Three Swiss cantons that were preparing to use a new e-voting system this year say they will seek financial compensation after it was unexpectedly withdrawn and put on ice. Fribourg, Neuchâtel and Thurgau will seek compensation after spending money on making the system ready to voters in the October elections. Fribourg told the Swiss News Agency Keystone-SDA that it had invested CHF150,000 ($151,000). A fourth canton, Basel City, said it was considering its options on suing Swiss Post, the state-owned postal service that had developed the system. The Swiss government recently suspended efforts to enshrine electronic voting in the law. Swiss Post followed this announcement by suspending its e-voting platform, to which the four cantons had already subscribed.Full Article: Three cantons seek damages for failed e-voting system - SWI swissinfo.ch.
Articles about voting issues in the Swiss Confederation.
Swiss Post has suspended its e-voting system effectively spelling the end of the online trials with the current technology for the October parliamentary elections. The state-owned company said it took the decision after the government announced last week that it will drop plans to introduce e-voting as an official voting channel for the time being. However, Swiss Post pledged to develop a new, updated version with universal verifiability available from 2020, according to statementexternal link on Friday. The current system of Swiss Post has been in use in four cantons on a trial basis, notably the registered expat Swiss community living around the world. Last month, a rival system developed by canton Geneva and used by three other cantons, was also withdrawn with immediate effect. The moves come amid increasing opposition against e-voting for data security reasons.Full Article: No e-vote option for the Swiss parliamentary election - SWI swissinfo.ch.
Switzerland: Control-Alt-Delete? Swiss government puts the brakes on e-voting | James Walker/The Daily Swig
The Swiss Federal Council has suspended its plans to bring electronic voting (e-voting) into regular operation in Switzerland. Concerns surrounding the security and integrity of one online voting system were cited among the reasons for the U-turn. In December 2018, the Federal Council launched a consultation into proposed amendments to Switzerland’s Political Rights Act that would effectively make e-voting a third regular voting channel, alongside in-person and postal votes. This consultation is now over, and although a “clear majority” of the cantons and political parties were said to support the introduction of e-voting in principle, the Federal Council said it has decided to “provisionally forgo” the introduction into regular operation. “The political parties which support e-voting in principle consider that now is not the right time to take that step,” a statement reads. “The Federal Council has therefore decided not to proceed with the partial revision of the Political Rights Act at the present time.”Full Article: Control-Alt-Delete? Swiss gov’t puts the brakes on e-voting | The Daily Swig.
The government has decided to suspend efforts to enshrine electronic voting in Swiss law, but it plans to continue trials using improved systems. The expatriate Swiss community is alarmed by the announcement. A consultation among political parties and the 26 cantons, as well as a series of technical flaws in the current systems, has led the government to review its policy on e-voting, according to the Federal Chancellor Walter Thurnherr. “Opinions are clearly divided. The cantons have come out in favour, but the parties are against,” he told a news conference on Thursday. “This means there is not sufficient support at the moment for the introduction of e-voting on a legal basis.” Thurnherr added that the series of limited e-voting trials underway since 2004 will continue unless “citizens or politicians decide otherwise”, though he also acknowledged that public opposition has grown since the tide started turning against e-voting two years ago. Recently, a committee launched a people’s initiative for a five-year e-voting moratorium amid the controversial discovery of technical problems in the two e-voting systems currently in use.Full Article: E-voting suffers another setback amid expat Swiss concerns - SWI swissinfo.ch.
Swiss officials are delaying plans to introduce electronic voting across the Alpine country, saying it’s “premature” because of problems testing the security and reliability of the system. The Federal Council said there is support for e-voting in addition to mail-in and in-person balloting. Some Swiss cantons, or regions, have already used e-voting systems, and the federal government has supported work on a nationwide system.Full Article: Swiss Delay Plans for Nationwide e-Voting, Citing Flaws - The New York Times.
