This November, West Virginians deployed overseas will have the opportunity to vote via smart phone through a Blockchain-based application. Given the existing concerns of election integrity, I couldn’t help but reach out for expert analysis.
Hey, did you know that election integrity is kind of big deal? Have you been watching any number of news stations in the last few years? Our country has not stopped talking about election meddling, voter fraud, electronic voting, and wide variety of related topics, for two or more years, give or take.
If you are not aware of these concerns, you must be living under a rock. Please make room under the rock as I’d like to join you. I do my best to ignore the talking heads because I’ve found they add no value to my life (anyone else feel that way about the twenty-four hour television news cycle?).
Before I digress entirely, my point is election integrity and vote verification are legitimate concerns and imperative for the success of our democracy. As such, broadcast news covers the subject extensively.
Rarely, however, do these broadcasters address the micro-issues. This is why I choose to get my news from a variety of different publications, most of which I read online. That’s how I found this article: Experts Criticize West Virginia’s Plan for Smartphone Voting, from Ars Technica. Many of my regular readers know I appreciate the legal and policy analysis from Ars Technica. Routinely, I use it as a jumping off point for further research. The publication often acts as a catalyst for blog posts. In this case, I’d been waiting for the opportunity to discuss the Blockchain topic and get insights from expert witnesses on the subject.
The issue of a Blockchain-based application being used, to allow soldiers stationed abroad, the opportunity to vote through their smart phone was the perfect topic. Bitcoin (a Blockchain-based crytocurrency) is already being written and discussed extensively. Voting, through a Blockchain application, is getting less coverage and is therefore more interesting to me.
Much of what I’ve read about the Blockchain is hyperbolic. I’ve read on more than one occasion that “the Blockchain cannot be hacked.” On its face, that statement appears illegitimate. There is no such thing as 100% secure. So, how do we plan on safely using a smart phone app to conduct one of our country’s most sensitive civic processes?
According to the Ars Technica article, West Virginia did a limited run of the system (Voatz is the name of the app) for the primary election in May. The article further provided, “West Virginia’s secretary of state told CNN that the pilot worked well and that the system passed four audits of various parts of the system. So this November, the state is planning to offer the system more broadly to West Virginians deployed overseas.”
Naturally, I have a lot of questions about the security and reliability of the voting application offered by Voatz. So I reached out to one of our computer science experts who has studied the Blockchain and recently published articles on the topic.
Computer Science and Systems Expert Witness – Dr. Stephen Castell
Dr. Stephen Castell is a computer science and systems expert witness with over 30 years of experience. As an expert witness, Dr. Castell has acted in over 100 major cases including the largest and longest computer software actions to have come to trial in the English High Court. Most recently, Dr. Castell contributed to the 200th issue of Computer Law and Security Review (CLSR), with his paper titled, “The Future Decisions of RoboJudge HHJ Arthur Ian Blockchain: Dread, Delight or Derision?” Find out more about Dr. Castell by visiting his website: www.castellconsulting.com.
I’ve been working with Dr. Castell for more than eight years. We always have delightful conversations and “geek out” together over emerging technologies. Our recent conversations have, of course, covered the rapidly changing legal technology space.
Here are the questions I posed and the answers provided by Dr. Castell:
Nick: Can you describe Blockchain technology for the lay reader?
Dr. Castell: In its elemental form, a Blockchain is simply a decentralized database system – digital ledgers that store transaction data, distributed across many nodes. It has a linked list data structure, with each block (an aggregated set of data) containing a ‘hash’ of the previous block. Each block is formed by a ‘proof-of-work algorithm’, through which consensus of this distributed system is obtained via the longest possible chain. A ‘traded’ cryptocurrency Blockchain (e.g. Bitcoin) is a shared public chain: in principle everyone has access to the chain, not only to read the information on the chain, but also to append new blocks on the chain. This is known as an unpermissioned chain. The West Virginia voting application is likely to be a permissioned chain, where, through public key cryptography, access control can be implemented during setting up of the chain so that differentiated access can apply – both voters and those managing and controlling the voting process can differentially record, and/or interrogate, votes and voting data added to its Blockchain.
Nick: Is a Blockchain-based voting system secure?
Dr. Castell: The Blockchain in and of itself provides strong cryptographic security. However, ICT expert professionals bear in mind that not only are there no finalised international standards for Blockchain (eight standards are in development under ISO/TC 307), but also there is far more to specifying, designing, developing, testing, deploying and maintaining an appropriate complete QA’d application than just the Blockchain element. The security of the complete system needs to be addressed and designed-in from the start, irrespective of the use case for the Blockchain. And whether to use a Blockchain as a component at all for a given business requirement such as public elections is a critical initial feasibility exercise that the expert knows is essential, as much from a security perspective as any other.
