Category: Canada

Why is there no online voting in Canadian federal elections?

The short answer is that a Parliamentary Special Committee on Electoral Reform studied the issue and recommended against online voting in federal elections in their 2016 report

Recommendation 4
The Committee recommends that online voting not be implemented at this time.

and in 2017 the Government accepted the recommendation in its response to the report

We will not implement online voting at this time.

Here are some Frequently Asked Questions:

  1. Q: Don’t many countries offer online voting in national elections?
  2. Q: Won’t online voting increase turnout, including increasing youth turnout?
  3. Q: Aren’t there studies showing smartphone mobile voting increases turnout?
  4. Q: What standards does Canada have for online voting and computer vote counting?
  5. Q: Don’t we already have the security needed to conduct online transactions?
  6. Q: Aren’t these kinds of attacks on online voting theoretical?
  7. Q: Maybe we need more study of Internet voting in Canada?
  8. Q: What do computer scientists say about online voting?

Please feel free to ask additional questions.

Q: Don’t many countries offer online voting in national elections?

A: No, the only country in the entire world that offers online voting for all citizens in national elections is Estonia, population 1.3 million. The majority of Estonians still choose to cast their votes on paper; only 247,232 votes were cast online in the 2019 Estonian Parliamentary election.

Estonia’s turnout in its 2015 national election was 64.2%.  That’s turnout lower than Canada in its own 2015 national election; Canada’s turnout in 2015 was 68.3%.

Estonia’s 37.6% turnout in the 2019 European Parliamentary elections ranked it 20th of 27 countries for turnout.

For more information see:

In terms of other countries and national online voting:

Q: Won’t online voting increase turnout, including increasing youth turnout?

A: No.  Over and over again, at different levels of government in different countries, no.

Estonia’s turnout is generally declining.

Switzerland saw no effect on turnout.

For many other examples see Online voting doesn’t increase turnout.

I understand that it seems intuitive that voting is about convenience, so online would increase turnout, or that voting is about familiarity, so making it online would increase voting by young people who are already used to doing things online.  This mental model of voting convenience increasing turnout is simply not supported by the evidence.  People choose to vote or not vote for complex reasons.

Q: Aren’t there studies showing smartphone mobile voting increases turnout?

A: No, there was a single study. With a sample size of 144 (one hundred and forty-four) votes.

The paper was presented at the 2019 Election Sciences, Reform, & Administration Conference (ESRA 2019), in the section Public Trust in Elections.  Promises and Perils of Mobile Voting – Anthony Fowler (Univ. of Chicago).

You can see the sample size on page 7: “In total, 144 votes were cast with a mobile device in the November election.”  You can see the total number of votes cast at https://sos.wv.gov/news/Pages/11-16-2018-A.aspx (or archived version in the Internet Archive).

Here’s some advice on citing scientific studies: be very careful when citing a single study that has a small sample size.

It’s also important to note that in the exact same paper, on page 2, Fowler states:

Several European countries abandoned internet voting after seeing that the increases in turnout were not as large as expected…

Q: What standards does Canada have for online voting and computer vote counting?

A: Canada has no standards whatsoever for online voting and computer vote counting (vote tabulation).  Really.

Sometimes systems for computer vote counting at the Canadian municipal level are certified to voluntary US standards, often extremely dated (2005) voluntary standards.

Ontario has finally recognized this as an issue, with Elections Ontario recommending establishing standards and certification for elections technology.

Q: Don’t we already have the security needed to conduct online transactions?

A: Voting is a unique interaction due to the need to both verify that an individual is eligible to vote AND ensure that each individual’s vote is completely anonymous.  This is a very different problem from e.g. online banking, where transactions are not anonymous, in fact they are known to both the bank and the individual.  Banking online is actually not completely secure, but the shared knowledge of transactions enables false or erroneous transactions to be reversed.

The US National Academies of Sciences, Engineering and Medicine (NASEM) has a comprehensive study process, used to arrive at a scientific consensus.  In their report Securing the Vote, they find “There is no realistic mechanism to fully secure vote casting and tabulation computer systems from cyber threats.” and “the risks currently associated with Internet voting are more significant than the benefits”.  For more information see Securing the Vote – US National Academies 2018 consensus report.

