Estonia: Russia Anxiety Molds Estonia Vote as Ruling Party to Keep Power | Bloomberg

Estonia’s ruling party is poised to retain power in a ballot on Sunday as concern the conflict in Ukraine will herald similar unrest helps isolate its main challenger. Prime Minister Taavi Roivas’s Reform Party has as much as 23 percent support, neck and neck with the Center Party, which is backed by more than three quarters of ethnic-Russian voters, the latest polls show. Even if the Center Party wins, potential coalition partners such as the Social Democrats or Isamaa ja Res Publica Liit have ruled out an alliance with it. The Baltic region, which evaded Soviet control as communism fell 24 years ago, has been jolted by the Ukraine conflict, the annexation of Crimea and Russian fighter-jet activity on its borders. Concern Vladimir Putin will foment disquiet among ethnic Russians in Estonia, a European Union and NATO member, prompted Reform to add defense pledges to promises of tax cuts.

Estonia: Parliament approves of lowering voting age to 16 at municipality elections | The Baltic Course

The Estonian Riigikogu approved on Wednesday a bill lowering the voting age at local municipality elections from 18 to 16 years; the law amendment that requires a change in the Constitution needs also the approval of the next Riigikogu, in order to come in force, LETA/Postimees Online reports. The bill, initiated by 41 MPs, provides that for the law amendment to take effect, the new composition of the parliament must approve of it with a three-fifths majority vote in favour, i.e. at least 61 deputies have to vote for it. The bill goes in the new parliament to the final vote at once and it must be included in the agenda as soon as possible. If the new Riigikogu adopts the law, then at the next local elections in 2017, 16 and 17 year-olds can also cast their votes.

Estonia: E-voting for NRIs – Estonian experience and Concerns | NITI

The Supreme Court of India has directed the Government of India to enable e-voting facility for the Indians living abroad. This historical decision will let the NRIs to vote online making things better for the Electorate. Earlier, NRIs used to fly back home to cast their vote during elections but now they can vote for their favourite candidate with a click of a mouse. The Election Commission had earlier recommended e-ballot voting for Indian passport holders abroad. The Government had given voting rights to the NRIs in 2010, but as per the rule – the voter has to be present in their constituency on the day of voting. But with this things might change for better. The Central Government had told the Supreme Court that the EC’s recommendation to extend voting rights to NRIs through postal ballots have been accepted in letter and spirit. Taking note of the submissions, a bench comprising Chief Justice HL Dattu and AK Sikri asked the Government to inform it about “further steps taken to implement the suggestions.”

Estonia: Centre Party: e-voting should be banned | Baltic Business News

Estonia’s largest opposition party Centre Party is requesting to ban e-voting in the upcoming European Parliament elections, reports ERR. The request signed was addressed the letter to Estonian President Toomas-Hendrik Ilves, Prime Minister Taavi Rõivas, Secretary of State Heiki Loot, Chairman of the Electoral Committee Alo Heinsalu, Estonian Parliament speaker Eiki Nestor, Chairman of the Supreme Court Priit Pikamäe, Law Chancellor Indrek Teder and State Auditor Alar Karis. Copies of the letter were also addressed to the European leaders Martin Schulz, Herman Van Rompuy and José Manuel Barroso. In its request the party refers to the findings published yesterday by a group of international experts who claim that the Estonian Internet-based e-voting system is extremely vulnerable and should be banned.

Estonia: Online Voting System Is Not Secure, Researchers Say | TechPresident

“I gave my e-vote. This is not only convenient, but a vote of confidence to one of the best IT systems in the world, a vote of confidence to the Estonian State,” tweeted Toomas Hendrik Ilves , the president of Estonia on May 15th, marking the start of early voting for the European Parliament (the voting process will end on May 25th.) While undoubtedly convenient, e-voting in Estonia might not be as safe as President Ilves think. An independent group of researchers recently tested the Estonian I-voting system used during the last municipal elections, held in October 2013, and concluded that the flaws and lapses in operational security make it vulnerable to manipulations. Therefore, it cannot be considered safe enough. Last Monday, the Guardian reported on the research, whose results are available in a technical report published on Estoniaevoting.org, a website set up by the researchers, complete with photos and videos. “These computers could have easily been compromised by criminals or foreign hackers, undermining the security of the whole system,” declared Harri Hursti to the British newspaper. Hursti is an independent researcher from Finland with experience in testing e-voting system.

