/11/estonia-test-case-for-russian-hacking-threat/

[9] https://www.gbaglobal.org/