In an age where so many of us handle our banking, tax returns and bill paying online, many have asked why can’t we cast a vote via the internet as well? Last year, over eight in ten (83%) of UK adults were active online – just imagine if we saw this sort of turnout for 2020’s election. However, moving voting online has its own risks as well. And much of this is down to poor password security. Much of this insecurity is rooted in existing Electronic Voting Machines – or EVMs – which are already in use throughout the world. India, for example, adopted EVMs for its 2004 parliamentary elections, with 380 million voters casting their ballots on more than a million machines. In the United States, push button or touchscreen style EVMs have been used regularly since 1976. However, across the world, EVMs have been roundly criticized for being susceptible to hacking and fraud. In India, It was successfully demonstrated that the 2009 election victory of the Congress Party of India could easily have been rigged – forcing the election commission to review the current EVMs.
Complete electronic voting has been practiced in Estonia since 2005 – and the small country offered it as an option in its 2007 general election. However, independent security analysis of Estonia’s system revealed its security architecture was ‘dangerously out of date’, with ‘multiple ways that today’s state-level attackers could exploit the system to change votes, compromise the secret ballot, disrupt elections, or cast doubt on the fairness of results.’
And in the United States, EVMs have gone from bad to worse. After the constitutional crisis during the 2000 election – and the battle over ‘hanging chads’ in a Florida recount – over $3 billion was invested in new touchscreen voting machines. But this, say opponents, has made them more hackable than ever.