Electronic vote counting source code should be public, MEP candidate says
Distributing scanned ballots to political parties is not the solution to overcome the security impasse of the new electronic vote counting application, Antoine Borg insists
The source code of the new electronic vote counting platform should be public, an independent MEP candidate is proposing.
Antoine Borg, a candidate with a background in IT, was reacting to the prospect that the major political parties could be given scanned copies of votes to allay fears stoked by the new vote counting system.
On his blog Brain Not Ego, Borg insisted that giving the political parties a copy of every scanned vote is undesirable in a democratic set up where voting is anonymous.
He said that to overcome the impasse the source code of the application should be public, as should the test cases run on the system.
Borg added that like any software, the authorities could ensure that the vote counting system includes a “checksum”, a security feature that would produce a code that changes each time the source code is amended.
“The authorities can calculate the checksum in the presence of all political parties. On the day, the counting is to start, they can re-calculate the checksum. The political parties can verify it is still the same before counting starts,” he said.
Malta will for the first time use an electronic system to count votes in the upcoming European Parliament and local council elections next May.
The system has already received its share of criticism from the Nationalist Party that has expressed doubts about its security.
To overcome the suspicions, the prospect has been mooted of giving the political parties access to every scanned vote, which would theoretically enable them to independently verify the result. The parties would be able to retain the copies for three months.
The Democratic Party came out against the suggestion.
But this has raised concern because it could undermine the anonymous nature of the voting process if the voter marks his ballot in such a way that would be recognisable by a party.
Under the current manual system, ballots are held by the Electoral Commission after the vote counting process is over.
To do away with prospected solution of giving parties access to every scanned ballot, Borg has proposed a public verification process.
“Of course, there are sneaky ways to change an app… In the IT world, we make sure an app is un-modified by calculating a checksum. This is a special number generated based on the app. If someone sneaks in at night and changes things, the checksum will be different in the morning. Any change – even adding a single comma to the source code – will produce a different checksum,” Borg said.