Technology, Trust and Elections

Technology, Trust and Elections

An interim report from the One Vote Project

Project Overview

Media reports1,2 about the prototyping of blockchain based technologies for elections in India provide a unique opportunity to examine and discuss technology interventions. Elections in India have not yet been heavily dependent on technological systems. It took four years3 to transition from paper-based systems to Electronic Voting Machines (EVMs) and twelve years thereafter to EVMs with Voter Verifiable Paper Audit Trail (VVPAT). This interim report is an outcome of discussions, webinars and conversations stimulated by One Vote Project.

One Vote project was initiated to explore the introduction of technology in electoral processes. ElectionTech and was initially hosted by the Kaarana collective. With the extensive set of conversations and discussions, it was evident that the project needed to be a defined with a space and forum of its own. The project is supported by Hasgeek

The current report is a summary of the conversations that have taken place - via master classes - since May 2021. We have also included some forward looking statements which provide further opportunity to investigate issues arising around the topic of technology in elections.

Elections in India are often described as the ‘dance of democracy’4 and the media gaze is relentless on the days of the polls. This has led to a situation wherein the following statements often ring true;

  • The awareness about polling and related ceremonies is high, but the knowledge about elections is low. This dissonance is particularly visible in the keen knowledge of electoral rolls but not of the process which records legitimate votes as cast and available for tallying. This warrants public outreach about the technological aspect of elections.
  • Explainability of technology is an important safeguard.This does not entail that the intended consumers of the technology must understand its workings in deep detail, but that it must be possible to communicate in a reasonably simple manner, the aspects of the rationale, the fairness, the safety and performance issues around the technology. This form of meaningful transparency is the key to building trust.
  • Identity, identifiers and voting rights are intimately related. This is especially so when the presence or absence of one’s name from the electoral rolls is based on contentious rules and decisions. The electorate is often keenly conscious of the significance of being ‘othered’ or ‘marginalized’ and hence is engaged in establishing a verifiable and immutable record on the rolls.
  • Political parties, civil society activists and technologists have a responsibility to act now in order to create a broadly understood framework around responsible technology that can be used in public services.

Blockchains are a type of type of technology implementation which belong to a class of software designs more accurately described as Distributed Ledger Technology (DLTs). Since 2018 there has been a growth in the interest and hype5 around DLTs and especially blockchain. It has often been proposed as a solution to an ever expanding array of problem domains6. Blockchain evangelists have been known to propose blockchain for all sorts of issues7 which come up e.g. financial technology (FinTech); provisioning persistent digital identification systems for refugees; complex problems in supply chains and in general any business transaction which needs to be disintermediated.

The over promotion of the technology has resulted in a situation where a perverse motivation stemming from the ‘fear of missing out’ (FOMO) leads to the absence of any reasonable assessment around the sufficiency offered by existing technologies and software architecture. There are situations wherein the specific advantages of blockchain technology or DLT are not evaluated with respect to the desired outcomes.

This report highlights some of the key aspects which are important to consider when engaging in any discussion around the introduction of novel and emerging technology design for large-scale publicly available services:

  • Awareness around blockchain and app-based voting exists but knowledge about the same is scarce. This is specifically significant in context of understanding the constraints and limitations imposed by such a choice. There is thus a need for better consultation around the pilot projects being undertaken and the plans being made for future deployments.
  • Commitment to a deliberative process as part of public decision making is necessary to establish better understanding of the proposed changes in terms of benefits and societal impact. This is likely to lead to meaningful transparency among the stakeholders and participants in such design approaches
  • The adoption of approaches such as the Gunning Principles of Consultation8 are likely to address the absence of lack of access to complex and contextual information which results in being unable to complete a scientific evaluation of the proposal.
  • Governments as well as private organizations contracted by the state must begin to include a societal impact review of Public Interest Software such as voting technologies. A better understanding of the readiness and completeness of such software is required prior to placing the trust of the citizens and voters on such digital workflows.

The interim report from One Vote is not designed to be a formal record of proceedings. Rather, it is an opportunity for the reader, and especially the lay reader, to familiarize themselves with the key issues discussed so far. Additionally, it attempts to put together the initial aspects of a model - a pattern - which can be used to examine the introduction and intervention of technology in the domain of public interactions.

While the sections, which are presented as individual chapters, can be read independently, we recommend that you read this report as you have received it - in sequence. Each section is a separate submission, but we have ordered it according to how we would like you to read it. The text of this report is written to provide a narrative sequence which explores the history of the electoral process in India and builds up a framework through which to evaluate the risks of technology interventions bereft due process of accountability and transparency.

Acknowledgements

We would like to thank:

  1. Ornit Shani, Nanjala Nyabola, Tarangini Sriraman, Subhashis Banerjee, Srinivas Kodali and Srikanth Lakshmanan for conducting masterclasses. A substantial part of our understanding around this topic came from their sessions, and the papers published by Ronald Rivest, Nic Cheeseman and Ben Adida.
  2. Taha Ali for reviewing the report.
  3. Nadika Nadja for helping with the structuring.
  4. Zainab Bawa for overall editing and encouragement.

Authors

Sankarshan Mukhopadhyay works on digital identifier technologies and examining how digital public services are introduced for citizens.

Chantal D’Costa is Research Assistant at the One Vote project. She is a Humanities undergrad at Azim Premji University (APU).

Support Team

Anish TP illustrated the report.