The requirement for anonymity is based on the history of voting, where voting was heavily coerced.  People used to have to vote by public declaration, and would be paid or rewarded for voting a certain way (or punished if they didn’t vote for the desired candidate).  For an overview of some of that history from a US perspective, see Andrew Appel’s video Internet Voting? Really?.  For an extensive account from an Australian perspective, including the history of the creation of the secret ballot (also known as the Australian ballot) see Judith Brett’s book From Secret Ballot to Democracy Sausage.

If the idea of someone trying to compromise a Canadian election seems improbable to you, please check out Canadian reports on election security and misinformation, including two reports from Canada’s government cybersecurity agency.

If the idea of someone attacking Canadian government computers seems theoretical to you, it’s important to know that key Canadian government departments including the Finance Department, Treasury Board Secretariat, Defense Research and Development Canada and the National Research Council have all been successfully hacked.

Q: Aren’t these kinds of attacks on online voting theoretical?

A: No, see Practical Attacks on Real-world E-voting (including Internet voting in section 7.3) by J. Alex Halderman and e.g. Researchers Find Critical Backdoor in Swiss Online Voting System by Kim Zetter.

Q: Maybe we need more study of Internet voting in Canada?

A: Online voting has been studied and rejected at the provincial level by New Brunswick, PEI, British Columbia, Ontario, and Nova Scotia.  It has also been studied and rejected at the municipal level by Toronto and Waterloo, amongst other municipalities.

See Canadian reports recommending against Internet voting.

Q: What do computer scientists say about online voting?

Computer scientists, particularly computer security experts who specialise in election security, are overwhelmingly opposed to online voting.

For more information see Internet voting and computer security expertise.

Questions about online absentee voting in the NWT

The Northwest Territories (NWT) will be introducing the option of online voting for absentee voting in the October 2019 Territorial General Election.

For context, “In total, 12,702 ballots were cast in the 2015 Territorial General Election, representing a 44 percent [44%] voter turnout.”  The total number of registered electors was 28,662.  In the 2015 Territorial General Election the total number of absentee ballots was 110 (one hundred and ten).  – Data from 2015 Official Voting Results, Elections NWT (PDF).

Questions to ask

  • What vendor(s) have been procured?
  • What regulations and procedures are in place per NWT Elections Act 132.1. and 360.(f) ?
  • What has been done to ensure a reliable, practical, tested system?

UPDATE 2019-07-04: From CBC article N.W.T. to be 1st province or territory to use online voting in general election we now have some answers:

Simply Voting will be the vendor.

Hitachi will be testing the website.

However, we still don’t know what kind of testing Hitachi is conducting, and we don’t know whether Hitachi’s report will be released to the public.

There is also still no information about online voting regulations and procedures, even though provisions for these are present in the NWT Elections Act 132.1. and 360.(f).

END UPDATE

Background

The authority to conduct online absentee voting, described in law as “voting by absentee ballot by electronic means”, comes from the NWT Elections and Plebiscites Act, as amended November 20, 2018 (PDF).  There are two relevant sections:

132.1. The Chief Electoral Officer may, in accordance with the regulations, establish procedures in respect of voting by absentee ballot by electronic means. S.N.W.T. 2018,c.16,s.40.

360. The Commissioner, on the recommendation of the Chief Electoral Officer, may make regulations

(f)  respecting voting by absentee ballot by electronic means, including regulations that specify which, if any, of the provisions of this Act regarding absentee ballots are to apply to voting by absentee ballot by electronic means.

S.N.W.T. 2010, c.15,s.50; S.N.W.T. 2018,c.16,s.73.

In reviewing the proposal for online absentee voting before the changes to the NWT Elections Act were made, the Standing Committee on Rules and Procedures provided feedback in 2017

The Committee supports amending the Act to allow for the option of electronic voting for absentee ballots in the NWT when a reliable, practical system can be tested and implemented.

