Category: Links to documents

Canadian reports on election security and misinformation

Government of Canada


Finland recommends against Internet voting

Finland did an extensive study in 2017, running from February to November, and reported its final results in December.

The report concluded that the risks of online voting outweigh its benefits.

The original government web page has been replaced by a new page: Nettiäänestyksen esiselvitys. Documents are in section Asiakirjat (“Documentation”).
SIDEBAR: The last archive of the previous Nettiäänestys page is from June 16, 2017. END SIDEBAR

Press releases


Key Statements

Online voting technology and the development of the structures required for the system are not yet at a level that would enable a sufficiently secure implementation and introduction of the system. There are still open questions in terms of verifiability and the secrecy of the ballot. It is not expected that the key risks related to online voting would be solved in the next few years.
The monitoring group came into the conclusion that online voting should not be introduced in general elections, because the risks involved are greater than the benefits. Online voting would not resolve the current problems, such as the low voter turnout.

March 14, 2017  Internet voting in Finland

PEI 2016 Plebiscite Voting Integrity Audit Report recommends against federal and provincial Internet voting

Prince Edward Island (PEI) – 2016 Plebiscite on Democratic Renewal – Voting Integrity Audit Report – from the Independent Technical Panel on Voting Integrity (ITPVI) – November 30, 2016

This report is Section 3 Appendix in the 2016 Annual Report of the Chief Electoral Officer of PEI  (PDF), starting on page 35.

Section 11 of the Voting Integrity Audit Report is Considerations for Applying E-Voting Options [Internet voting] in Canadian Public Elections.

The report recommends against Internet voting at the federal and provincial levels, except for absentee voters.

There is a need to maintain an acute level of awareness of the risks to electoral integrity that these new voting methods present. The implications of a breach of the public trust that exists today suggests strongly that internet and telephone voting in Canadian provincial and federal parliamentary elections be considered channels that should be limited to use only by absentee voters for the immediate foreseeable future. …

It is important that leaders in Canadian electoral administration manage public expectations and articulate their concerns about the fact that a perfectly secure and fool-proof electronic voting system does not yet exist.

This recommendation was picked up in the news media, e.g. CBC News PEI – Online voting not ready for federal, provincial election: officials – May 4, 2017.

The group concluded a high-stakes provincial or federal election could attract groups looking to intervene in illicit ways through cyber-attacks, hacking or other means.

The report also does an excellent job of showing the “additional risks and controls associated with online electronic voting” [Internet voting]. These include (highlighting by me):

1. Trusted digital voter identification and authentication is a requisite additional control. An irrefutable digital identity is the first safeguard in ensuring that eligible voters can vote (and can vote only once), and in ensuring that ineligible voters are not permitted to vote. Establishing this identity with a robust ‘shared secret’ is a mandatory prerequisite.

2. The onus is on the buyers, designers, developers, maintainers and operators of any electronic voting system to demonstrate rigor in the specifications, certifications, accreditations, testing and operation of the e-voting system to ensure it is able to mitigate the full range of risks to a reasonable and acceptable level. This has to be achieved to a level of satisfaction regarding both hardware and software risk mitigation. The remaining level of risk needs to be accepted by all stakeholders.

3. With the elimination of the controls that were previously implemented in manually controlled voting processes (refer Appendix ‘G’: Controls C1 – C5), traditional risks are not as fully mitigated as before. In fact, the following risks are difficult to mitigate in any meaningful way:
a. Vote buying / vote secrecy (“I’ll just take a selfie in front of my screen”)
b. Voter coercion (Unless reported, it is impossible to determine if a vote is being coerced)

4. The risk of a voter voting with stolen credentials can only be partially mitigated by effective voters list management and the implementation of a trusted digital voter identification and authentication scheme. Digital voter identification must be robust, but it must also be easily managed so as not to become a barrier to voting because it is overly complex for a voter to use as seldom as once every four years.

5. The additional risks of compromised end-user hardware or software, or a broad regional or national attack on internet infrastructure, remain unmitigated.

The report also identifies the extremely high standard to which we must hold Internet voting, as the transparency provided by conducting paper ballot voting and counting in public are lost when using completely computerized processes.  Highlighting added by me.