Estonia: How Secure is E-Voting in the Nation Where 20 Percent of Citizens Vote Online? | Motherboard

Days before voting opens for Estonia’s European elections, a group of researchers came out with a summary of a report that questioned the security of the country’s innovative online voting system. They said that they had found “such serious security vulnerabilities” that, by their recommendation, e-voting should be discontinued. That happened on Monday, and e-voting for the country’s European elections opens on Thursday morning. Estonia’s Electoral Committee seemed as surprised at the news as anyone, and since then the findings have spurred rebuttals (and rebuttals of rebuttals), ignited political debate, and thrown the whole idea of e-voting into disarray. It seems rather quaint that, when we can do everything else on our iPhones, most of the world still votes by trudging along to polling stations to drop cards in boxes or sending paper ballots by snail mail. Estonia, the small country with the big technological reputation, introduced e-voting as an option in 2005, and over 20 percent of voters have used it in recent elections, with voters using the chip in their national ID card and a PIN to prove their identity. The National Electoral Committee notes that it’s particularly useful for voters who live remotely or travel a lot, and said that in the last two elections e-votes were collected from 105 different countries.

Estonia: Online voting system could easily be rigged by hackers | The Verge

Estonia’s online voting system could easily be hacked by attackers working on behalf of an outside government, researchers have discovered. That’s alarming news considering how much faith Estonia has shown in its e-voting system; it’s the only country that uses web-based voting “in a significant way” for national elections, researchers said in a report published Monday. Other countries including the US have steered clear of web-based voting out of security concerns.  And Estonia is a good example of why they’re reluctant to make the jump. After putting together a replica of the Estonian voting setup, a research team found that they were able to infiltrate the voting technology and change the result of an entire election — without leaving any real trace of the digital break-in.

Estonia: Electronic voting system vulnerable to attacks, researchers say | CFOworld

The electronic voting system that has been used in Estonia since 2005 cannot guarantee fair elections because of fundamental security weaknesses and poor operational procedures, according to an international team of security and Internet voting researchers. The analysis performed by the team’s members, some of whom acted as observers during 2013 local elections in Estonia, revealed that sophisticated attackers, like those employed by nation states, could easily compromise the integrity of the country’s Internet voting system and influence the election outcome, often without a trace. The team chose to analyze the Estonian system because Estonia has one of the highest rates of Internet voting participation in the world — over 21 percent of the total number of votes during the last local election were cast through the electronic voting system. During their observation of the local elections and by later watching the procedural videos released by the Estonian election authority, the researchers identified a large number of poor security practices that ranged from election officials inputting sensitive passwords and PINs while being filmed to system administrators downloading critical applications over insecure connections and using personal computers to deploy servers and build the client software distributed to voters. The researchers also used open-source code released by the Estonian government to replicate the electronic voting system in their laboratory and then devised several practical server-side and client-side attacks against it.

Estonia: E-Voting Tests Wind Up, One Bug Fixed | ERR

Just under 2,000 people took part in the e-voting test run last week, with officials saying that casting a vote should take less than a minute. Despite its reputation as an Estonian success story, e-voting has been a controversial issue that has been challenged by political opposition, claims of security vulnerabilities and an ensuing Supreme Court case. This year’s innovation is a verification system, albeit one that only works on Android operating systems.

Estonia: Electoral Committee Launches E-Voting Tests | ERR

Officials begin a three-day period of testing Estonia’s e-election system today, and voters can also participate. The testing comes in light of the fact that the upcoming local government elections will be the first in which Internet voters will be able to verify that they have voted – a sort of electronic receipt, reported ETV. Those wishing to vote online, as has been possible in Estonia since 2005, must download the voting software and log in with their national ID card or mobile ID. Despite its reputation as an Estonian success story, e-voting has been a controversial issue that has been challenged by political opposition, claims of security vulnerabilities and an ensuing Supreme Court case.

Estonia: Volunteers to Put Internet Voting Software to the Test | ERR

A group of IT experts says it intends to carry out a test attack on Estonia’s e-voting software following the release of the source code two weeks ago. Although it was possible to test the system before the code was made public, only administrators had access to the results, reported Õhtuleht. The group of volunteers, led by security expert Renee Trisberg, says it hopes to finish testing the voluminous and complex system one month ahead of Estonia’s next local elections, on October 20 (electronic voting begins 10 days earlier). Since the general framework of the e-voting system has been public for years, Trisberg said, he believes that it is generally secure and that his team can only expect to find minor errors. “I have been a supporter of the e-elections. One must do his part to ensure that nothing happens, even just a simple mistake. Years of finger-pointing will follow if a malfunction were to occur,“ Trisberg said.

