Canada’s chief electoral officer is “pretty confident” that Elections Canada has good safeguards to prevent cyberattacks from robbing Canadians of their right to vote in this year’s federal election. But Stephane Perrault is worried that political parties aren’t so well equipped. “They don’t have access to the resources we have access to,” Perrault said in an interview Monday, noting that “securing (computer) systems is quite expensive… Even the larger parties have nowhere near our resources and you’ve got much smaller parties with very little resources.” Moreover, with thousands of volunteers involved in campaigns, he said it’s difficult to ensure no one falls prey to “fairly basic cyber tricks,” like phishing, that could inadvertently give hackers access to a party’s databases. “You can spend a lot of money on those (security) systems and if the human (fails), that’s the weak link.”
Elections Canada has been training its own staff to resist such tricks and, along with Canada’s cyberspying agency, the Communications Security Establishment, will be meeting with party officials again next week to reinforce the need to train their volunteers.
Perrault said he was “really disappointed” that omnibus legislation to reform Canada’s election laws, passed just before Christmas, did not include measures to impose privacy rules on parties, which have amassed huge databases of personal information on voters. At the very least, he said, Canadians should be able to find out what information a party has collected on them and demand that it be revised or removed.