Electronic voting in
Estonia gained popularity in 2001 with the "e-minded" coalition government. In 2005, it became the first nation to hold legally binding
general elections over the
Internet with their
pilot project for municipal elections. Estonian election officials declared the
electronic voting system a success and found that it withstood the test of real-world use.
Internet voting was also used in the
2007 Estonian parliamentary election
Parliamentary elections were held in Estonia on 4 March 2007. The newly elected 101 members of the 11th Riigikogu assembled at Toompea Castle in Tallinn within ten days of the election. It was the world's first nationwide vote where part of the ...
, another world first.
Internet voting
The term ''Power voting'' (or ''e-voting'') can refer to both fixed voting locations (as in
voting booths) and remote (as in over the Internet) electronic voting. To reduce confusion between the two, electronic voting is known as i-Voting in Estonia. The security model is modeled after the way in which
advance voting
Early voting, also called advance polling or pre-poll voting, is a convenience voting process by which voters in a public election can vote before a scheduled election day. Early voting can take place remotely, such as via postal voting, or in ...
and
postal voting
Postal voting is voting in an election where ballot papers are distributed to electors (and typically returned) by Mail, post, in contrast to electors voting in person at a polling place, polling station or electronically via an electronic voti ...
is handled.
Overview of Estonian internet voting
The Estonian internet voting system builds on the
Estonian ID card. The card is a regular and mandatory national
identity document
An identity document (also called ID or colloquially as papers) is any documentation, document that may be used to prove a person's identity. If issued in a small, standard credit card size form, it is usually called an identity card (IC, ID c ...
as well as a
smart card
A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...
, allowing for both secure remote authentication and legally binding digital signatures using the Estonian state supported
public key infrastructure
A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilit ...
. As of March 2007, over 1.08 million cards have been issued (out of the Estonian population of 1.32 million).
Internet voting is available during an
early voting period (four to six days prior to
Election Day). Voters can change their electronic votes an unlimited number of times, with the final vote being tabulated. Anyone who votes using the Internet can vote at a
polling station during the early voting period, invalidating their Internet vote. It is not possible to change or annul the electronic vote on Election Day. A cost-efficiency comparison of the different voting channels offered in the
Estonian Municipal Elections (2017) concluded that Internet voting is the most cost-efficient voting channel offered by the Estonian electoral system.
The principle of "
one person, one vote" is maintained, as the voter is able to cast more than one ballot, but only one vote is ultimately recorded. This assertion was challenged in August 2005 by
Arnold Rüütel, then
President of Estonia
The president of the Republic of Estonia ( et, Eesti Vabariigi President) is the head of state of the Republic of Estonia. The current president is Alar Karis, elected by Parliament on 31 August 2021, replacing Kersti Kaljulaid.
Estonia is ...
, who saw the new e-voting provisions in the Local Government Council Election Act as a breach of the principle of equality of voting. The President
petitioned against the e-voting provisions to the
Supreme Court of Estonia but lost.
Transparency and verifiability
According to the recommendations of
OSCE/ODIHR election observers, and because of a voting client hacking case brought to the Supreme Court in 2011, Estonia implemented vote verification for individual voters in 2013. Voters verify their ballots by using a smartphone application which uses a QR code displayed by the desktop voting client to display the candidate for whom the vote was cast. Individual verification verifies that the vote cast was stored on the vote collection server for not more than either 30 or 60 minutes, depending on the election. The voter cannot directly verify that the vote was also tallied as cast.
The voting system's serverside source code was published in June 2013 because of social pressure initiated by
Tanel Tammet, a computer scientist who coauthored research papers from 2001 on electronic voting requirements. The source code was published on GitHub and has been available for all subsequent elections. Neither the voting client's source code nor the reference code have been published, as election officials have determined that this would allow malicious actors to build fake voting clients. Because the voting protocol is public, anyone can build a voting client.
In 2015, extensive reports from OSCE/ODIHR election observers and an independent observing team led by J Alex Halderman in 2015, as well as public pressure from local activists, motivated the implementation of universal vote tally verifiability in 2017. Tally verification is done by
mixnet
Mix networks are routing protocols that create hard-to-trace communications by using a chain of proxy servers known as ''mixes'' which take in messages from multiple senders, shuffle them, and send them back out in random order to the next desti ...
