The Dangers of Electronic Democracy

Surely — you will be wondering — the author cannot be so Luddite as to object to the replacement of 19th-century paper and pencils with something more modern?  Well, yes, actually he can.

The lesser risk: rioting

It is dangerous to automate a procedure without first knowing what it is for.  If you think that the whole electoral apparatus exists to count votes accurately, then there can be little argument against using computers to do the job.  But in fact the job of an electoral system has nothing very much to do with getting the sums right and everything to do with reaching a result that everyone can agree on.  The difference sounds hair-splitting but it is crucial.

Consider a UK general election.  As polling day approaches, the governing party is trailing badly.  All its members expect it to lose the election: even the outwardly confident Prime Minister has put some of the china into packing cases in anticipation of having to leave 10 Downing Street in a hurry.  The exit polls confirm the trend, and the BBC can write the structure for its election night programme in advance: an inexorable process of change, old faces vanishing, new faces appearing, the dawn of a new age.

But then, as the results start trickle in, a strange thing happens.  Tiny discrepancies appear between the projected results and the results announced by the returning officers.  In key constituencies the swings aren't quite what they should be, and seats stay put that should have changed hands.  Reality starts to diverge from the pre-planned plot.

Representatives from the companies that supplied the voting machines are hurriedly called in.  They give every assurance that their machines cannot be fooled; that no "back door" exists that could allow subtle biases to be introduced; that no activist could have thought up a way to fool the machine and swing a few votes in the opposite direction.  They talk high and elevated jargon and convince their fellow experts but no-one else.  Outside the studio the rumours start: of clever hackers (we all know that hackers are omnipotent), or of simple scams such as relabelling the buttons on the machines.  No proof exists — by the nature of things, no proof comprehensible to the ordinary voter could ever exist — but it is obvious what the government has done.  The riots start.

Except for the last paragraph, this is an exact account of what happened in the 1992 General Election.  Not only did the Conservatives expect to lose: many of them were looking forward to losing, as a way of settling old scores ("It was your fault" "No, it was yours") and having a good rest.  But they failed to lose.

The point is that we all know how to run paper-and-pencil elections.  When the baying crowd is threatening to storm the town hall and hang the people responsible for fiddling the results, the returning officer can bar the way and say, simply, "Send in your children and let them do the counting".  Everyone knows how to count bits of paper.

As for forging bits of paper or stuffing ballot boxes with fake votes — we know how to do that, too, which means that we know how to ensure that it isn't done. Ballot papers and ballot boxes are physical objects, and we know how physical objects behave because we have been studying them from birth.  We may be sick at the thought of the other side getting in; we may think that they bribed, or browbeat, or lied to the poor innocent voters; but we know better than to claim that anyone fiddled either the voting or the count.

Go electronic, and you have none of this assurance.  Ultimately you have nothing that you can verify.  The machine asserts that certain things happened, and men in grey suits (or men in beards and sandals) assert that the machine must be right.  It is on their word that the government of a country is decided.

The greater risk: peace

There are two problems with electronic data.  One is that they can be altered or deleted undetectably (or, to be precise, that one cannot prove to the ordinary person in the street that this has not happened).  The other problem is that there is no way of knowing whether they have been destroyed.

At present, it is possible to break the secrecy of the ballot and discover exactly who voted for whom.  This requires a great deal of manpower because it means manually inspecting each ballot paper, reading its serial number, and matching that number in a printed list of electors.  The relevant materials (ballot papers and registers) are destroyed after a year: this is thought to give enough time for any possible objection to the conduct of the election to be raised.  Ballot papers are bulky things and their destruction is a noticeable and verifiable act: it would be impossible to sequester the ballots beforehand and prepare a set of duplicates without people getting to know about it.

Electronic data are labile and easily destroyed, so any responsible authority in charge of elections will make sure that everything is backed up thoroughly.  We are now asked to believe that in 12 months' time every single one of those copies (even the ones kept for "statistical analysis" or "program testing") will be located and destroyed.  This is absurd.

Recall that current proposals envisage that the identity and location of every citizen should be known at all times, both through remotely readable identity cards and through the satellite tracking of cars.  The matching of this information to voting records is, technically, a trivial task.  If a government cares seriously enough about its programme, it will find ways of extracting and matching that information: perhaps covertly, perhaps overtly. 

Imagine a situation where racist candidates are poised for success in a certain deprived area of the country.  If they are elected (so the argument runs) they will inflame an already tense situation.  To vote for such a candidate is arguably a racist act in itself, and therefore criminal; in any case, people who have voted thus are suspect and merit constant surveillance.

Thus it can come about that people become aware that it is not safe to vote the "wrong" way.  The beauty of the scheme is that it is not actually necessary to do anything about the people who vote "wrongly".  As long as the belief that wrong voting has adverse consequences is widespread enough, no-one will take the risk of testing it by experiment: why expose yourself to possible inconvenience or loss of liberty over a mere vote?  Far safer to vote the right way and have a quite life.

This view may seem needlessly apocalyptic to those who believe that technology is the Future and the Future is by definition Good.  But the record of even the current crop of politicians shows that they have no more belief in free elections than they do in religious freedom (in both cases, "freedom" for a politician really means nothing more than the ability to select among pre-approved choices).  And history shows us that what governments are capable of doing, they will eventually do.

References

The general rule about the impact of technology on society is that the more technically advanced you are, the more pessimistic you are.  Here are two examples:

Joseph Weizenbaum, Computer Power and Human Reason: from Judgement to Calculation, Pelican (1984).  Available from Amazon (UK).

As Professor of Computer Science at MIT and a pioneer of artificial intelligence, Weizenbaum can hardly be accused of being a Luddite.  His book is an attempt to save us from voluntary enslavement to technology; or at least, to give us an understanding of what we are doing before we enslave ourselves.

Ross Anderson, Security Engineering, Wiley (2001).  Available from Amazon (UK and USA).

Ross Anderson teaches and directs research in computer security at Cambridge.  This book is much broader in scope than its title suggests, and should be read by anyone planning to live in the computer-operated society we are constructing: a society in which (to take just one example) querying phantom withdrawals from your bank account may lead to prosecution and the loss of your job.  Ross Anderson's own web site is also an excellent source of details of how our freedoms are being eroded in small, apparently unnoticeable steps.