This is only my opinion, not that of anyone else, ok?
We good? Good.
So look I’m going to start this by stating three things you should know before we start:
Alright, so that’s out of the way!
This is going to be more of summary than my own argument - folks in the computer science sector do much better than I could, ok?
The Broad Context.
Folks at the University of Toronto have been arguing about the effectiveness of online voting for a quite some time. In particular, the Undergraduate Students’ Union - then SAC - has already once crossed and crossed back over that particular bridge. This decision was conflated with issues around voting for the Governing Council - which remains online - and student outcry, at the time, around how said system was handled.
In fact, back in 2004, when the system was still operational there were a few notable concerns about accessibility, literacy and other forms of access (like the noted Chesnut residence fiasco of that year). Funny enough, the spiritual predecessors to the current UTSU opposition have been pretty against this status quo (and, assuredly, the same inversely goes for the nearly a decade ago predecessors of the current UTSU exec). And you know how online voting is pretty utopic but, you know how folks often play dirty in elections? Yeah, still happened. UTSU/SAC elections have been an ungodly shitshow since time immemorial - no system will ever, ever fix that.
Just so we’re clear. Don’t make me dive into the archives to prove it, because I will goddamn it. Because, opposition, if that is part of your shtick on this issue, you people are in a never-ending dreamland.
Oh? Did I go off script here? Erm, ok, summary.
So, several years after the switch back to paper and the death of ole’ SAC and its rebirth as UTSU, this debate began anew! Mainly because the Administration created ‘voting.utoronto.ca’ which was nice and all, but still inherently flawed - which I’ll get to. Folks seem pretty mixed about it - again, even those who would be on the ‘Change’ side of things.
And then we get - pretty much to March of last year. The Scotts - Corey and Michael (one of which is my current counterpart over at UTSU, the other a member of my org) - both take relatively principled positions in this discussion. Both acknowledge the inherent flaws of online voting while each cite their sides’ noted benefits or the failure of the other. But ultimately, the important part comes not from what either say here - its common rhetoric - but from the example Bredin notes. Issues at Trinity and Rotman have seemingly been forgotten in recent discussions, while I question the validity of any ‘scrutineering’ that doesn’t include folks very adept at tracking and finding electronic fraud. Just sayin’.
But the article does raise another example I would like to look at…
Western University, or The Actual Problem for Students’ Unions.
So, what folks at UTSU and its opponents like to rag on about is administration control of the electoral process and that’s not entirely without merit… but it is really, really unlikely. The Administration at UofT is openly disinterested in diving too deeply into internal student politics and systems - we all know this, it would create too much chaos and give us the biggest piece of leverage we’ve had on them in decades. Besides, this doesn’t address the firmer issues. I mean, if that is your fear, saith the Opposition, why don’t cha’ just run a system yourselves? And that’s a damn good question. Why is it being asked? Because you boxed yourself into a corner. Ok, great.
But, the actual problem isn’t who is messing with your elections, but rather that your election system can be messed with - easily. In the case of our friends over at Western, one Keith Horwood hacked student elections there… because he could.
In Macleans, Horwood had this to say:
“My brain just exploded,” he says in the video, referring to when he ﬁrst realized the security ﬂaw. “It was like somebody had just put the world’s coolest toy or the world’s most attractive woman in front of me and they were like, stay away,” he says. “And you know what? I couldn’t.”
Yeah, this is what an actual threat looks like. Not some administration gaming the system from on high - but actual security breaches perpetuated by people who can and may not do so solely to alert others. If you’re wondering, that cost Western Undergrads a cool $14,087.
Similar cases are noted in that same article about the UBCSU and Queen’s AMS elections - one with some even more malicious, if simple hacking and one with poor, automatized voting lists.
But why should we stick with just Canadian examples!