, making use of
homomorphic
In algebra, a homomorphism is a structure-preserving map between two algebraic structures of the same type (such as two groups, two rings, or two vector spaces). The word ''homomorphism'' comes from the Ancient Greek language: () meaning "same" ...
properties and
elGamal
In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. ElGamal encryption is used in th ...
encryption provided by Douglas Wikström. Universal tally verification is not a mandatory part of the process, and is conducted by a dedicated data auditor. Tallying the votes with mixnet is done in parallel with plain text extraction of the votes from encrypted envelopes, which are decrypted using the voting commission's secret key and from which the digital signatures of voters are removed.
Although a white paper on Estonia's 2017-2019 implementation of its electronic voting system claims that the system permits end-to-end verifiability, this has been denied by independent researchers. A working group was formed by
Minister of Foreign Trade and Information Technology Kert Kingo
Kert Kingo (born 5 March 1968 in Tartu) is an Estonian politician. She served as Minister of Foreign Trade and Information Technology in the second cabinet of Jüri Ratas from 16 May 2019 to 25 October 2019. She resigned after lying over the appo ...
in order to assess the "verifiability, security and transparency" of electronic voting. The group produced a report consisting of 25 improvement proposals, of which
proposals 11, 13 and 25 pertain to the system's problems with verifiability. The government coalition agreement also asserts the need for independent international auditing of the system.
Criticism
Despite praise from Estonian election officials, computer security experts from outside the country who have reviewed the system have criticized it, warning that any voting system which transmits ballots electronically cannot be secure. This criticism was underscored in May 2014, when a team of international computer security experts released their examination of the system, claiming they could breach the system, change votes and vote totals, and erase all evidence of their actions if they were to install malware on Estonian election servers. The team advised the Estonian government to halt all online voting because of the potential threats that it posed to their government.
The Estonian National Electoral Committee reviewed the concerns and published a response, saying that the claims "give us no reason to suspend online balloting". The purported vulnerabilities were said to be either infeasible in reality or already accounted for in the design of the e-voting system. The Estonian Information System Authority also responded to the claims, describing them as a political, rather than technical, attack on the e-voting system, and criticizing the method of disclosure. The researchers' connection to the
Estonian Centre Party, which has long been critical of e-voting, has also been a common speculation among Estonian state officials and has been even suggested by a prime minister.
[Attacks on Estonia's e-voting are political rather than technical](_blank)
/ref>[Security Analysis of Estonia's Internet Voting System [31c3](_blank)
/nowiki> by J. Alex Halderman">1c3">Security Analysis of Estonia's Internet Voting System [31c3
/nowiki> by J. Alex Halderman/ref>["The criticism made headlines in the international media, receiving coverage from The Guardian and the BBC. This led to a public debate between Alex Halderman and the Estonian authorities. According to Professor Robert Krimmer, the report had many valid points, although the assessment of the impact could be debated. The results of the debate, in terms of immediate consequences, was limited, however."](_blank)
/ref>
The main author of a white paper on Estonian electronic voting from 2001, , has been critical of the system, and uses paper ballots to cast his own votes.[Paper-voted (and why I did so)](_blank)
/ref> The main author of the second white paper on Estonian electronic voting from 2001, Tanel Tammet, has been campaigning for the opening of the system's source code and for the implementation of independent parallel systems to guarantee trust in the e-voting system.[E-valimiste võimalikud tehnoloogilised platvormid](_blank)
/ref>[Teeme ära avaliku e-valimiste kontrolli, kõik huvilised turvaspetsid oodatud kaasa lööma!](_blank)
/ref> The serverside code was published under the Creative Commons BY-NC-ND license on GitHub as a result of those efforts in July 2013.[Release of E-Election Software Code 'Did Not Go Far Enough'](_blank)
/ref>
The OSCE/ODIHR election observation mission has voiced concerns about Estonian e-voting during every parliament election, initially proposing in 2007 that e-voting be suspended if its problems remain unaddressed,["Yet, unless the above-mentioned factors are effectively addressed, the authorities should reconsider whether the internet should be widely available as a voting method, or alternatively whether it should be used only on a limited basis or at all."](_blank)