Estonia: Architect: E-Election Code Should Not Be a Free-for-All | ERR

Tarvi Martens, a creator of Estonia’s e-election system, countered recent criticism of an open-source license, saying the continued development of the Internet voting software code must be conducted in a controlled and coordinated environment. Last week, the National Electoral Committee, which Martens heads, publicly released the source code of Estonia’s e-voting software. However, the binding Creative Commons license that accompanied the code was the topic of heated debate among IT specialists who disagreed with the restrictions on amending the code. Yet Martens said allowing derivative code and free sharing of it was not the goal of publishing the details of the e-election system.

Estonia: E-Voting Source Code Made Public | ERR

The Electronic Voting Committee yesterday revealed the source code of its server software, opening up technical analysis of the e-elections system to the public. “This is the next step toward a transparent system. The idea, which was the result of joint discussion between numerous Estonian IT experts and the Electronic Voting Committee, was implemented today. We welcome the fact that experts representing civil society want to contribute to the development and security of the e-elections,” said committee chairman Tarvi Martens. Although the source code was accessible before, it required the requester to sign a confidentiality contract. Estonia’s e-voting system has been used for five elections – including general, local and European Parliament elections – since it was introduced in 2005. In the 2011 general elections, 24.3 percent of the votes cast were done so by e-vote, according to the National Electoral Committee. A new feature at the coming October local government elections is an Android-based electronic receipt of sorts that allows a voter to verify if their e-ballot went through properly.

Estonia: E-voting system source code releases in push for transparency, security | Gigaom

For six years, Estonians haven’t had to set foot in a polling place or wait in line to cast their votes for President — instead, they can do it online. And on Thursday, the country’s Electronic Voting Committee released the entire source code of its voting server software on open-source platform GitHub — a move that not only gives Estonians a glimpse into the workings of their e-voting system, but that also gives them a chance to help toughen it up from a security perspective. The Estonian e-voting process is based on the country’s identity card, which is mandatory and issued when a citizen is 15 years old. The card has a built-in electronic authentication system that allows secure voting online from any computer, and each citizen is allowed to submit and change their vote until Election Day. At the last Parliamentary Election in 2011, one in four people chose to cast their ballot via e-vote. While there isn’t enough data to conclude whether e-voting has raised voter turnout overall in the country, the country’s electoral committee views the process as successful.

Estonia: E-voting source code publishes on GitHub | Ars Technica

Estonia, which created the world’s first nationwide Internet-based voting system, has finally released its source code to the public in an attempt to assuage a longstanding concern by critics. “This is the next step toward a transparent system,” said Tarvi Martens, chairman of Estonia’s Electronic Voting Committee, in an interview Friday with ERR, Estonia’s national broadcaster. “The idea, which was the result of joint discussion between numerous Estonian IT experts and the Electronic Voting Committee, was implemented today. We welcome the fact that experts representing civil society want to contribute to the development and security of the e-elections.” Martens and his colleagues have now put the entire source code on GitHub—previously it was only made available after signing a confidentiality agreement.

Estonia: MEP Kristiina Ojuland Ejected From Reform Party Over Alleged Vote Rigging | Politics | News | ERR

The Reform Party, headed by Estonian Prime Minister Andrus Ansip, has cast out MEP Kristiina Ojuland for vote rigging in an internal party election in May. After the scandal emerged in a newspaper report last week, Taimi Samblik, a regional development director, admitted to having secretly cast e-votes on behalf of roughly 40 elderly party members who later said they had not voted. Samblik, who left the party today, said she had been persuaded to rig the votes by Ojuland in May, and in another leadership vote in 2011, by Lääne-Viru County Governor Einar Vallbaum, who has so far avoided being expelled.