Committee Report 1-18(3) / October 17, 2017 / 18th Legislative Assembly of the Northwest Territories, Standing Committee on Rules and Procedures / Report on the Review of the Chief Electoral Officer’s Report on the Administration of the 2015 Territorial General Election, Supplementary Recommendations, and the White Paper on the Independence and Accountability of Election Administration in the Northwest Territories (PDF)

Regulations and Procedures, Reliable Tested System

Accordingly, there should be regulations per NWT Elections Act 360.(f) and procedures per 136.1.

The system should also be tested and demonstrated to be reliable and practical per the Standing Committee on Rules and Procedures report.

Unfortunately I am unable to locate any regulations, procedures, or testing information online.  This is a major gap in all Canadian online voting to date, with an absence of standards and independent public testing.  I hope that Elections NWT will provide this information and make their system available for testing.

(To be clear, I don’t think there should be online voting at all, but if there is going to be, there must be independent, unrestricted public testing first.)

For more information, see:

Open Source code and Canadian elections

Here’s what I wrote in response to some confusion about Canadian elections in the comments on Schneier on Security blog post DARPA Is Developing an Open-Source Voting System

Sfan and Earnest – In response to Sfan’s statement “FWIW, Elections Canada used a paper & marker ballot system and a human & paper based voter validation system until 2015.”

Elections Canada runs federal elections only, and continues to use hand-marked paper ballots that are hand counted. See e.g. https://twitter.com/ElectionsCan_E/status/1105136418639233024

You might be confusing Elections Canada with Elections ONTARIO, which has recently switched from hand-counted ballots to vote counting computers for provincial elections. With, I might add, zero provision for risk-limiting audits.

Municipal elections in Ontario, which are governed by provincial election law, use a mix of vote counting computers (as in the City of Ottawa) and completely unregulated Internet voting. Internet voting run by third-party for-profit companies with zero public availability of source code, zero public security testing, and no legislative provisions for either.

In terms of the substance of Schneier’s blog post, there are also some issues. He quotes

The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA [Defense Department’s Defense Advanced Research Projects Agency].

(Emphasis on special mine.)

Issues to consider:

  • Open source is better (because it can be inspected) but ultimately useless as a voting computer improvement because you cannot prove what code is running on a computer.
  • In theory you can address the issue of what code is running by having secure hardware but there is no perfect hardware security, just like there is no perfect software security.  Additionally, election security is about universally understandable verifiability.  Any citizen should be able to understand the election process and the results.  “Trust us, this special hardware is secure” is no different than “trust us while we go in this special locked room and secretly produce the election results”.
  • Similarly, in theory you can use cryptographic techniques to improve the security and verifiability of the election, but the only people who can actually understand them is a tiny set of cryptographers.  To everyone else you’re saying “trust us, this special crypto code is secure” which is no different than “trust us while we go in this special locked room and secretly produce the election results”.

Having open source is better, having public inspection and testing of the code is better, having verified cryptography is better, but none of these improvements to computer vote counting address the fundamental issue which is that you can’t do computer vote counting in a way that is transparently understandable by every voter, and so you shouldn’t be doing computer vote counting at all.

Plus which, in practice you can’t tell what code is running on a computer anyway, because computers can lie.  Computer programs are written by people; people can lie, and so they can tell computers to lie.  You can ask the computer “are you running this open source code” and the computer can say “oh yes, absolutely” even as it triggers the hidden election day malware that slightly alters votes just enough to tip the result to a different candidate.

At most, when you have very complicated ballots as in the US you can consider doing computer vote counting with hand-marked paper ballots and a risk limiting audit.  But for Canada’s extraordinarily simple elections, computer vote counting adds needless complexity, obscurity and risk to an already optimised system.

That being said, if we are stuck with Internet voting in Canadian municipal elections, open source code and public security testing is absolutely essential, as much because it will demonstrate repeatedly that the source code is both ridiculously complicated and insecure, as for the fact that it helps reduce (but definitely not eliminate) security risks.

In other words, open source and public security inspections are only about making something we shouldn’t be doing in the first place less terrible.  They are not an actual solution.  The actual solution is not to have Internet voting and computer vote counting at all in Canadian elections.

