[E-voting] Election Observers verdict on London
Elections: "Insufficient evidence" to declare confidence in results
michael at hexmedia.com
Wed Jul 2 23:07:45 IST 2008
Glyn Wintle wrote:
> The Open Rights Group's report into e-counting of votes cast in the London Elections is out today. The report finds that:
> "there is insufficient evidence available to allow independent observers to state reliably whether the results declared in the May 2008 elections for the Mayor of London and the London Assembly are an accurate representation of voters' intentions."
> Votes for London Mayor and the 25 member London Assembly were counted electronically, and overall the election was well-managed by the independent body set up to run elections in London, London Elects.
> However, transparency around the recording of valid votes was a major issue, leading many of our team of 27 official observers to conclude that they were unable to observe votes being counted. And while hundreds of screens set up by vote scanners showed almost meaningless data to observers, London Elects admit that the system was likely to be recording blank ballots as valid votes.
> The report also details how London Elects are unable to publish an audit, commissioned from KPMG, of some of the software used to count the London vote, because of disputes over commercial confidentiality. The situation highlights the problems that arise when the very public function of running elections is mixed with issues of commercial confidentiality and proprietary software. In the context of a public election, it is unacceptable that these issues should preclude the publication of the KPMG audit
Interesting report, and a lot of the same issues that arose in Ireland some years ago, are coming up now in the UK.
I have a slight problem with the last part of this email though. It seems to imply (though maybe this was not intended), that publishing the result of
a software an audit would go a long way towards restoring transparency, and therefore public confidence in e-counting.
To my mind, electronic voting or counting systems need to be "software independent" ie, verifiable, independent of the
software that is used to record or count the votes. Once a system is independently verifiable, then the need to publish
these kind of audits simply goes away. Nobody demands that the software used to control planes or air traffic control systems
is *publicly* audited, for exactly the same reason, ie. the users of these systems don't need such an audit
in order to know whether the systems are working or not.
There is also a major question over how useful they are. Source code reviews (or audits) certainly have their place in software engineering,
but putting the issue centre stage in the public domain, may create an unrealistic expectation that they might guarantee to find
all potential problems, when clearly that is impossible. And also (as pointed out in the report) it is never possible anyway,
to review all of the software, because some of it comprises platforms (eg. Microsoft Windows) whose source code can't be made
available for such reviews.
More information about the E-voting