One of the major concerns over e-voting is the reliability of the software. The combination of low quality and high secrecy has made this a particularly potent issue on many occasions in the United States. It is a wider issue than that, however, as – unlike, say, online banking – one of the big issues with e-voting is that no-one knows what the result should be.
Spotting a mistake is much harder than in the world of banking, where people know what transactions to expect on a bank account and have external sources of evidence as to what they should have been. The secrecy over individual people’s votes means you don’t have the same sort of safety nets – and so any software needs to reach an even higher standard, and it’s even harder to win the public’s trust.
Which makes Estonia’s move interesting:
Estonia, which created the world’s first nationwide Internet-based voting system, has finally released its source code to the public in an attempt to assuage a longstanding concern by critics.
“This is the next step toward a transparent system,” said Tarvi Martens, chairman of Estonia’s Electronic Voting Committee, in an interview Friday with ERR, Estonia’s national broadcaster. “The idea, which was the result of joint discussion between numerous Estonian IT experts and the Electronic Voting Committee, was implemented today. We welcome the fact that experts representing civil society want to contribute to the development and security of the e-elections.”
Martens and his colleagues have now put the entire source code on GitHub—previously it was only made available after signing a confidentiality agreement…
Previously, e-voting critics such as Barbara Simons, the former president of the Association of Computer Machinery, told Ars that the lack of open source software was a strike against trusting Estonia’s system.
“We don’t know how the Estonian system is working,” she told Ars in 2012. “We do know that the second largest party thinks that the voting was rigged in 2011. The reason they think it was rigged was that the ballot counts online were different than the paper version. There are possible explanations, but I couldn’t say that it was rigged—there’s no way that anyone can prove anything. [The Estonian government] won’t let independent security experts review it without signing a nondisclosure agreement.”
Reached for comment on Friday, Simons said she was still skeptical.
“I think it’s good that the source code has been released, but it doesn’t prove that the released code is what is used during the election,” she told Ars. “We know that last minute code changes can be made with no independent oversight.”