Facebook Isn’t Going Anywhere

In the wake of the Cambridge Analytica scandal, there are calls for people to delete their Facebook accounts. Similar calls have gone out in the past following Facebook-related scandals. As the years have unfolded following each scandal, Facebook has become more and more integrated into people’s lives while, at the same time, more and more people claim to dislike the service. I’m confident that some thousands of people will delete (or at least deactivate) their accounts. But I don’t think that the Cambridge Analytica scandal is going to be what causes people to flee Facebook en mass for the following reasons:

  1. Few people vote. And so they aren’t going to care that some shady company was trying to affect voting patterns.
  2. Lots of people rely on Facebook to keep passive track of the people in their lives. Unless communities, not individuals, quit there will be immense pressure to remain part of the network.
  3. Facebook is required to log into a lot of third party services. I’m thinking of services from my barber to Tinder. Deleting Facebook means it’s a lot harder to get a haircut and impossible to use something like Tinder.

Now, does this mean Cambridge Analytica will have no effect? No. In fact, Facebook’s second-worst nightmare is probably an acceleration of decreased use of the social network. So if people use Facebook hesitantly and significantly decrease how often they’re on the service this could open the potential for other networks to capitalize on the new minutes or hours of attention which are available. But regardless, Facebook isn’t going anywhere barring far more serious political difficulties.

Online Voting Continues to Rear Its Ugly Head

From an editorial in the Cape Breton Post:

Elections Nova Scotia also touts “a dozen ways to vote.” But that’s a little misleading. Nine of those “ways” involve a write-in ballot.

Conspicuously, none include electronic voting. The significance of Doiron’s claim that Elections Nova Scotia’s changes will make it easier for people to vote fizzles when we consider the fact that electronic voting allows people to vote from virtually anywhere.

The Cape Breton Regional Municipality successfully implemented e-voting during the last round of municipal elections in 2012, with 26,949 — or 32.8 per cent — of CBRM electors voting electronically.

And as Postmedia News recently reported, Elections Canada has been touting Internet voting since 2008, although budget cuts put the kibosh on plans to introduce online voting in byelections held this year. But at least Elections Canada acknowledges the potential value of e-voting.

So, what are the chances of an elector voting electronically in a provincial election anytime soon?

“The registration and voting and the security — maintaining the integrity of the election — is still a very tricky game,” Doiron told the Globe and Mail. “And that’s one of the reasons that no provincial or federal authority has online voting yet because it’s just not secure enough for the kind of integrity we have to deliver.”

The CBRM had e-voting success. And at the federal level, barriers to implementing electronic voting seem to be more fiscal in nature than about security.

I’m curious as to how the author of this opinion piece concludes that fiscal issues are more significant than security issues. I presume that they are referring to Elections Canada’s decision to scrap an e-vote test, but despite not running the test the federal agency recognized that security was an issue with online voting.

These security challenges have been highlighted repeatedly: a recent election in Nova Scotia used online voting, and officials cannot guarantee that votes were recorded properly based on significant technical deficits. Similarly, voting events during the NDP Leadership election in 2012 suffered from third-party interference, which ultimately caused people to not vote. Moreover, even if the servers that recorded votes in both situations were secured all of the intermediary systems were not; consequently it is functionally impossible to assert that the malware-ridden computers that people vote on or intermediary network points didn’t alter voting outcomes.[1] This isn’t to say that malware or intermediary interference did affect the outcomes, but that the authoritative conclusions of online votes are much, much weaker than those reliant on paper ballots.

Voting matters. A lot. And folks that insist that we can ignore the security and privacy issues either don’t care enough to learn the detailed problems of online voting, or don’t seem to care that most verifiable online voting mechanisms enable the tracking of how people vote. That kind of tracking is something that a large number of people fought hard to excise from our democratic electoral systems. We invite it back in at our peril.

For more on this point, see “Online Voting and Hostile Deployment Environments”  ↩


Will the BC Services Card Be Used for Online Voting?

Last year Rob Shaw wrote a piece for the Times Colonist about online voting in British Columbia. (This is a Bad Idea by the way, for reasons that are expounded elsewhere.) At the very end of his article, we read:

B.C.’s flirtation with online voting coincides with changes to its information and privacy laws last year that paved the way for high-tech identity cards.

The government has said people will one day be able to use the cards to verify their identity and access Internet-based government services, including, potentially, online voting.

No government document released under FOIA laws that I’ve read has stated voting as a driver of the card. However, this isn’t an indictment of Shaw’s reporting but of the government’s unwillingness to fully disclose documents pertaining to the Services Card.

To be clear: there is no good reason to believe that the Services Card will be particularly helpful in combating the core problems related to online voting. It won’t actually verify that the same person associated with the Card is casting the ballot. It won’t ensure that the person is voting in a non-coerced manner. It won’t guarantee that malware hasn’t affected the computer to ‘vote’ for whomever the malware writer wants voted for.

The Services Card is (seemingly) a solution looking for a problem. Voting is not one problem to which the Card is the solution.


Could Email Undermine the 2012 American Election?

In the aftermath of Hurricane Sandy, some of the polling stations that would have been used by Americans to cast ballots are gone. Moreover, some citizens in New Jersey are unlikely to either find their new polling station or take the time to find a station and vote. Quite simply, they’re rebuilding their lives: presidential politics aren’t necessarily centre of mind at the moment.

In the wake of the disaster, New Jersey will let some voters cast their ballots by fax and email. One American expert has identified a range of possible attack vectors that could be used to compromise people’s votes. He’s quoted as saying,

Those are just some of the more obvious and potentially catastrophic ways a direct security failure could affect this election … The email voting scheme has so many ways it can fail or that doubt can be cast on the integrity of the results, that if a race somewhere in New Jersey is decided by email ballots, it seems almost guaranteed that we’re going to have a bunch of mini-2000-in-Floridas all over the state.

In addition to basic security concerns around voting, it’s critical to understand that voting by email (effectively) removes secrecy provisions. Messages will not have to be encrypted, meaning that if employees cast their ballots at work then their employer(s) could ascertain how their employees are voting. This is an incredibly serious issue.

In the best of worlds, the New Jersey elections won’t rely or depend on the emailed votes to determine a winner. This said, even if the votes don’t change the local results – if individuals win seats by sufficient margins that the emailed ‘ballots’ wouldn’t affect who won – the national vote could the endangered if the New Jersey voting system is connected to the national system. The risk, here, is that if an attacker could compromise the New Jersey voting infrastructure (perhaps by sending an infected attachment to an email message) then the rest of the infrastructure could also be compromised. Such an attack, were it to occur, could compromise not just the New Jersey results but, potentially, races across the United States.

While it’s evident why the government decided to let people vote by email – to ensure that Americans could cast their ballot despite the horrific natural disaster – these good intentions could result in very, very bad results. Worse, it could encourage trust and confidence in online voting systems more generally, systems that simply cannot be adequately secured (for more as to why, see this and this). While paper ballets are infuriating for many they remain an ideal means of confidently expressing voting intentions. While alternate approaches certainly need to be considered to let people vote, especially in times of crisis, voting by email is not an idea that should have been contemplated, let alone adopted, as a solution to the Sandy-related voting problems.


Internet Voting is a Bad, Bad Idea

Last year The Star ran an article detailing the merits of online voting. You get the usual benefits: increased turnout, happier constituents, and enhanced convenience. What the article entirely misses, of course, are the security and associated legitimacy issues linked with voting online. An academic blogger, writing before the article, notes that:

‘securing’ the Internet is a Herculean task. It absolutely cannot be regarded as a ‘secure’ development environment, especially when dealing with matters that are highly sensitive to political, technical, and social fault conditions. Such conditions may be worse that a fail condition, on the basis that faults generate fear and concern without a clear indication that something has gone wrong. In the case of an election, a perceived exploitable fault condition threatens to undermine political legitimacy and politically-generated solidarity on grounds that electoral results might be questionable. Thinking back our bridge example, a ‘fail’ might be a bridge collapsing. A ‘fault’ might include cracks spanning the support columns that cause motorists to avoid using the bridge out of fear, even though the cracks do not endanger the bridge’s stability. If ‘faults’ cannot be corrected, then there may be general fear about the validity of an election even if the election is not manipulated. If a ‘fail’ condition occurs but is not detected, then there may be a perception of electoral legitimacy without the election actually being legitimate.

Elections are not something to be trivially tampered with. Heightened conveniences should not trump electoral security and legitimacy. While paper voting is annoying it is a far more ‘secure’ method than online voting mechanisms. It really isn’t too much to ask/expect of people to mail in a vote, go to a polling station, or (quite reasonably) abstain from the process for their own reasons. We should not undermine a foundation of democracy just to make things a little bit more convenient.