Internet voting doesn’t increase turnout and isn’t reliable

The claims made for Internet voting include:

  • it will increase overall turnout
  • it will increase youth turnout
  • it will be more efficient and reliable than paper-based, human-counted elections

And here is the reality:

  • it doesn’t increase overall turnout
  • it doesn’t increase youth turnout, and in fact young people cast the fewest votes using Internet voting
  • it crashes

That is to say, Internet voting doesn’t even have the benefits claimed for it, setting aside the fact that even if it did, it would be a terrible idea from a security and election transparency perspective.

I don’t have the ability to go through every single one of the hundreds of 2018 Municipal Election reports from the hundreds of (mostly tiny) municipalities in Ontario that used Internet voting, many of them offering only Internet voting (no paper option at all).  But I can give as an example Hanover, Ontario, with 5,411 eligible voters.

Report CAO-05-19 – 2018 Post Election & Accessibility Report, pp. 113-125 of February 4, 2019 Committee of the Whole.pdf

Key sections:

Turnout

The final voters’ list was comprised of 5,411 eligible electors with 2,632 or 48.64% voting. This represented a decline from 56.39% in 2014

Voter turnout was markedly lower among those aged 35 or younger than with those aged 55 or older. Turnout was highest among those aged 60 and over, consistently bettering 60% for both men and women. However, turnout was lowest among those under the age of 35.

Voting Outage and State of Emergency

Due to technical issues in the closing hours of the election, the clerk declared an emergency under section 53 of the Act. Under the circumstances, the decision was made to extend the voting period by 24 hours with the polls officially closing at 8:00 pm on October 23, 2018. 49 municipalities, all clients of Dominion Voting Systems (DVS), were affected by the same technical problem and extended their voting period.

I find it remarkable that given that Internet voting delivers on none of its supposed turnout benefits, and fails in ways that paper elections can’t, Ontario municipalities still plan to use it for the next election.

These results about turnout aren’t new – you can see many other examples in my blog post Online voting doesn’t increase turnout.

I have also extracted Grey County 2018 Municipal Election Turnout, which gives a sense not only of the size of the municipalities involved, but also shows that none of them exceeded 50% turnout.

Grey County 2018 Municipal Election Turnout

In order to give an overall sense of the election, I include 2018 Municipal Elections Post-Election Summary by Municipal Service Office (MSO) – there are five regional MSOs.  It shows a more complicated turnout picture, but basically the conclusion is that Internet voting doesn’t bring dramatic turnout improvements.

2018 Municipal Elections Post-Election Summary by MSO JPEG 300

Ottawa Event – Cyber Attack – Threats to Canadian Democracy

Public Policy Forum event Cyber Attack – Threats to Canadian Democracy
June 6, 2018 at 5pm in Ottawa

As Canada prepares for the 2019 federal election, government institutions, political parties, individual politicians and media are all on the radar of adversaries, ranging in sophistication, from hacktivists to foreign governments. Understanding the potential for attack and what organizations and individuals can do to thwart potential threats is key to ensuring the legitimacy of Canadian elections.

Speakers

The Honourable Karina Gould, Minister of Democratic Institutions

Elisabeth Dubois, Assistant Professor of Communications, University of Ottawa

Jan Neutze, Director of Cybersecurity Policy, Microsoft

Michael Pal, Assistant Professor, Faculty of Law, University of Ottawa
and Director of the Public Law Group

Moderator

Jennifer Robson, Assistant Professor, Political Management, Arthur Kroeger College,
Carleton University

Twitter list of speakers and moderator: https://twitter.com/papervote/lists/ppf-cyberthreats-2018

Bill C-76 Elections Modernization Act – changes implicating electronic voting

April 30, 2018 – 42nd Parliament, 1st Session – Bill C-76 Elections Modernization Act

The proposed changes to section 18.1:

  • a specific section 18.1(3) providing that the Chief Electoral Officer “shall develop, obtain or adapt voting technology for use by electors with a disability, and may test the technology for future use in an election”
  • in 18.1(4) the removal of the requirement that using electronic voting (“voting technology”) require the approval of the full Senate and House of Commons

It’s a bit unclear what the difference is between 18.1(2) “alternative voting process” and 18.1(3) “voting technology”.  Can an alternative voting process include new technology?  I have to assume so, particularly given how it is framed in the Chief Electoral Officer’s recommendations.  (There is no definition provided in the bill for “alternative voting process”).