Swiss citizens overseas registered for e-voting in the cantons of Geneva, Bern, Aargau and Lucerne will not be able to vote electronically in the national parliament elections in October. The canton of Geneva has decided to accelerate the phasing out of the voting platform used by these cantons until now. Geneva had earlier announced that it was shelving its CHVote platform (developed in 2003) due to cost reasons. However, it said that it would keep the platform going until February 2020. But it has now decided to deactivate CHVote earlier than originally anticipated, leaving some users unable to vote electronically in the parliamentary elections in October. This decision was taken in agreement with the cantons of Bern, Aargau and Lucerne, which have been using CHVote since 2010.Full Article: Most Swiss expats to lose e-voting access in parliament elections - SWI swissinfo.ch.
Verifiability is a critical part of the trustworthiness of e-voting systems. Universal verifiability means that a proof of proper election conduct should be verifiable by any member of the public. The SwissPost e-voting system, provided by Scytl, aims to offer a partial form of verifiability, called “complete verifiability”, which resembles universal verifiability but adds the assumption that at least one of the components on the server-side, i.e., the computers running the voting system, behaves correctly. (Universal verifiability offers guarantees even if all server-side components are malicious.) In the SwissPost system, encrypted electronic votes need to be shuffled to protect individual vote privacy. Each server who shuffles votes is supposed to prove that the set of input votes it received corresponds exactly to the differently-encrypted votes it output. This is intended to provide an electronic equivalent of the publicly observable use of a ballot box or glass urn. We show that the mixnet specification and code recently made available for analysis does not meet the assumptions of a sound shuffle proof and hence does not provide universal or complete verifiability. We give two examples of how an authority who implemented or administered a mix server could produce a perfectly-verifying transcript while actually – undetectably – manipulating votes.Full Article: Trapdoor commitments in the SwissPost e-voting shuffle proof.
The e-voting system operated by Swiss Post will not be available for nationwide votes on May 19. This is the consequence of “critical errors” found during a public intrusion test, the Federal Chancellery and Swiss Post announced on Friday. The Federal Chancellery said in a statementexternal link it would review the licensing and certification procedures for e-voting systems. It added that it had no indication that these flaws had resulted in votes being manipulated in previous ballots. Swiss Post’s e-voting system had been in use in four cantons: Basel City, Fribourg, Neuchâtel and Thurgau. The Organisation of the Swiss Abroad said on Fridayexternal link it was deeply disappointed by the news, describing it as a blow against online voting “and thus a denial of the democratic rights of the Swiss Abroad”.Full Article: Swiss Post’s e-voting system pulled for May votes - SWI swissinfo.ch.
A second error in the Swiss Post planned e-voting system has been discovered as the public intrusion test phase comes to an end. The Federal Chancellery announced the need for action and confirmed a review of the e-voting certification and approval process. The same computer experts who discovered a critical error in the source code of Swiss Post’s new e-voting system earlier this month announced they discovered a further security gap. It was identified as part of the public intrusion test that has been running since February 25, during which the e-voting source code was released. The bug affects universal verifiability – the same area of the system as the first error. However, in this case the error would not make it possible for arbitrary manipulation of any possible votes to go unnoticed, according to the Federal Chancellery. That said, votes could be made invalid without being discovered by the mathematical evidence. René Lenzin, deputy head of communications at the Federal Chancellery, told the Swiss news agency Keystone-SDA that the error confirmed a “need for action”. The error discovered on March 12 had already shown that universal verifiability and thus the “heart of the system” had not worked. The system had to recognise if manipulation had taken place.Full Article: Additional flaw found in Swiss Post e-voting system - SWI swissinfo.ch.
Switzerland: Second flaw found in Swiss election system could change ‘valid votes into nonsense,’ researchers say | CyberScoop
Researchers have uncovered a second security flaw in the electronic voting system employed by the Swiss government. The vulnerability involves a problem with the implementation of a cryptographic protocol used to generate decryption proofs, a weakness that could be leveraged “to change valid votes into nonsense that could not be counted,” researchers Sarah Jamie Lewis, Olivier Pereira and Vanessa Teague wrote in a paper published Monday. This disclosure comes weeks after the same team of researchers announced they had uncovered a flaw in the e-voting system that could allow hackers to replace legitimate votes with fraudulent ones. Swiss Post, the country’s national postal service, which developed the system along with Spanish technology maker Scytl, said earlier this month that first vulnerability had been resolved. Researchers said at the time that the vulnerability demonstrated what can go wrong when governments shift to electronic voting with no alternative plan. The security and integrity of electronic voting systems vary by country, and the vulnerabilities outlined in this research are specific to Switzerland, but other areas of the world increasingly are moving toward a voting infrastructure where it could soon be impossible to verify whether vote tampering has occurred. Christopher Krebs, head of the U.S. Cybersecurity and Infrastructure Agency told Congress last month election officials must have the ability to audit election results.Full Article: Second flaw found in Swiss election system could change 'valid votes into nonsense,' researchers say.