The onus is also completely on the online electronic voting system implementer to ensure that controls are established within the e-voting system that meet the legislative requirements of the jurisdiction, and provide an adequate level of transparency for all stakeholders. Simply depositing electronic votes into a ‘black-box’ where they are stored and counted is unlikely to meet stakeholder demands for maintaining a high level of public confidence, unlikely to publicly show that voting risks are continuing to be
managed responsibly, and unlikely to prove to candidates and political parties that the electoral process and controls continue to deliver a trusted and accurate result.

SIDEBAR on turnout:
A demonstration of the reality of Internet voting turnout was the 2016 Prince Edward Island Plebiscite on Democratic Renewal which had 10 days of online voting in addition to two days of in-person voting. Not only was the overall turnout low at 36.5%, but the turnout for ages 18-24 was the lowest of any age range, at 25.47%.

Numbers from McLeod, G. B. (2016, November 9). Interim Report of the Chief Electoral Officer for the 2016 Plebiscite on Democratic Renewal.

British Columbia Internet voting

British Columbia had an Independent Panel on Internet Voting, whose report was submitted in February 2014.  The report is a comprehensive review of the topic.  It recommends against Internet voting for provincial and municipal elections.

1. Do not implement universal Internet voting for either local government or provincial government elections at this time.

It also provides an excellent list of criteria against which any Internet voting system should be evaluated, and indicates that these principles must be met in addition to any standards a technical committee would establish.


The Internet voting process must be readily available to, and usable by, all voters eligible to vote by Internet voting, even in the presence of Internet voting-specific threats.

Ballot anonymity

The voting process must prevent at any stage of the election the ability to connect a voter and the ballot(s) cast by the voter.

Individual and independent verifiability

The voting process will provide for the voter to verify that their vote has been counted as cast, and for the tally to be verified by the election administration, political parties and candidate representatives.

Non-reliance on trustworthiness of the voter’s device(s)

The security of the Internet voting system and the secrecy of the ballot should not depend on the trustworthiness of the voter’s device(s).

One vote per voter

Only one vote per voter is counted for obtaining the election results.
This will be fulfilled even in the case where the voter is allowed to cast their vote on multiple occasions (in some systems, people can cast their vote multiple times, with only the last one being counted).

Only count votes from eligible voters

The electoral process shall ensure that the votes used in the counting process are the ones cast by eligible voters.

Process validation and transparency

The procedures, technology, source code, design and implementation details, and documentation of the system must be available in their entirety for free and unconstrained evaluation by anyone for testing and review for an appropriate length of time before, during and after the system is to be used. Policies and procedures must be in place to respond to issues that arise. Appropriate oversight and transparency are key to ensuring the integrity of the voting process and facilitating stakeholder trust.

Service availability

The election process and any of its critical components (e.g., voters list information, cast votes, voting channel, etc.) will be available as required to voters, election administrators, observers or any others involved in the process. If Internet voting should become unavailable or compromised, alternative voting opportunities should be available.

Voter authentication and authorization

The electoral process will ensure that before allowing a voter to cast a vote, that the identity of the voter is the same as claimed, and that the voter is eligible to vote.

Above from Independent Panel on Internet Voting – Recommendations Report to the Legislative Assembly of British Columbia – February 2014 (PDF) – principles are specifically from Recommendation 4

All Internet voting systems currently in use in Canada fail to meet one or more of these principles. In particular, the systems used for municipal voting in Ontario and Nova Scotia are provided by third-party private for-profit vendors, and do not provide any of the process validation and transparency described above.

New Brunswick Internet voting

New Brunswick had a Commission on Electoral Reform that took online submissions starting at the end of 2016, held meetings in January 2017, and submitted its report at the beginning of March 2017.

The Commission recommended against Internet voting.

Therefore, the commission makes the following recommendations:

  • The government not proceed with electronic voting at this time, due to concerns related to security, confidentiality and privacy.

above from A pathway to an inclusive democracy (PDF) – Goal 3: E-voting – pages 20-21

La Commission fait donc les recommandations suivantes :

  • Que le gouvernement n’aille pas de l’avant avec le vote électronique pour le moment, en raison des préoccupations relatives à la sécurité, à la confidentialité et au respect de la vie privée.

