Internet voting in elections: François Bayrou’s whim

Internet voting in elections: François Bayrou's whim Cybersecurity

Counting of the first round of municipal elections, on March 15, 2020 in Saint-Lô (Manche) – Photo Xfigpower / Wikimedia Commons / CC by-sa

Ah, the modernity of these French politicians convinced that science and technology will save the world (and if possible their career) … Like Giscard once sure that sniffer (oil) planes were a great asset for energy in France, such Sarkozy taking the genetic character of pedophilia or the tendency to suicide after having considered screening kindergarten for problem children, here is the short-lived (one month in 2017) Minister of Justice François Bayrou who is holding the martingale to improve the electoral life: online voting, or according to its name “digital voting” (it will have spared us at least “digital”), via the Internet.

“Nothing is easier”

Invited Sunday May 24 on BFM TV, François Bayrou spoke of the municipal elections, and proposed that we experiment in the second round (scheduled for June 28, except the rise in the epidemic of Covid-19) postal voting (used until in 1975 in France) and “digital voting, Internet voting”.

“We do it for the associations of anglers, for the union organizations, the union organizations, all of the consultations to appoint representatives, particularly among teachers.” “Nothing is easier than guaranteeing the fairness of the ballot because all the electoral lists are digitized.”

According to the former minister, it would be enough for each citizen to send a photocopy of his identity card or his electoral card to receive a code with which to vote online. For him, the question arouses in France a “blockage” which he considers absurd.

“I am sure it would increase participation. So if the state does not want to do it, let it accept that certain municipalities do it.” And to suggest that his city of Pau experiment with Internet voting.

Like the anglers? Uh …

Let’s take up the arguments of the former Minister of Education:

– “We do this for the associations of anglers, union organizations, all of the consultations to appoint representatives, particularly among teachers”. The importance is not the same between an association of anglers and political representatives: not sure that malicious hackers would seek possible flaws to alter a vote in an association, while for a big city – let’s not even speak not deputies or the President of the Republic – the stakes are much higher.

– “Nothing is easier than guaranteeing the fairness of the ballot because all the electoral lists are digitized.” For a politician, the hodgepodge of this sentence is scary: the only (relative) certainty would be the composition of the electorate, but in what way would the digitization of voters’ lists guarantee the sincerity of the ballot? If the Internet access of districts that vote “badly” (from the point of view of a possible cheater) is blocked during voting, or if the voting software has been tampered with by diverting 10% of the votes for candidate X to candidate Y, while displaying an X vote on the voter screen, what does it have to do with the list of electors?

– Each citizen, once admitted by his identity card or his voter card as entitled to vote in such a constituency, would receive a code with which to vote online: what are his guarantees that nobody previously had a copy of this code? Isn’t there a code sending him on a fake voting platform mimicking the real one while others will use his digital identity to vote for him?

– As for the sincerity of the ballot, let us remind the forgetful mayor of Pau that when we vote at home (or elsewhere than in a voting booth in a polling station), nothing guarantees against pressure – a spouse, a parent obliging to vote for such a list – or against the purchase of votes – a representative of such a list alongside the voter checks his vote before paying, for example.

Risks highlighted in 2006 in France

The debate, this so-called “blockage” pointed out by François Bayrou, has existed for a long time. Already in 2006, on the occasion of the online vote of French citizens abroad, experts had made harsh conclusions against this method of voting.

The report by François Pellegrini, lecturer in computer science at ENSEIRB (since then, university professor and member of the CNIL), commissioned by ADFE (Democratic Association of French Abroad), noted:

“The use of any system leading to the dematerialization of suffrage information should be avoided. In cases where it is necessary to implement a remote voting mechanism […] the most reliable mechanism remains paper postal voting. ”

On the role of assessors: “I do not think that the sincerity of a dematerialized ballot such as this can be guaranteed, neither by them, nor by me, nor by anyone.”

Internet voting (unlike a “simple” electronic vote, where the voter is in the polling station and not remotely) creates a radical change to the “nuisance scope of a potential fraudster”: the Pellegrini report mentions denial of service attacks (DDoS) and especially those where the voter could believe that his vote was taken into account when he would have been blocked and made for him by possibly changing the content without it being noticed glimpse.

“The possibilities of circumvention are multiple”

Another report from 2006 following the vote of French nationals abroad, that of Bernard Lang, computer research director, mandated by the Union of French Abroad.

He noted in particular that:

“Without a physical trace allowing the recount, the question arises of the confidence that we can grant to the system and to those who implement it, because what is happening in the machine is not observable, and the possibilities of workarounds are manifold, not to mention unintentional errors.

This problem becomes inevitable when considering remote voting via the Internet, as it is then impossible for the voter to directly control a physical ballot. (…) In addition to the problem of trust in vote recording and counting software, there are the risks inherent in network connection: attack on voting servers, attacks on voting machines, and attacks on communications. .

For example, we can in particular note that, in addition to the compromise of private computers by computer viruses, many agents have the possibility of modifying more or less freely the behavior of private computers, in principle exclusively for the evolution or the maintenance of software therein, connection software for AOL, technical protection of rights for Apple and others, maintenance of application software or operating system. This could both unlock the secret of the vote and change its orientation. ”

A Modem bill

Last but not least, remember that Bruce Schneier, renowned IT security specialist (among other members of the board of directors of the Electronic Frontier Foundation or EFF, and of the Tor project), opposed to online voting, pointed out in 2016 that “over years, more and more states [fédérés américains, ndlr] went to electronic voting machines and flirted with Internet voting. These systems are not secure and are vulnerable to attack. ”

What if politicians did a little research on past experiences and with experts (i.e. not just software or machine vendors with an interest in flattering their technological solutionism) before launching questionable claims?

It’s off to a bad start: Modem deputies tabled a bill this week, according to which “voters can also vote by post, either in a sealed envelope or electronically using hardware and software allowing secrecy of the vote and the sincerity of the ballot “, according to the terms fixed by decree.

According to the latest news, the Minister of the Interior Christophe Castaner would not be favorable to this idea.

Rate article
Add comment