Archives

May 27, 2016

Luddite engineers

bush-gore-hanging-chad-florida.jpg
"You geeks," a friend of mine said recently in some exasperation. "You just want everything to be perfect." She was referring to the long-held opposition to online/electronic voting on the part of folks such as the Open Rights Group, the Foundation for Information Policy Research, and security experts such as Matt Blaze and Rebecca Mercuri. ObDisclosure: I am on the advisory councils of both ORG and FIPR.

Online voting is the one area where, as Blaze told Quartz, the people closest to the technology are the ones advising against it; it's that rare case where engineers are being called Luddites. The same engineers who groove on the latest technology typically oppose the adoption of online voting because they have studied the matter with great attention, and are deeply aware of the vast security risks. Insisting on dismissing their conclusions because you believe that technologies such as open source software and the blockchain have fundamentally changed what you can build is to presume that the laws of mathematics apply no more to you than they do to governments wishing to put backdoors in crypto.

In the UK, online voting was pretty much taken off the table in about 2007, when, driven by the above research, the Open Rights Group studied the matter and concluded it was a Bad Idea. At the time, ORG was the only group in the UK interested in the problems with online voting; its 2007report was based on real-world trials. A couple of months ago, the two-year-old group Webroots Democracy, which campaigns for online voting, issued a report (PDF) making all these points and claiming that the security problems experts argue are unsurmountable have in fact can be and have been solved.

Areeq-Chowdhury.jpgWebroots' campaign is based on the very best of motives. Politics, as founder Areeq Chowdhury said passionately on Wednesday evening at the group's second birthday celebration, intimately affects every part of people's lives. We should be far more shocked than we are at the systemic failure represented by recent voting figures: turnout for London's recent Mayoral election was 45.3%, though somewhat higher - 66% - for the last general election..

Ruksana Khalim, representing the Royal London Society for Blind People, provided a further example of the limitations of the present system. At polling stations, Britain provides no accessibility aids for the visually impaired. Accordingly, she must depend on an accompanying relative to read the ballot and guide her to the right box: "so awkward, too frustrating, and too difficult". Voting matters enough to her to persevere, but many others give up. She has, she said, the right to vote - but no means to access that right.

Yes, these are outrageous problems that must urgently be solved. It does not, however, follow that online voting is that solution. To campaign for it and trot out problems you believe it will solve is to put the solution before the problem. This strategy should be familiar: see also Britain's late, unlamented ID card.

On Wednesday, Chowdhury dismissed evidence that online voting does not increase engagement as out of date (2013?). Since ORG's 2007 report, internet use has grown wildly, and all sorts of people now do things online that they didn't previously. Why should voting be any different?

As Jason Kitkat has commented the evidence to date suggests that online voting gives people who already vote an additional method for doing so but does not entice new voters. What matters is believing your vote makes a difference.

mulqueeny at wikimania.JPGIt is in fact just possible that it's different for today's emerging voters. As Emma Mulqueeny pointed out at Nominet's 2015 conference, in presenting the Speaker's report, the born-in-1997s have grown up differently. Theirs is the selfie-kitten-food internet (Mulqueeny's characterization), not Tim Berners-Lee's open web; their teen years have been filled with iPhones and social media with which to build communities and give themselves a voice. They want systemic political change: plain language, politicians going where people are, genuine engagement. It's entirely imaginable that a system requiring physical presence to wield pencil and paper is as profoundly alien as if in order to vote everyone had to dress as if for presentation at Queen Victoria's court.

Voting systems must be usable by and accessible to large, general populations of widely varying abilities and competencies. They must be trusted to produce the result the electorate intends, so integrity and security are crucial. Webroots claims that the latter has been solved. Yet the past failures of proprietary systems are not promising, as Dilbert illustrated recently. One of the technologies suggested in the report, Du-Vote, has already been called "not ready to be deployed" in a December 2015 security analysis (PDF) by INRIA researchers Steve Kremer and Peter Rønne. Sites like Coindesk have are uncertain whether the blockchain is an effective approach. Finally, open source software cannot by itself protect against DDoS attacks, and many other problems.

However, the serious concerns Webroots raises should not be ignored even though its solutions deserve questioning. If we don't - and I don't - believe online voting is the solution, we must propose and campaign for better alternatives.


Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.