Nick: We know that electronic voting systems are vulnerable to hacking. Can Blockchain-based voting systems also be hacked?
Dr. Castell: Anything can be hacked, and electronic voting systems are no different. Back in the late 1980s, I carried out a major definitive study, commissioned by the British H M Treasury, on the admissibility of computer evidence in court and the legal reliability/security of IT systems (The APPEAL Report, 1990, May, Eclipse Publications, ISBN 1-870771-03-6). This concluded with what became known as my ‘First Dictum’: “You cannot secure an ontologically unreliable technology by use of an ontologically unreliable technology”. Nothing has changed. Commercial computer hardware and operating systems, including smartphones, remain essentially ‘open’, and ontologically unreliable.
Nick: Is it the Blockchain that could be compromised or is it more likely a voter’s smartphone would be compromised by a hacker?
Dr. Castell: A well-engineered and implemented Blockchain distributed voting ledger should itself be as immune to compromise as its cryptography can provide. But the voter’s smart phone security, and the overall voting application, are only as sound as whatever has been designed-in to the whole system – and we know that smartphones have for sure in the past been hacked. It is not clear that the proposed West Virginia smartphone application would be any more (or less) hackable than anything else hitherto.
Nick: What sort of checks and balances would you expect for a Blockchain-based voting system before implementation?
Dr. Castell: It would seem an obvious (constitutional?) requirement that votes must always be manually-countable in any US election, in the event of suspected error or lack of trust in the reported result, whether through suspected deliberate tampering or compromise, accident or incident, random system malfunction, or whatever else, and particularly if the result is legally challenged in court. Any smart phone app voting system must therefore always be designed so that its operation, and the voting data recorded, are auditable for integrity, accuracy and reliability ‘by hand’ – that is surely the most basic check and balance.
Lawyer Jonathan Bolls is a Magistrate, and Chief Election Officer, in Fairfax County, Virginia, who had personal experience of the consequences of unreliable computer systems, as a past victim of technical problems saving Bar Exam essays using suspect software provided by the Virginia Board of Bar Examiners (I provided expert opinion on his behalf – see http://jonathanbolls.blogspot.com/). He notes that US citizens are passionate about the integrity of elections: “For Blockchain technology, where someone is voting on their phone from overseas, they would want to consider that in doing so they potentially waive their rights to have their vote counted should a re-count be necessary. We have actually gone the other way: removed our high-tech touchscreen voting systems and returned to the paper ballot. If ever we need to check voting numbers we hand count”.
Aside from manual auditability, before implementation it is vital that ‘Proof of Concept’ projects be thoroughly executed, carefully trialing any proposed smartphone public voting system, prior to actual ‘go live’ for real. Such Pilot Trials or Proving Systems are essential, with their scale, planning, operation, data and results, and assessment thereof, monitored and carried out by independent experts.
Nick: In your expert opinion, would you trust a Blockchain-based voting system to accurately register votes?
Dr. Castell: Deliberate hacking or compromise apart, there is no reason why a well-engineered and implemented Blockchain-based voting system, with careful professional expert involvement in its design and trialing before go-live, should not accurately register votes. However, I do not consider that a so-called ‘trustless’ Blockchain-based voting system removes the need for a Trusted Third Party legally responsible for its operation and security. ‘Who you gonna sue when it goes wrong?’ is still an essential consideration, and the Blockchain itself, nothing magical, ‘just another computer system’, cannot be sued.
See:
- https://authors.elsevier.com/a/1XSpq_654J6Hkp ‘The future decisions of RoboJudge HHJ Arthur Ian Blockchain: Dread, delight or derision?’, Stephen Castell, Computer Law & Security Review, Volume 34, Issue 4, August 2018, Pages 739-753.
- Commission of the European Community. Green paper on the security of information systems, ver. 4.2.1, 1994.
- S. Castell, Code of practice and management guidelines for trusted third party services, INFOSEC Project Report S2101/02, 1993.
Conclusion:
What are your thoughts? Would you trust a smart phone, Blockchain-based voting application? Please share your comments below!
UPDATE (08/16/2018):
Our friends over at the Robinette Legal Group, located in Morgantown, West Virginia, wrote a complementary piece to this blog. The author of the piece, Terri Robinette, did an exceptional job elaborating on prior “uses” of Blockchain in Sierra Leone and describing how West Virginia is legitimately the first to truly test this technology. She further described election security and fraud in West Virginia. Take a look at her article below: