pictfor: democracy 2.0

Last night I went up to Westminster for a Pictfor meeting; this time, Parliament 2.0: How can the internet revolutionise British Democracy. The panel speakers were, Jaan Priisalu, Director General of the Estonian Information System’s Authority, Katie Ghose, CEO, Electoral Reform Society & Ruth Fox, Director, Hansard Society, while the meeting was chaired by Stephen Mosley MP, it was kicked off by the John Bercow MP, the Speaker. The centre piece of Bercow’s speech was an introduction, for me at least, to the Speaker’s Commission on Digital Democracy which is reviewing Representation, Scrutiny and the legislative process. Jaan Priisalu talked about Estonia’s e-voting paltform, while Ghose and Fox spoke about democratic engagement.

Parliament 2.0

Interestingly, Bercow said, he can’t make it a Speaker’s Conference, because only the Government can convene those. Bercow and Parliament are proud of the Wright reforms of 2009 which introduced the Commons election of Select Committee chairs , the creation and empowerment of the backbench business committee and the introduction of the E-Petition system. These reforms were all designed to make the Government more accountable to backbench MPs and in the case of e-petitions the citizens. The current increased independence of the House of Commons from the executive has been reinforced by two additional factors, the first being the fact of coalition, no Party has a majority, this reduces the power of the whips and also that of the Prime Minister, and the number and quality of the 2010 intake, the best of whom have been happy to use the Select Committee system as a platform for their political agenda.

Bercow raised the question of whether they could introduce e-voting into the House of Commons, stating that there was backbench opposition to this since it reduced the chances for front and back benchers to mix. He pointed out how much time is spent, voting and counting. The time spent also reduces the number of votes held on the floor of the House. Maybe he should start in the Lords? The IT security concerns exist of course, but this is pretty common around the world; and since their votes on matters of public policy should not be secret, the systems could be self-auditing i.e. MPs would not allow themselves to be wrongly recorded.

Another issue raised by Bercow, is the way Parliament presents its own data to us. It’s good to see these questions asked, and I’d like to see the videocasts better indexed, maybe having a common index for the verbatim text reports (Hansard) and the videos, atleast the abiulity to select a debate, or a speech from the videocasts. He should look at the copyright terms for the right to re-use the videos. They are quite restrictive, not the least in the requirement that re-use doesn’t bring parliament, or an individual member into disrepute. This relies on the disrepute not being made by the members themselves.

westminster1-w500

Learning from e-Estonia

The first panel speaker was Jaan Priisalu, the Director General of the Estonian Information Systems Authority, Estonia’s CIO if you like. Estonia has the reputation as the country most fully embracing the digital platform, famously having a government e-ID solution and delivering all services including elections over a distributed computing platform. Estonia describes it’s digital platform here, on their E-Estonia site.

So the reason for being invited was to explore Estonia’s e-voting record and to determine what lessons can be learnt. Pictfor’s briefing paper as have other contributions to the debate was concerned about turnout and legitimacy. The Pictfor paper highlights the declining number of the young people and asks if e-voting might reduce the falling turnout.

Priisalu’s speech raises three questionably solvable issues, of IT Security, Scalability & political acceptability.

IT Security

Estonia have been using e-voting for their Parliament since 2007 and they have a government mandatory e-ID scheme. The wikipedia page, Electronic Elections in Estonia,  reports that the independent IT security auditors criticise the scheme, which relies on a mandatory e-ID scheme. wikipedia states, in the article,

Despite praise from Estonian election officials, computer security experts that have reviewed the system have voiced sharp criticism, warning that that any voting system which transmits voted ballots electronically cannot be secure.[3] This criticism was underscored in May 2014 when a team of International computer security experts released the results of their examination of the system and found they were able to breach the system,change votes and vote totals, and erase any evidence of their actions.[4] The independent security experts called on the Estonian government to halt all online voting.

James Buckley looked at this in his book Banana Republic UK, which I reviewed here. I said,

Buckley looks at the limited use of electronic voting in the UK and mentions the campaign in Holland to outlaw e-voting in public elections. The use in the UK provides significant evidence that e-voting is less accurate, more costly and opaque; it is not possible for candidates and the appointed public officials to observe and supervise the count. While he leaves conclusions to the reader, it’s clear he opposes the extension of e-counting; he’s right we should.

In the UK, the Open Rights Group state their policy here, which has links to their two reports on the UK’s practical experience in England & Scotland in 2007 and in London in 2008. They say,

e-Voting may seem to make politics more accessible, but it in fact damages citizens’ trust in politicians and the wider democratic system. This is because e-voting works against electoral security and transparency.

….

‘Black box’ technologies are fundamentally unsuited to democratic elections because they frustrate confidence in the final result. Simply put, nobody knows whether the votes cast agree with the declaration.

In addition, using these expensive technologies will not solve the problem of dwindling voter turnout.

The ORG reports which are linked to on their policy page, are harsher since they detail a number of practical failings and document the fact that e-voting is harder for some people, and that it disenfranchises them. In fact the best statement of their policy which while dated 2007 is on a page called E-Voting Briefing Pack. For those interested, and yet to be convinced, I recommend that you look at all these. They also pickup the issue of impersonation, anonymity, coercion and vote buying. In the briefing pack they quote, Bruce Schneier,

a secure internet voting system is theoretically possible, but it would be the first secure networked application ever created in the history of computers.

Priisalu argues that it’s not possible to stuff the e-ballot box without being noticed. I wonder how that would be? Where is the control sample? Are we relying on private sector polling?