Chapter 1 : Critical Questions
Chapter 2: Technology Check point
Chapter 3: Future Risks
Chapter 4: Conclusions
Annexure
Additional Reading

Hosted by

One Vote is an initiative to examine a diverse set of inputs and perspectives regarding the introduction and evolution of technology as part of the elections. We use public discourse, deliberations and reports to raise awareness about this topic for a lay audience. One Vote is designed to enable cr… more
sankarshan

sankarshan

@sankarshan

CHANTAL JANINE D'COSTA

CHANTAL JANINE D'COSTA

@chants

One Vote Report Chapter 2 : Technology Check point

Submitted Nov 17, 2021

Checkpoint for technology introduction

We begin this section with a caveat that the list making up the checkpoint should be treated as a starting point from which to evaluate the introduction of technology intended for public service. It is understood, acknowledged and foreseen that this section will undergo substantial changes after contributions from experts and interdisciplinary academics1.

We have divided the check points into 3 distinct sets:

  1. One, on the intersection of human rights and technology.
  2. Two, on the sufficiency of technology to meet the requirements of an elections process; and
  3. Three, on the appropriateness of selecting the technology for a public service process.

Our recommendation is that these three aspects be considered indivisible rather than being selected as unique collections against which to evaluate any proposal to introduce new technology.

  • Rights Based Approach

    • Representation - whether the introduction of the changes will continue to provide all citizen with the right to be represented on the electoral rolls without discrimination and exclusion.
    • Security - whether the proposed changes furnish citizens with adequate safeguards against harms originating from data theft.
    • Privacy - whether the proposed systems design includes and enhances the aspect of privacy which is inherent in the secret ballot design of the elections.
    • Coercion - whether the proposed design includes sufficient safeguards against citizens being intimidated or instead makes it easier to coerce them. E.g. The phone-based voting in the Telangana mock elections showed that it can be particularly easy to force and check whether the citizen is voting for the preferred candidate in an unprotected area.
  • Minimal Requirements for Secure Elections

    • Secrecy of ballot - The topics of voter coercion and integrity of elections are pinned on the presence of a secret ballot. Thus it becomes a primary requirement of any software or technology being introduced in the elections.
    • Software independence 2 - For elections to be auditable they have to be software independent. That is, “an undetected change or error in a system’s software cannot cause an undetectable change in the election outcome” (Rivest, 2008). This largely means that the output of any software based system should be auditable by (preferably) non-software based means. This would enable evidence to be gathered which record votes as intended, collect them as recorded and count them as collected.
    • Voter-verifiable Records - Public Bulletin Boards can help foster trust in the process but more importantly, allow citizens to watch out for deletions or additions to the electoral rolls, whether erroneous or by malicious intent. The results of the individual polling stations should be posted at the centers, so that third parties can verify the total count.
    • Contestability - The voter must be able to back up their claim when they say that the voting machine recorded their vote incorrectly. It is however impossible to know whether the vote recorded by the EVM is the same as the one displayed by the VVPAT. In cases where the number of votes recorded seem to far outweigh visual representations of the crowd at the booth, the citizen must have a way to challenge the veracity of the election.
    • Auditing - The first level of auditing is making sure that the EVMs are functioning and replacing those which are not. There is the additional problem of non-government sanctioned EVMs. A portion of the votes of the EVM should be tallied by hand, to make sure no hacking has taken place. If the count of the VVPAT slips doesn’t match that of the EVMs, then repolling should be done at that center, otherwise, the auditing process is pointless.
    • Technical knowledge and skills - Whether the governing authority has an adequate set of technical knowledge and skills related to the technology which is being introduced. The absence of specific, specialized and expert knowledge about the systems are a key gap which would need to be addressed if the numerous possible threat vectors are to be properly countered.
  • Representative Deliberation3

    • Public announcement - It is necessary that the governing (and administering) authority for any project related to introduction of technology publicly announce a period of evaluation of the proposal and enable a set of reasonably well understood methods to provide feedback.
    • Scope definition and purpose declaration - The intended outcome, objectives and scope of the proposed system needs to be specifically announced along with details of the purpose. Ambiguity in any of these aspects leads to mistrust in the public interest software being designed.
    • Public availability of technology choice - It is imperative that the details about the selected technology, in terms of information technology architecture, systems design and similar are provided for the public to review, evaluate and examine to acquire better knowledge of the system.
    • Expert input and peer review - It is required to seek experts across a range of domains who can examine the publicly available documents and provide opinions on the suitability and appropriateness of the technology for the defined scope.
    • Public evaluation of prototype - Enabling a public evaluation of the prototype being designed as a lead up to the acceptance and deployment of the solution. This not only enhances public trust in the decision but it additionally helps counteract disinformation and prevents undue corruption.

  1. Taha Ali: Reconsidering Electronic Voting - How can we make electronic voting count? https://www.dawn.com/news/1640711/reconsidering-electronic-voting [Online, 15 Aug 2021] 

  2. Ronald L. Rivest. On the notion of software independence in voting systems. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 366(1881):3759–3767, 2008. doi:10.1098/rsta.2008.0149. https://royalsocietypublishing.org/doi/abs/10.1098/rsta.2008. 0149 

  3. OECD (2020), Innovative Citizen Participation and New Democratic Institutions: Catching the Deliberative Wave, OECD Publishing, Paris, https://doi.org/10.1787/339306da-en 

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

sankarshan

sankarshan

CHANTAL JANINE D'COSTA

CHANTAL JANINE D'COSTA

One Vote Report Chapter 3 : Future Risks

Future Risks Systems by the very nature of their design will contain a set of risks. Deployment of such systems is based, in theory, on an evaluation of the risk i.e. the actual impact of the event along with the chances of that event occurring. It is becoming increasingly obvious that contests such as elections which are an integral part of the democratic process do not only have local malicious… more

17 Nov 2021