In An Electoral Framework for the 21st Century: Recommendations from the Chief Electoral Officer of Canada Following the 42nd General Election, Table A—Recommendations Discussed in Chapters 1 and 2, A15. 18.1 it says “The distinction between the approval requirement for testing an electronic voting process and any other alternative voting process should be removed”.

Proposed Changes

2014, c. 12, s. 8
15 Sections 18.‍01 and 18.‍1 of the Act are replaced by the following:
International cooperation
18.‍01 The Chief Electoral Officer may provide assistance and cooperation in electoral matters to electoral agencies in other countries or to international organizations.
Voting studies
18.‍1 (1) The Chief Electoral Officer may carry out studies on voting, including studies respecting alternative voting means.
Alternative voting
(2) The Chief Electoral Officer may devise and test an alternative voting process for future use in an election.
Voting technology — electors with a disability
(3) The Chief Electoral Officer shall develop, obtain or adapt voting technology for use by electors with a disability, and may test the technology for future use in an election.
Prior approval
(4) Neither an alternative voting process nor voting technology tested under subsection (2) or (3) may be used in an election without the prior approval of the committees of the Senate and of the House of Commons that normally consider electoral matters.

Existing Text

Clause 15: Existing text of sections 18.‍01 and 18.‍1:
18.‍01 The Chief Electoral Officer may, at the Governor in Council’s request, provide assistance and cooperation in electoral matters to electoral agencies in other countries or to international organizations.
18.‍1 The Chief Electoral Officer may carry out studies on voting, including studies respecting alternative voting processes, and may devise and test an alternative voting process for future use in a general election or a by-election. Such a process may not be used for an official vote without the prior approval of the committees of the Senate and of the House of Commons that normally consider electoral matters or, in the case of an alternative electronic voting process, without the prior approval of the Senate and the House of Commons.

Canadian reports recommending against Internet voting

Internet voting has been studied.  Again and again.  Any time there is a comprehensive study, it recommends against online voting.

Here are the Canadian federal and provincial reports:

  • New Brunswick (A pathway to an inclusive democracy) – 2017
  • Government of Canada (Strengthening Democracy In Canada: Principles, Process And Public Engagement For Electoral Reform) – 2016
  • Prince Edward Island (Considerations for Applying E-Voting Options [Internet voting] in Canadian Public Elections – Independent Technical Panel on Voting Integrity) – 2016
  • British Columbia (Independent Panel on Internet Voting) – 2014
  • Ontario (Alternative Voting Technologies Report) – 2013
  • Nova Scotia (Internet and Telephone Voting in Nova Scotia) – 2012
  • Quebec (Evaluation Report of the New Methods of Voting that were Used during the Municipal Elections of November 2005 / Élections municipales de novembre 2005 : Rapport d’évaluation des nouveaux mécanismes de votation) – 2006

I can’t list every municipality, but here are a few municipal reports as well:

  • Toronto (EX20.5 – Changes to the Municipal Elections Act and Related Matters Impacting the 2018 Election – Part B – Voting Technology) – 2016
  • Waterloo (CORP2016-105 Alternative Voting Methods (Internet Voting)) – 2016

I don’t know how many times you have to study the exact same thing, year after year, decade after decade, before you eventually agree with the conclusion that we should not implement Internet voting.  Apparently many times.

It is very unfortunate that both Ontario and Nova Scotia, having investigated and rejected Internet voting at the provincial level, have left it to individual municipalities to decide whether to adopt Internet voting municipally, without any briefing or guidance or standards.  Basically municipalities are left to google and decide.  If the provinces had set even basic requirements, such as an independent public security test of all Internet voting systems, things would have gone very differently.  (If you think having independent public security tests of the systems would have too much risk, it’s worth mentioning that even the US Department of Defence has an official “Hack the Pentagon” initiative.)