As the Open Rights Group of the United Kingdom notes:
At London Metropolitan University’s SU, paid staff took the place of elected students in office between July and December 2008 because the incidence of online voting fraud had been so great. The election was eventually rerun in November. Around the same time, detection of online voting fraud at the University of Essex Students Union resulted in the instatement of a new President there. These two cases were only detected after complaints were made, and could only be identified because fraudulent votes were cast from a small number of computers. Because fraud is so hard to detect, many more incidents could have gone unnoticed.
As well, the ORG also warns of ‘guided voting’:
The traditional door-knocking approach takes on a new dimension when candidates and/or their supporters can “guide” voters through the voting process. There is nothing to stop a candidate / supporter watching over a voter, suggesting other votes that they might like to cast. This is especially insidious when, through membership to a particular party or group, a voter is under pressure to publicly conform to certain voting expectations.
University halls of residence house thousands of students in close proximity, all with network access. A single day’s concerted campaigning drive, with the emphasis on “guided” voting, could elicit more votes than a consistent month-long campaign though which candidates meet their constituency and refine their policies.
Yet, the issues noted in the United Kingdom and in Canada are not the sole instances of this type. Similar examples can be found throughout Europe, but those noted above serve as but a clear taste of the issues common with these systems. Ultimately, the fact is that either by way of purposeful fraud or – even more likely – a moderate test of skill for a person with capable enough computer science skills, student unions and our elections are the exactly right manner of low hanging, vulnerable fruit.
We are not seen as something too difficult to overcome, yet enough of a challenge to having something to talk about. Higher risk targets – while carrying more political weight in the world – may not be viable for those who are simply acting for their own amusement or to test their skill. I mean, even someone like Horwood isn’t punished so severely in this case as he would be in other, akin circumstance on larger targets.
At another time, I may dive a bit deeper in that area, but this is meant to be pretty broad. So, lets move to the specific issues.
Security is an oft-heard concern on this area, but one rarely hears – at least in the current discussion – a good, reliable source for such data. Well, I give you ACCURATE (A Center for Correct, Usable, Reliable, Auditable and Transparent Elections), an academic research unit funded by the National Science Foundation which has the sole purpose of investigating new, reliable ways to innovate in elections processes. Surely, surely such a body must be in favour of online elections? I mean, that would only make sense, would it not?
Well, no. In a report to the United States Department Of Labor, Office of Labor-Management Standards on the subject of utilizing online voting in trade union elections, the ACCURATE team instead stated that:
[R]emote voting over the internet in government elections has been limited to a number of special instances, often partisan primaries, and in each case it was never used again. There are no guidelines available for remote internet voting and it is the consensus of technical experts that remote internet voting is highly risky for any election process that requires strong voter secrecy, auditability and voting free from undue influences such as coercion and vote-selling.
ACCURATE’s initial definition is fairly clear in its meaning and intent, the team continues with further analysis of the technology at large and, in particular its remote use.
Advantages of electronic voting technologies include speed of tabulation, preventing overvotes and undervotes, accommodation of voters with disabilities and language difficulty as well as greater flexibility with the physical location from which the voter chooses to cast their ballot. Disadvantages include large numbers of security vulnerabilities, especially those useful for planting malicious code, but in the case of internet voting, vulnerability to denial-of-service attack, server penetration attack, and many types of insider manipulation and abuse. This is in addition to disadvantages associated with lack of observability, technology that has a much shorter life cycle, proprietary technology that can be difficult to prove will function properly, usability problems, and lack of voter verification leading to lack of auditability (meaningful recount capability).
While I disagree with ACCURATE on their point on accommodation of disabled voters – a point I will get to soon enough – their overarching view highlights the key security issues which would affect organizations of a similar size and nature as our own student unions – these are political bodies which require degrees of clarity which – as of yet – are not attained by technology.
This isn’t to say some of these issues are completely closed and will never be addressed – there are a number of theoretical and early stages models which may, in the long-term, re-open this debate. But, in the ‘now’, there seem only to be clear examples which highlight – in varying scales – the matters raised above. Equally, experts from across various fields seem to be in some agreement on this matter, as noted at a recent conference at Princeton.