Estonia: No Sweat for Vallbaum in E-Vote Rigging Scandal | ERR

One of the he-said, she-said conflicts in the Reform Party’s vote rigging scandal is whether Lääne-Viru County Governor Einar Vallbaum had any involvement. Regional development director Taimi Samblik had accused both MEP Kristiina Ojuland and Vallbaum of persuading her to rig the votes and later of trying to bribe her into taking full responsibility. Yesterday, Samblik left the party and Ojuland was kicked out. But Vallbaum, who had threatened to sue the party if he were expelled, was kept in, as the party said it did not find evidence that he was implicated, ERR reported. Moreover, Vallbaum said he believed Ojuland and claimed that Samblik had made the whole story up. “It’s too bad about Taimi. She did her work well, excluding the two incidents that she made up,” Vallbaum said.

Estonia: EU Parliament member involved in Reform Party election scandal | Baltic Course

Estonian Reform Party court of honour convened for a meeting Tuesday evening to discuss the conclusions of the party’s working group that investigated the internal elections fraud in the party, which, among others, involves Estonian European Parliament member Kristiina Ojuland, LETA/Postimees Online reports. The report of the working group should next be discussed by the party board on Wednesday. The head of the working group, Reform Party MP Väino Linde told Postimees that the materials and testimonies they had collected confirmed the suspicions of the working group that Reform Party’s Lääne-Virumaa county organisation development manager Taimi Samblik, the county organisations chairwoman, European Parliament member Kristiina Ojuland and Lääne-Viru County Governor Einar Vallbaum were connected to the voting fraud that was committed at the elections of the party board in 2011 and 2013.

Estonia: In E-Voting Scandal, Suspicions Arise Over MEP Kristiina Ojuland | ERR

Prime Minister Andrus Ansip has drawn a connection in the e-voting fraud scandal with MEP Kristiina Ojuland.
Ansip told Postimees after a party meeting that Ojuland has made payments from her personal bank account to compensate the party membership dues of 39 people whose identities are suspected to have been stolen. Võru County has emerged as the second voting district to be wrapped up in the Reform Party’s leadership election scandal, in which an insider is suspected of secretly casting e-votes on behalf of elderly party members who claim not to have voted. Only a few cases of identity theft are suspected in Võru County, as opposed to dozens in Lääne-Viru County, ERR radio reported.

Estonia: Alleging Flaws, E-Voting Critics Make Request for 2011 Log Files | ERR

The Center Party, which insists the country’s vaunted electronic voting system is flawed, has made a freedom of information request to the state electoral committee to get e-voting server log files from the 2011 general elections. “In light of our deep doubts about the security of e-elections, we are asking the electoral committee about e-voting software ownership issues and the contracts under which the software was commissioned,” said MP Priit Toobal. Toobal said Center was interested in whether the 2011 e-voting software was audited and if so, what the results of the audit were. Toobal also said the party made a proposal to test the 2013 local election e-voting system and software.

Estonia: Prime Minister Ansip: Election Fraud Suspect Identified | ERR

Prime Minister Andrus Ansip said a member of his party has admitted to manipulating e-votes in the Reform Party’s leadership election last week and in another election in 2011. “The party secretary has a specific individual’s explanation in written form in which the individual admits to having committed the acts at hand. And the individual has suggested that he or she did this at the request and knowing of someone else,” Ansip told ERR radio, without revealing any names as the investigation is still in progress.

Estonia: Parliament Seeks to Make Internet Voting More Transparent | ERR

Parliament is looking to amend the electronic voting procedure in such a way as to make it possible for voters to check whether their votes have been registered correctly. Starting from 2005, e-voting has been used in five elections in Estonia. In order to make the system more reliable and trustworthy, legislators are now looking for a way to make it possible for voters to check whether their votes have been registered correctly. This solution was proposed in response to the concerns that arose during the last elections regarding the possibility of voters’ computers being tampered with, reported ETV. “In the case of a virus that blocks voting, a person may think that he has voted, when in fact the vote has not reached the system. This is why we came up with the idea of giving voters an opportunity to check their votes,” said Reform Party MP and member of Parliament’s Constitutional Committee Andrei Korobeinik. According to him, the voter’s computer is the weakest link in the chain and vote checking is one of the most complicated issues being tackled at the moment. “The initial idea is that the voter will be shown an image that he can photograph off the screen using his mobile phone, and then the system will tell him whether his vote has been registered correctly or not,” he explained.

Estonia: Tallinn Calls in Expert to Denounce E-Voting | ERR

Yesterday, July 20, the City of Tallinn bolstered its drive to bar the nation’s much-touted e-voting system from local elections, holding a press conference where prominent US computer scientist Barbara Simons said that such systems are inherently vulnerable.

