Estonia, which created the world’s first nationwide Internet-based voting system, has finally releasedits source code to the public in an attempt to assuage a longstanding concern by critics.
"This is the next step toward a transparent system,” said Tarvi Martens, chairman of Estonia's Electronic Voting Committee, in an interview Friday with ERR, Estonia’s national broadcaster. “The idea, which was the result of joint discussion between numerous Estonian IT experts and the Electronic Voting Committee, was implemented today. We welcome the fact that experts representing civil society want to contribute to the development and security of the e-elections.”
Martens and his colleagues have now put the entire source code on GitHub—previously it was only made available after signing a confidentiality agreement.
As we reported last year, Estonia has had national voting via its Digital ID card since 2007. A Digital ID card is available to all Estonians and legal residents. The card uses open-source public key-private key encryption software (upgraded in 2011 to 2048-bit), which allows government agencies to perform various secure functions online connected with a citizen's identity. These include financial transactions, public transportation tickets, and student university admission records, among others.
With that infrastructure in place, the Estonian government began testing Internet-based voting in local elections in 2005. Two years later, it was expanded to include national elections. In the 2009 elections for the European Parliament, 15 percent of all votes cast were submitted online. That number grew to almost 25 percent for the 2011 domestic parliamentary elections.
As a security precaution, Estonian voters can submit their ballot as many times as they like during the e-voting window open the week before election day.
"I-voting is possible only during seven days of advance polls—from the tenth day until the fourth day prior to Election Day," the Estonian National Electoral Committee states on its website. "This is necessary in order to guarantee that in the end only one vote is counted for each voter. To ensure that the voter is expressing their true will, they are allowed to change their electronic vote by voting again electronically during advance polls or by voting at the polling station during advance polls."
Domestically, courts have upheld the use of Internet voting. In 2011, the Estonian Supreme Court’s Constitutional Review Chamber rejected the petition of an Estonian student who alleged that the voting software could be maliciously tampered with so as not to count votes accurately.
Previously, e-voting critics such as Barbara Simons, the former president of the Association of Computer Machinery, told Ars that the lack of open source software was a strike against trusting Estonia’s system.
"We don’t know how the Estonian system is working," she told Ars in 2012. ...
Read more about the concerns and an update that only "server-side" source code has been released at http://htl.li/mWp3v