Yet, let’s look at a larger example of these matters in action. In their paper, “Attacking the Washington, D.C. Internet Voting System”, authors Scott Wolchok, Eric Wustrow, Dawn Isabel, and J. Alex Halderman detail the exploits of Halderman and his team of students as they took part in an exercise to test the robust and boasted-about online elections system implemented by the District. The result?
Within 48 hours of the system going live, we had gained near complete control of the election server. We successfully changed every vote and revealed almost every secret ballot. Election officials did not detect our intrusion for nearly two business days—and might have remained unaware for far longer had we not deliberately left a prominent clue.
So, let’s recap: A small team of university students take down a system invested into by one of the more noted governmental bodies in the United States (although not a state itself) within two days. Now imagine for a moment, how easy it would be to subvert the comparatively less secure methods of online voting used by your average university or union – simply due to the money and time needed to perfect such a system. Are we so self-assured, so bold to claim we could hold up better – even when we know that we really are a more likely, less risky target to approach for those looking to aim lower than some political machinations? Such staggering lack of foresight would be notable.
These results and more have been enough to set some of the tone for many larger bodies in North America looking at online voting. Both California and Ohio have recently conducted reviews which found major issues with their electronic voting schemes which are not remote in nature, with such ideas blatantly disregarded entirely. In British Colombia, meanwhile, in its recent discussion paper on the topic notes a similar trend in the Netherlands, the United Kingdom and Germany. Equally, said discussion paper closes with a call for further and continued investigation of the technology before any attempt to implement it.
If these larger governmental bodies – a clear majority compared to the few that unbridledly embrace online voting – are willing to take pause and assess in the long-term regarding online voting, then how can we expect it ‘now’? If we were to do so, we ignore clear evidence, experience and concern which points to caution. Yet, folks claim that two particular benefits often outweigh prudence. So, now I’d like to take a look at the first.
Queens AMS: A case study in online turnout.
Alright, so let’s pull some information from the Queens’ Journal which might shed some needed light on the sheer variability of this matter of increased turn-out.
By Lauri Kytömaa, Queens’ Journal.
In spite of the fact that the writers of the Journal get in a few digs at UTSU for their comparably low turn-out and indeed that of other unions, the above graph should provide some needed context. What the author does play down slightly in the text of the article is the differing cultures in both unions – as evidenced by AMS’ consistent turnout rates and the differing sizes of both organizations which might also contribute to the organizations’ differing turn-outs for these elections.
So to breakdown some of the key pieces here:
Alright, so there is an increase after the online system was enacted. But what happens next? Well, as noted previously, Queens’ AMS suffers from an online voter registry problem, sending election calls and access to alumni, while leaving some students in the cold. Thus, the subsequent data from the Journal reflects a different than expected picture.
So what are we to make of this example? Well, overall AMS remained very consistent through the late 90s and early 00s – with and without online voting! Even the increase of 2010 was a mere three percent, while the largest drop in voter turnout is tied directly to the failures of the online voting system and the distrust it spread. Overall, the impact of the voting change – aside from the 2011 incident – was negligible to the wider history of their elections.
Similar ambiguities litter the literature on the subject – with the most positive being able to verifiably be said in cases from Sweden and the United States is simply that the data is at best, inconclusive. So then, with the risks of this manner of system known, are we – as students – willing to take such actions for a meager three percent? Yet, this is only one of two very troubling claims attached wildly to online voting. The other remains a bit more personal.
Accessibility for whom?
This claim is always one which tends to get on my nerves, greatly, especially as it is parroted by organizations like the AODA Alliance. While I generally love the Alliance’s work, in this case they and others wilfully mislead the wider populace into believing that Internet voting is some manner of cure-all solution to issues surrounding voting and disabled persons. However, while some of us may have access to adaptive technologies robust enough to do some of the web-workload to make these spaces accessible, the reality is that the web is not perfected for such tasks as of yet.