En voie vers une démocratie inclusive (PDF) – Troisième but : le vote électronique/par Internet – de la page 20 à la page 21

I submitted a 16-page briefing to the Commission.

January 1, 2017  New Brunswick Electoral Reform Commission meeting dates
November 27, 2016  Brief submitted to New Brunswick Commission on Electoral Reform – November 2016
November 20, 2016  New Brunswick electoral reform consultation including Internet voting

Election Infrastructure declared critical by US Dept of Homeland Security

Election infrastructure is vital to our national interests, and cyber attacks on this country are becoming more sophisticated, and bad cyber actors – ranging from nation states, cyber criminals and hacktivists – are becoming more sophisticated and dangerous.

Statement by [US Department of Homeland Security] Secretary Jeh Johnson on the Designation of Election Infrastructure as a Critical Infrastructure Subsector – January 6, 2017

There was also a joint statement from US intelligence agencies about  Foreign Cyber Threats to the U.S. issued on January 5, 2017

Despite ever-improving cyber defenses, nearly all information, communication networks, and systems will be at risk for years to come from remote hacking to establish persistent covert access, supply chain operations that insert compromised hardware or software, malicious actions by trusted insiders, and mistakes by system users. In short, the cyber threat cannot be eliminated. Rather, cyber risk must be managed in the context of overall business and operational risk. At present, however, the risk calculus some private and public sector entities employ does not adequately account for foreign cyber threats or systemic interdependencies between different critical infrastructure sectors.

(Emphasis mine.)
The report concludes that things are only going to get worse.

Over the next five years, technological change will only accelerate the intersection of cyber and physical devices, creating new risks. Adversaries are likely to further explore cyber-enabled psychological operations and may look to steal or manipulate data to gain strategic advantage or undermine confidence.

Joint Statement for the Record on Foreign Cyber Threats to the U.S. to the Senate Armed Services Committee – January 5, 2017

I am less interested in the details of specific events and specific actors, but nevertheless, on January 6, 2017 the US Office of the Director of National Intelligence released a joint CIA, FBI, NSA report: ICA 2017-01D “Assessing Russian Activities and Intentions in Recent US Elections”

We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes.

(Emphasis mine.)
ICA 2017-01D Assessing Russian Activities and Intentions in Recent US Elections – January 6, 2017

Online voting doesn’t increase turnout

I wish I didn’t have to say this again and again, but I do.  Here’s what I wrote for the New Brunswick consultation

The City of Kitchener’s 2012 report on Internet voting finds that “There is clear evidence that, regardless of geography internet voting does not attract younger voters.” (Gosse, 2012) Similarly, the 2014 BC Independent Panel on Internet Voting finds in their report that “research suggests that Internet voting does not generally cause nonvoters to vote. Instead, Internet voting is mostly used as a tool of convenience for individuals who have already decided to vote.” (Archer, Beznosov, Crane, King, & Morfitt, 2014)

The paper “Reducing the Cost of Voting: An Empirical Evaluation of Internet Voting’s Effect on Local Elections” by Nichole Goodman and Leah Stokes reviews extensive evidence from online voting in Ontario municipalities and finds that “internet voting is unlikely to solve the low turnout crisis”. (Goodman & Stokes, 2016) A recent demonstration of the reality of Internet voting turnout was the 2016 Prince Edward Island Plebiscite on Democratic Renewal which had 10 days of online voting in addition to two days of in-person voting. Not only was the overall turnout low at 36.5%, but the turnout for ages 18-24 was the lowest of any age range, at 25.47%. (McLeod, 2016)

Gosse, R. (2012, December 10). FCS-12- 191 – Alternate Voting – Internet Voting. Retrieved from City of Kitchener – Laserfiche WebLink:

Archer, K., Beznosov, K., Crane, L.-A., King, V., & Morfitt, G. (2014, February 12). Recommendations Report to the Legislative Assembly of British Columbia. Retrieved from British Columbia Independent Panel on Internet Voting:

Goodman, N., & Stokes, L. C. (2016, October 6). Reducing the Cost of Voting: An Empirical Evaluation of Internet Voting’s Effect on Local Elections. Retrieved from Social Science Research Network (SSRN):

McLeod, G. B. (2016, November 9). Interim Report of the Chief Electoral Officer for the 2016 Plebiscite on Democratic Renewal. Retrieved from Elections Prince Edward Island:

But there’s more, much more than that.
Halifax has online voting. Turnout dropped by more than 10,000 in the 2016 Halifax election.

