Electronic voting has been with us since 1960 but it had never been as relevant as now. The global pandemic has caused more than 3 billion people to be forced into confinement. We have not quite come to terms with how large the economic and social impact this crisis will entail. For businesses and individuals, the uncertainty is enormous.
The key is to have the agility to be able to make the important decisions when necessary. However, for many organizations it is not just about knowing what to do, but reaching agreements with shareholders and partners, and articulating them legally. Boards of directors, shareholders’ meetings, assemblies, plenary sessions or landlord communities are forced to hold online events. But how do we ensure the legal validity of these collective decisions? How can we avoid having voters or nominees contesting the results? In this article we explain some basic concepts so that you understand what electronic voting is and how to avoid unwanted situations.
Electronic voting systems
There are many electronic voting systems. Broadly speaking, we can classify them into two groups: casting systems and counting systems. Counting systems are the most widespread in the public sphere. A large number of countries use them in their general and regional elections. Casting systems are equally mature at the technological level, but their use is restricted mostly to private use – companies, associations, cooperatives, etc.
The law allows for the use of electronic voting systems in shareholders’ meetings, boards of directors, plenary councils and other governing bodies. In order to be able to do so with all the guarantees, there are two major requirements: duly guarantee the identity of the voter and prove the security of the system. In the next sections, we will explain a little bit more these two aspects.
Electronic identification means
The use of electronic voting in any kind of general meeting is allowed in most countries, provided that the identity of the subject with the right to vote is guaranteed. So the key to ensuring the legal validity of electronic voting is how to guarantee the identity of the voter .
Under British law (eIDAS) electronic signatures are defined as the set of electronic data that allow the identity of the signer to be duly guaranteed. Although the word may be misleading, an electronic signature is nothing more than a means of electronic identification. Therefore, in electronic voting processes, the voter must provide one or multiple pieces of data as means of identification before receiving the necessary rights to cast their vote.
Most of us are familiar with the electronic signature that we use when closing contracts digitally. This is what is known as qualified electronic signature. But there are two other types of signature included in the UK’s eIDAS regulation: simple signatures and advanced signatures. They are the two most widely used electronic identification means to guarantee the identity of voters in decision-making processes of private organisations.
Electronic signatures – whether simple, advanced or qualified – allow us to duly guarantee the identity of the voter. And, therefore, any of the three are useful when it comes to holding legally valid online voting. The main difference between them is the level of security they allow us to achieve. But before going into the details of the different types of signature, we must better understand how the identification process works.
Face-to-face identification vs. digital identification
An identification process consists of different steps. Some steps are more vulnerable to fraud than others and the entire process is only as secure as the weakest step. When we talk about digital identification processes we tend to obsess over possible security breaches. But, many times, we do not realise that face-to-face identification processes are equally vulnerable. Let’s see why.
The word identity comes from the Latin idem entitas (same entity). Therefore, to verify the identity of an individual we need two subjects, the individual itself and some attribute issued by an official body that allows us to make a comparison (a passport, a driving license, a national identity card, etc.) . Traditionally, this comparison has been made by a qualified person – a police officer, an official or alike. A person trained to avoid cheating and deception. However, we all know stories of twin brothers swapping to pass driving tests or to take it to the extreme you can buy a fake passport for as little as £700 on the dark web.
Some electronic voting providers claim that their systems are impossible to breach. But it is simply not true. The digital world is as vulnerable as the real world. The key is to minimize these risks as much as possible and always in accordance with the applicable legislation for each type of organization (public administrations, companies or associations) and transactions (using a friend’s bus card is not as egregious as buying a Louis Vuitton coat with their credit card).
Identification process in electronic voting
We have said that the security level of an identification process is equivalent to the security level of the most vulnerable step. But what are the steps of an identification process in an electronic voting? At Kuorum we view it as a four step process: registration, verification, identification and activation .
Imagine that a publicly traded company holds its shareholders’ meeting electronically. The first step will be to prepare a census. If a vote is required, only registered shareholders may vote. Before the vote, some adjustments will have to be made to manage the delegated vote and identify the authorized representatives of the legal persons with the right to vote. It is in this second step that the company in question will need to verify the identity of its shareholders. They will be asked for their ID or passport and, where applicable, the deeds that link their identity to that of the legal person they represent or a letter authorizing the person to whom they delegate their vote.
These first two steps are generally carried out by the company without the intervention of an electronic voting provider. And ideally, the security of the following steps will be equal to or greater than that of the previous two. In other words, an electronic voting provider must ensure that the security of its identification and activation system is less vulnerable than its client’s registration and verification system. If not, it’s like owning a high-end car and using retreaded second-hand wheels.
The third step, then, takes place on the voting day, when voters access the electronic voting platform to exercise their right. This is when voter identification takes place. To have a substantial level of security, it is important to carry out a two-factor authentication. The typical process involves asking the user for a piece of static data, for example a passport number, as well as a piece of dynamic data that is sent to them at that time, this is often a verification code sent by text or email. This is the level of security that banks require to authorize online financial transactions for their customers and it is also a reasonable level of security for the type of voting that we are dealing with in this article.
The fourth and final step is to activate (or authorise) the voter to cast their vote. Having already duly guaranteed her identity we now have to prove the integrity of the data provided. In other words, guarantee that the voter does not lose control over his account and that the data, once registered, cannot be altered by anyone. To do this, it is usual to apply timestamps; systems in which a trusted third party generates an alphanumeric key (or hash) that is linked to the date and time of the vote, as well as other data associated with the voter (personal data, IP address and device from which she voted, etc.). If the data is altered, we will ask the trusted third party to regenerate the alphanumeric key. And if it does not match the initial one we will know that the data has been altered. An alternative to having a trusted third-party time stamp is using blockchain technology, which allows for something similar without needing a certifying authority.
Simple, advanced and qualified electronic signature
Now that we fully understand the complete electronic identification and voting process, it is easier to distinguish between simple and advanced electronic signatures. The first allows us to properly guarantee the identity of the voter, generally thanks to secure two-factor authentication. The second, in addition, guarantees the integrity of the data, thanks to a qualified time stamp.
The simple electronic signature is, therefore, less secure than the advanced one, but it is equally legal depending on the type of organization and the importance of the decision at stake. The result of a simple signed electronic vote is a voting record. While with the advanced, signature documents are generated that collect all the identification evidence and add a qualified time stamp. These documents are admissible to trial as documentary evidence and therefore make it highly unlikely for to vote to be challenged successfully.
Finally, as we have mentioned before, in addition to the simple and advanced electronic signature, there is the qualified signature. For an electronic signature to be qualified, the first two steps of the aforementioned process must be carried out face-to-face by a recognized certification service provider (for instance, the Police), who will then generate a qualified signature certificate. Although it is the most secure signature of all, it does not allow us to carry out a completely online process and involves far more effort from the individuals who are voting.
What electronic voting system should I choose?
To know if your electronic voting process is completely legal, you must first know what regulatory framework applies to your organisation and the type of decision that will be made. This rule – be it a Publicly Traded Companies Act or in the Bylaws of your organization – will require, at least, that the identity of the voters is duly guaranteed. And, in order to do that, you can choose from either simple, advanced or qualified signature. Whichever form you choose, make sure your provider offers secure two-factor authentication and complies with the National Security Scheme. And if in your case it is essential to guarantee the integrity of the voting records, opt for an advanced signature with a qualified time stamp.
We know that the technical vocabulary is not very intuitive. But if you reread this article calmly, you will see that it is actually easier than it seems. At Kuorum we have been helping public and private clients in seven countries with their electronic voting. If you have any questions or would like to talk to an advisor, you can always contact us.