Switzerland made headlines this month for the transparency of its internet voting system when it launched a public penetration test and bug bounty program to test the resiliency of the system to attack. But after source code for the software and technical documentation describing its architecture were leaked online last week, critics are already expressing concern about the system’s design and about the transparency around the public test. Cryptography experts who spent just a few hours examining the leaked code say the system is a poorly constructed and convoluted maze that makes it difficult to follow what’s going on and effectively evaluate whether the cryptography and other security measures deployed in the system are done properly. “Most of the system is split across hundreds of different files, each configured at various levels,” Sarah Jamie Lewis, a former security engineer for Amazon as well as a former computer scientist for England’s GCHQ intelligence agency, told Motherboard. “I’m used to dealing with Java code that runs across different packages and different teams, and this code somewhat defeats even my understanding.”Full Article: Experts Find Serious Problems With Switzerland's Online Voting System.
Swiss authorities are trumpeting the fact that more than 2,000 would-be hackers from around the world have taken up an invitation to try to find holes in Switzerland’s groundbreaking online voting system — and potentially earn tens of thousands of francs (dollars) if they succeed. The Federal Chancellery and Swiss regions, known as cantons, expressed satisfaction at the high response barely a week after launching a registration for IT experts to help crack a planned update to Switzerland’s 15-year-old e-voting system. Among countries in Europe, only Estonia has a similar online voting program, a Swiss official said. The effort amounts to a coming-of-age of Swiss e-voting, or online voting, systems: After over 200 trials and the rollout of e-voting already in 14 of Switzerland’s 26 cantons, authorities now believe they’ve developed “completely verifiable systems” that they hope to introduce for the first time this year.Full Article: Hackers flock to hunt for cracks in Swiss e-voting system - StarTribune.com.
Worries over election hacking have led officials in Europe and the U.S. to consider a return to hand-counting paper ballots. Switzerland, however, is moving in the opposite direction, toward absentee electronic voting. It’s a useful way of keeping turnouts from falling, and the systems can be made secure and reliable. Since the scare of 2016, when U.S. intelligence services asserted that malicious Russian actors came close to hacking electronic voting systems and even cracked some voter databases, at least one country – the Netherlands – went back to counting paper ballots by hand throughout the tabulation process, not just at local polling stations. Dozens of U.S. states used hand-counting either solely or for backup in the 2018 midterm elections, and the states that failed to do so were criticized for ignoring security. … Recent research shows that electronic voting doesn’t boost interest in elections by much. In Estonia, which introduced e-voting in 2005, more than 30 percent of the vote is now cast online but the total turnout has remained stable – and low. Yet studies have also shown that having e-voting as an option can arrest a decline in turnout: Easy absentee voting is habit-forming.Full Article: Election Hacking: Bucking the Trend, Swiss Rely on Online Voting - Bloomberg.
Democracy bases its legitimacy on the promise to adequately and appropriately represent the population. However, a look at Switzerland’s system reveals some shortcomings: women, young people, foreigners and the low-qualified are often absent from political institutions. Democratic rights don’t fall from the sky. They are the achievement of brave people who demanded and fought for political rights for themselves and for their fellow citizens. Such efforts fighting for equality were also seen in Switzerland. Almost 100 years ago, the social and political situation in the country was explosive, and many were dissatisfied with living and working conditions; factory workers, in particular, felt politicians had abandoned them.Full Article: Left behind and locked out of Swiss democracy - SWI swissinfo.ch.