In the last municipal election in 2012, 66,272 people voted by e-vote and phone (22.2 per cent of the entire vote). At the close of e-voting Thursday, the HRM registered 55,788 electronic and telephone votes.

Evidence again and again shows that online voting does not increase participation, by youth or by any voting group.  All that happens is that (mostly middle-aged) people who would have voted at a polling station anyway vote online.

Young ontario voters (aged 18-24) more likely to use paper ballots than internet voting

above from Internet Voting Project Twitter – – 31 October 2015

  1. 3.100  Advocates also cite current Estonian and Swiss internet voting as improving equality and voter turnout, convenience and timely vote counting. However, these examples have either been consistently undermined in security analyses (in the case of Estonia) or have not been proven in a general election (in the case of Switzerland).

above from Parliament of Australia – Inquiry into and report on all aspects of the conduct of the 2013 Federal Election and matters related thereto Second Interim Report Chapter 3: National and international experience – Committee Comments
For more on Estonian Internet voting, see subsequent blog post (in legacy blog) Estonian Internet voting and turnout myths.

there was no impact on turnout, which actually decreased very slightly

above from UK Electoral Commission – Official report on internet voting pilot at Rushmoor elections published – June 3, 2008

Internet voting is seen by some as a potential solution to this trend of declining voter turnout. … While there have been some Internet voting elections where voter turnout has increased, when other factors such as the apparent closeness of the race and interest in particular contests (e.g., a mayoral election without an incumbent) are taken into consideration, research suggests that Internet voting does not generally cause non-voters to vote. Instead, Internet voting is mostly used as a tool of convenience for individuals who have already decided to vote.

above from BC Independent Panel on Internet Voting report (PDF) page 12 – February 2014

However, it said, there was no evidence that the trial led to a rise in the overall number of people voting nor that it mobilised new groups, such as young people, to vote.

above from BBC – E-voting experiments end in Norway amid security fears – 27 June 2014

At best, [Michael] McGregor said, the evidence is mixed. He sees internet voting as no different than advanced polls in that “it’s not increasing turnout, it’s just people who are already voting.”

[Nicole] Goodman’s data from municipal elections in the Toronto-area municipality of Markham, which has had internet voting since 2003, found that “those aged 35–64 are the strongest internet voting users in all election years and suggest that online ballots are growing in popularity among older voters while use is waning among younger voters.”

above from CBC News – Why hi-tech voting has low priority for Canadian elections – September 9, 2015

  • Statistics indicate that internet voting does not increase voter turnout or youth participation.

above from City of Mississauga report on Internet Voting – Potential enhancements for the 2018 Municipal Election: Internet Voting, Ranked Choice Elections and Vote Anywhere. (PDF) – June 20, 2016

Some content above adapted from legacy blog post evidence about online voting (particularly turnout).

In the Special Committee on Electoral Reform report Strengthening Democracy in Canada, they quote Harold Jansen

Harold Jansen posited that introducing online voting would not have any appreciable impact on voter turnout:

I also am suspicious of how great the gains would be in terms of voter turnout. I think most of the issues lie around motivation, not opportunity. I’m suspicious of a lot of things when people say on surveys, “Oh, I was too busy to vote”. Often, it just means, “There are other things more important to me than voting.” Okay, citizens can make those kinds of determinations. Voting is not that onerous, and I think Elections Canada has done a pretty good job in the last 20 years of improving the accessibility of the vote. There are more ways to vote than ever before.

I don’t think we should expect realistically huge gains in voter turnout. I don’t think that should be a motivation. It would be more convenient for some people, but these are people who would likely vote anyway. What I found was that the people most likely to say they were very likely to cast a vote in our survey were people who had already voted. They would just switch to doing it online.412

412ERRE, Evidence, 1st Session, 42nd Parliament, 22 August 2016, 2005 (Harold Jansen).