Estonia probably spends less on Government than either the Russians & US spend on e-spying. Is it really reasonable to expect Estonia to be able to keep its IT systems safe from dedicated and rich attackers? It needs to be born in mind that brute force attacks are becoming cheaper by the day due to Moore’s Law and that on the whole the IT industry, if one includes the military & criminal investment spend more on hacking than cyber-defence. IT Security has economies of scale, and to cap, it all I’ll bet most of their hardware is made in the US, which must be considered a compromised source. We should also beware the growing trend to criminalise IT security research, essential if citizens and corporations are to protect themselves against surveillance and identity theft.

Any system would have to exist within the context of Brewers Cap Theorem and deliver confidentiality, integrity and availability.

Scalability

There are 1.3m citizens in Estonia of which ½ million voters voted in its last parliamentary election; the UK has 27.1 million. This is a huge difference in the question of scale. The UK has 650 constituencies with in an urban constituency about 15 polling districts. Building an identity management system, a voter capture and counting system for the UK is probably possible, but Estonia is not a relevant example for the UK. The attempts to build UK wide national systems for the health service do not auger well for this size of project. Scalability architecture is one of the areas in which improvement is being made all the time. The existence of Facebook also shows this can probably done. It should be considered that such system would have to be distributed and thus we have a CAP theorem trade off between availability and consistency.

tallin-w500

Political acceptability

The UK has recently decided that it doesn’t want a government owned and controlled electronic ID system. Although it seems we do want a surveillance state and secret courts. Go Figure! It should be noted that nowhere in Priisalu’s presentation was the word privacy mentioned and while as members of the EU they must conform to the EU acquis, they don’t for instance consider the tcp/ip address to be private data. The UK is clearly conflicted on the issue of privacy, with a very large number of people objecting to mandatory national ID systems, even if they’re prepared to micro-blog their lives on Facebook.

E-Voting is not a secret ballot. Can I call dibs on two new IT laws?

  1. If a database exists, it will be misused, with or without court permission.
  2. No e-voting system can maintain secrecy of the ballot and be transparent in its results.

I question whether once, the conflict between secrecy and transparency is understood, and the inexorable failure of any IT system to meet both these goals,  that e-voting would be acceptable.

But in terms of political acceptability, the killer arguments are that,

  1. it does not do what its proponents want. There is no evidence that it increases turnout, and no evidence that it attracts the young to voting. In Estonia, it’s proven to increase the turnout amongst the older, at the expense of the young.
  2. It’s also more expensive.

Katie Ghose in her contribution moved the debate to a different place. The response to turnout must be political and include increasing the relevance and choice available. This was not framed as a plea for a proportional voting system but I understood it to be a plea to end triangulation so that when people vote they have a choice of programmes. Also perhaps Parliamentarians need to review the traditions of the House and behave in a less elitist way so that citizens return to the habit of voting. There is little doubt that there is a massive alienation with traditional politics. Ghose repeated the statement that there is no evidence that e-voting increases turn out and as CEO of the UK’s largest non-profit 3rd party election manager, she should know. (I’d also add that Frances O’Grady should look at this since she and the TUC are suggesting e-voting as a response to the Tory allegations that strike votes lack legitimacy.)

Ruth Fox of the Hansard Society raised a couple of important and more theoretically grounded points. The web destroys hierarchy and enables peer-2-peer; you wouldn’t believe it looking at Google and the Telcos but the Cluetrain Manifesto has it right. Social media & the internet disintermediates professionals and thus it would seem that the adoption of social media empowers single issue groups and possibly threatens the traditional political party which may be why the Government has sought to gag them until the next election. Fox argued that it may enable the journey from Representative Democracy to a more Direct Democracy which is why the Speaker’s Commission’s focus on scrutiny and law making maybe its biggest impact. Fox also quoted the e-petitions initiative. The Coalition amended the system so that petitions obtaining 10,000 names will get a Government response, while retaining the rule that petitions with over 100,000 will be considered (by the backbench business committee) for a debate in parliament. (We should note with some cynicism that the back bench business committee has a governing party majority albeit with an opposition chair, although the record of success in obtaining parliamentary time is impressive. A 100,000 person supported petition needs an MP sponsor and the Backbench Committee can reject the call for a debate. While it clearly is a source of engagement, it also seems to be a useful tool for opposition MPs from smaller parties.

What I said!

The meeting finished with a contribution from me. As I said, one comment, one question.

The technology today, cannot deliver a secret, trustworthy ballot. Closed proprietary software will never do so. When or if we go down this route, the software must be open source.

The question was about campaigning movements turning away from the e-petitions site. The problem is that the signature list belongs to the government; the campaign cannot engage with the signatories. They have a choice in building a relationship with their supporters or giving the list to the e-petitions site, where the risk is they’ll be ignored. Organisations such as 38 Degrees are choosing to own their relationships. Also there has been much reporting of MPs devaluing their email correspondence if they believe that they have been suggested or written by single issue campaigns. Frankly I take the view that if I send a form letter, I should expect one in reply, but are we getting to the point where these emails are a form of robot spam with the systems of 38o contending with the IT systems of the political parties. For the record, I always try and personalise the letters and make them speak with my voice, and I also qualify my commitment. It would seem however that the inclination to devalue these campaign initiatives is too high. It’s for MPs to determine their own mandates but since we started from the point that we all want more involvement in the democratic process, ignoring or devaluing emails is not a good way to do this. I’d ask MPs to try to find a way.

ooOOOoo

I thoroughly recommend looking at the ORG resources,

  1. their Briefing pack
  2. 2007 report
  3. 2008 report
  4. Response to London Elects’ Manual Count vs Electronic count cost benefit analysis

I am a member you can join here.

org-logoWhat parliament and an informed outsider have to say about the E-Petitions process

  1. The backbench business committee’s e-petitions page
  2. thought undermined on the UK’s e-petitions system by the author at thought undermined

The featured image is one of mine on flickr, CC BY-SA, the two pictures in line are documented by their title attributes.

Comments are closed.