In particular, this argument relies on two planks. One, is the availability of enough, robust adaptive technology to deal with any hiccups in the process – which separates by class members of the disabled community. Second, it ignores the fact that the Internet has a particular set of standards for accessibility – the W3C’s Web Accessibility Initiative – which is often very difficult for developers to reach. To give some context, most social media platforms – including the one you’re reading this on – do not yet reach the desired A to AAA level of the standards (though, many are making more and more strides to try). These standards are the only which are well viewed within the community and, indeed, are the only which adequately deal with all factors which might impede one’s use of the Internet. Even governments, universities and other public bodies have difficulties in this area regularly. It would require great levels of testing, preparation and care before any online portal for voting could fully meet these standards at their higher levels and be truly accessible. This is not to claim it impossible – surely, these things will grow in ease, in time – but it is not the magic fix some seem to claim such actions could be. So then, if larger bodies still have issues with meeting this level, then how might we hope to for a students’ union election? How would we do so swiftly enough to ensure our claims of access were not hollow? This I cannot imagine or answer.
The Internet is for… transparency? For… the future?
But all of this isn’t to say the Internet is a void of contextless numbers and data, incapable of aiding in the process of transparency and fairness. I always find it interesting that the advocates of online voting seem to agree on this point with me, often in spite of ignoring the evidence noted above. With the limitations of this technology and its compromising of this principle in a voting context, one must look to other ways Personally, I am a huge fan of publishing audits and minutes in full online – a process in which nothing is harmed but information can be gleaned that could positively inform one’s choices and views with regards to the operation of their Union.
This isn’t aided by processes that place space between the Union and members. This isn’t aided by mechanisms that allow for increased coercion and odd manners of delay – one day, I’ll get into the MUN and OISE examples of this, but… not today.
Ultimately, I think we will inevitably find ways to overcome these issues in overall electronic voting, if not remote voting. There are many, many proposals to deal with both manners of e-voting.
But, the future is not today. While we might clamour for things ‘now’, we should be more prudent and we should take our time to study all of the methods and results that come our way first. There are many other election reforms – from ballots to methods of distance voting – which may yet be more possible to implement sooner. In all who would consider such things – including you, UTSU – do take things with caution, please, but do not shut your doors to innovation.
Both the path of rashness and the path of conservatism, in this case, can only be folly. Instead, let’s take our time, improve as we may, and let technology catch up to our ambition.
All the best,
OH, HEY JOURNAL. -
So, putting aside my political discussions for the day…
We launched Critical Intersections in Education today. One of the key projects that I’ve begun since starting at OISE, this issue has been. Like, I mean that extremely literally: Putting the groundwork for and working on this issue - in whatever form I’ve been doing so - has defined what I do here.
Would I have grown my interest in Open Access/Data/Source without it?
No. And if not, I don’t know where I’d be in pushing for this as a critical component to discussions on free education and the future of academia.
Would have I met two conjoined groups of academic people that have deeply impacted my life?
No. The folks that make up the Organizing Committee and Inaugural Editorial Board of CiE are huge parts of my life, a lot of them in ways outside of those bounds. Each of these folks I consider good friends, even if having been somewhat apart.
Would I be an Executive at the Graduate Students’ Union?
No. Without this role, I’d have never met the folks who’d be most supportive of me in this task and remind me - through their own tireless work - of the things I wanted to fight for. But, in another way, the journal was my first real step back into the level of involvement that I was known for elsewhere. Before that, I was careful to limit what I was doing, even while involved.
And while I can’t claim to have done the most work on this - I really, really haven’t - I feel all the same that I need to reflect on my good fortune. Can you believe that all of this came about by chance? It really did. I was walking by one day, unaware, and was just blowing some time. Folks said ‘You know, you should stay and check this out…’
One of the best decisions I’ve ever made.
Thank you friends.
And thank you to all of our wonderful authors and reviewers - you people are champions.
… Good night, friends.
just a quickie..wish you a very good 2013!