The Swiss government will make its future e-voting system available for a public intrusion test and is now inviting companies and security researchers to have a go at it. “Interested hackers from all over the world are welcome to attack the system,” the government said in a press release. “In doing so, they will contribute to improving the system’s security.” … A mock e-voting session is planned on the last day of the testing period, on March 24, but participants can attack the e-voting system before that, as well. To participate, companies and security researchers will have to sign up in advance of the PIT session’s official start. Signing up will give participants the legal permission to attack the system, will ensure the cash rewards will reach those who first report an issue, and it enforces a set of rules and restrictions on participants.Full Article: Swiss government invites hackers to pen-test its e-voting system | ZDNet.
The Swiss government has issued a 150,000 Swiss franc (US$149,790) challenge to online hackers; break into our new generation electronic voting system and we’ll reward you. The federal chancellery announced a dummy run election will be held from February 25 to March 24 and invited anyone who wants to display their online piracy talents to sign up at https://onlinevote-pit.ch. They can then “try to manipulate the vote count, to read the votes cast, to violate voting secrecy or to bypass security systems,” it said in a statement. The amount of the reward paid out will depend upon the level of intrusion achieved by each hacker.
Several federal offices in Switzerland are investigating whether online manipulation could affect upcoming elections, says a newspaper report. The Federal Office of Communicationsexternal link (OFCOM) has set up a government working group to look into the effects of artificial intelligence on the media and public opinion, writes the NZZ am Sonntag paper. This group was set up last September and is headed by the education and research ministry, spokesman Francis Meier told the paper. Last October Swiss intelligence chief Jean-Philippe Gaudin also warned that foreign actors could try to influence the next federal elections through online artificial intelligence, saying he would propose appropriate measures to the government.Full Article: Swiss look into online manipulation ahead of federal polls - SWI swissinfo.ch.
A committee of politicians and computer experts is launching a people’s initiative aimed at banning online voting for at least five years, putting an end on ongoing trials with e-voting in Switzerland. Representatives from right and leftwing parties on Friday said they were hoping to win pledges from 10,000 people to collect the necessary signatures for a nationwide vote on the issue. In total, the committee needs to gather at least 100,000 signatures over 18 months. They argued that the current e-voting systems were not secure, too expensive and easy to manipulate. Hacked systems could undermine trust in Switzerland’s system of direct democracy, Green Party parliamentarian Balthasar Glättli warned. People’s Party parliamentarian and Franz Grüter added the e-voting system in use could not guarantee the secure online transmission of a ballot. The move comes after parliament last September rejected attempts to block plans for the permanent introduction of electronic voting.Full Article: Opposition against e-voting project gathers pace - SWI swissinfo.ch.
Switzerland’s main business hub is very well connected globally and attracts many expatriates. But Zurich does not grant its foreign residents any say in political matters – an apparent contradiction in a country proud of its direct democracy. The authorities in Switzerland’s most populous city are now considering ways to enhance the participation of this important group. The city of Zurich has about 425,000 residents – 32% of whom do not hold a Swiss passport. Many are expats working for international or Swiss companies. They are highly skilled, hold good jobs and earn high salaries.Full Article: Zurich wants to ease political participation for non-Swiss - SWI swissinfo.ch.
Next year, Swiss authorities will put one of the country’s two e-voting systems up for attack by hackers – with a prize on offer for those who break it. The Organisation of the Swiss Abroad (OSA), a strong backer of online voting, has welcomed the confidence test. The test, organised jointly by federal and regional authorities, will take place over four weeks sometime in spring 2019, the NZZ am Sonntag reports. According to the newspaper, the Federal Chancellery has a budget of some CHF250,000 ($247,500) to implement the contest and pay the hackers; a figure not confirmed by the authorities themselves. Contacted by swissinfo.ch, OSA Director Ariane Rustichelli said that it was “a good sign that the Federal Chancellery, which is leading the project, is reacting to and taking seriously the fears [around e-voting]. Because, for about a year and a half now, more and more critical voices are arising, including in parliament”. The OSA, which represents the interests of the 750,000 Swiss living abroad, is a heavily involved in debates around voting rights and the rolling out of online ballots. “If we manage to show that e-voting is safe, this could boost confidence in the system,” Rustichelli said.Full Article: Swiss e-voting system to undergo ‘hacker test’ - SWI swissinfo.ch.