The University of California, Berkeley PhD and former Association for Computing Machinery president spoke about risks such as malware, attacks on the server managing the election, insider threats and false websites.

Speaking in general terms, not about Estonia’s system in particular, she said that the nature of e-voting makes it impossible to audit or recount the votes. She also warned of the possibility of software viruses or worms that could infect a computer, casting votes without the user’s knowledge.

Estonia: Expert from USA: e-voting is not safe | bbn.ee

Barbara Simons, a reputable expert on IT-safety, who is visiting Tallinn, claims that as internet becomes more and more dangerous, most of the internet experts are certain that e-voting is everything but safe, writes Raepress.

Simons said that cyber criminals are able to gather all kinds of information and even attack different governments – as Russian hackers did with Estonian internet systems. Simons added that allegedly, the computer virus that attacked Iran was released by specialists from Israel and USA.

Simons was in Tallinn Town Hall yesterday, taking part in a forum dedicated to e-voting and today will hold a public lecture titled “Time is not ripe for e-voting”. On Wednesday Simons will give a press conference as well.

Estonia: Lessons from Estonia: Preparing for a major cyberattack | Nextgov

Visit “Governing Security in a Networked World” to see in-depth video interviews with top thinkers on cybersecurity.

In the spring of 2007, Estonia became the first nation to face a coordinated, nationwide cyberattack when a series of electronic bombardments struck down media, telecommunications, government and banking websites. Digital traffic from servers as far away as Peru, Vietnam and the United States flooded Estonian websites, drowning them in superfluous data. The attack knocked telephone exchanges offline for more than an hour, jeopardizing emergency services. It knocked out media and government portals, leaving citizens in an information vacuum. Beginning April 29, three waves of attacks during a two week period severely disrupted the ordinary tasks that fuel modern economies — shopping, pumping gas, withdrawing cash from automatic teller machines. A significant act of cyberterrorism posed an economic and political threat in a way no modern economy had previously experienced.

Estonia: Estonian Parliament Sets up E-Voting Working Group | ERR

On June 9, the Parliament’s Constitutional Committee established a working group tasked with shoring up regulations related to the country’s much-touted e-voting system.

… Though Estonia’s groundbreaking national e-voting system, introduced in 2005, is widely considered reliable by international observers, it came under fire last month after an OSCE review found a number of legal and procedural holes in the way it was being used.

In early June, the Tallinn City Government filed a motion with the Supreme Court to abolish e-voting at future local elections, citing many of the same concerns.

Estonia: How Estonians became pioneering cyberdefenders | CSMonitor.com

Ahead of spring elections, Agu Kivimägi was tasked with trying to ensure that online voting in Estonia wasn’t vulnerable to attack. Its pioneering system of casting national ballots via the Internet would be a hacker’s prize target.

After the ballots were counted, returning Estonia’s center-right government to power, e-voting escaped assault – or any technical difficulties, for that matter. Mr. Kivimägi, who oversees computer security for Estonia’s Interior department, is part of the world’s first volunteer cyberarmy, deployed this year to help ward off hacker strikes and defend against online warfare.

Made up of Estonia’s best information technology (IT) minds, from programmers to lawyers, the 150-member Cyber Defense League is Estonia’s cyber national guard. Should Estonia come under attack, they would deploy under the command of the National Defense League, a volunteer force created to safeguard the country’s security and independence.

Estonia: Tallinn Looks to Disallow E-Voting at Local Elections | ERR

The Tallinn City Council has filed a motion with the Supreme Court to abolish e-voting at future local elections. City Council Chairman Toomas Vitsut says there are “questionable aspects” to the current regulations on e-voting.

Although the voting system introduced in 2005 is considered one of Estonia’s success stories, and security concerns are generally dismissed in an era of “hanging chads” and other irregularities with paper ballots, Vitsut made it clear he was talking about a different aspect.

“Voters who use different voting options make their decisions in conditions that are legally completely different,” he said. “Some can change their vote repeatedly while others cannot. Thus the elections are not uniform.”

Estonia: Estonian Elections Agency Fines E-Voting Company | ERR

After the internet ballot-counting system temporarily crashed on Election Day evening, the National Electoral Committee said it will demand compensation from Helmes, the company responsible for the country’s vote-counting software. “Quality requirements […] are listed in our contract and if there is a one-time delay of 15 minutes, then there are sanctions for every minute…