/ref> then suggesting in 2011 that the election commission should create an inclusive working group for improving e-voting and that cryptographic measures should be implemented to ensure that voting is observable["In recent years, advances have been made in the field of cryptography to enable end-to-end verification of the votes cast, i.e. a possibility for an individual voter to verify that his/her vote was (i) cast as intended, (ii) recorded as cast, and (iii) counted as recorded. /—/ Estonia's Internet voting system does not employ such tools. /—/ The OSCE/ODIHR recommends that the NEC forms an inclusive working group to consider the use of a verifiable Internet voting scheme or an equally reliable mechanism for the voter to check whether or not his/her vote was changed by malicious software."](_blank)
/ref> and noting that the verification features implemented for the 2015 elections only partially address their previous recommendations.["The NEC introduced a verification process for voters to confirm that their online vote was cast as intended and recorded on the ballot storage server as cast, which partially addressed an OSCE/ODIHR recommendation."](_blank)
/ref>
In a 2012 overview of international e-voting implementations, IFES independent researchers found that, although insofar successful, in situation of "emerging international electoral standards with respect to Internet voting" Estonian voting system faces necessary improvements for "better legislation, a transparent policy and formalized procedures" as well as "broader democratic goals, such as enhancing civic e-participation" need to be considered.[International Experience with E-Voting](_blank)
/ref>
In 2013 Free Software Foundation Europe criticized partial publishing of the source code of e-voting system and for using non-software licenses for publication. FSFE also suggests researching into solutions that lessen reliance on system administrators and instead build the system on cryptographic models of trust. Since the weakest part of voting infrastructure is voter's computer, FSFE suggests Estonia should mitigate the risks of unnoticed subversion of votes in compromised client machines and "publicise the dangers as widely as possible, along with instructions to minimise the risk and rectify the situation should a risk realise".
There have been also attempts to expose problems of voting system by proofs of concept. In 2011 Paavo Pihelgas created a trojan that was theoretically able to change voter's choice without user noticing. He used this as basis for filing an election complaint and demanded that Supreme Court invalidates election results. The court dismissed the case because Pihelgas's "voter's rights had not been infringed as long as he had knowingly put himself into the situation".[OSCE findings on Estonian e-voting](_blank)
/ref>[Complaint of Paavo Pihelgas to invalidate the electronic voting results of 2011 parliament elections](_blank)
/ref>
In 2015, an activist from the Estonian Pirate Party
The Estonian Pirate Party ( et, Eesti Piraadipartei) is a support group to form a political party in Estonia. Based on the model of the Swedish Pirate Party, it supports intellectual property reform, freedom of speech and respect for privacy ...
, Märt Põder, took credit for casting an invalid ballot "using a GNU debugger to locate the breakpoint in Linux IVCA where the candidate number is stored and replace it with an invalid candidate number". Being only one among 176,491 e-voters to do it, the activist explained to the media that client application source code should be opened up and taught as part of general education in public schools to make people trust e-voting. Later negotiating with electoral commission, an activist went on to stress that end-to-end verifiability is a prerequisite for reliable e-voting, and that the whole process of planning, procuring and implementing e-voting should be conducted in English as well, which opens up to the international community for proper scrutiny.[Püüan nüüd aktivistina olla läbipaistvuse osas riigile eeskujuks ja annan teada, et käisin neljapäeval Vabariigi Valimiskomisjonis vestlusel](_blank)
/ref>
In 2016, computer scientists at the University of Oxford, while acknowledging relative success of conducting e-voting, they claimed that e-voting system officials "have relied since the system’s inception on building trust through interpersonal relations," and that "may work well for a close-knit society such as that of Estonia". However, "informal processes (including lessons learned) should be further clarified and formally documented".
In beginning of June 2019, Kert Kingo
Kert Kingo (born 5 March 1968 in Tartu) is an Estonian politician. She served as Minister of Foreign Trade and Information Technology in the second cabinet of Jüri Ratas from 16 May 2019 to 25 October 2019. She resigned after lying over the appo ...
, Minister of Foreign Trade and Information Technology of the newly elected government created an inclusive working group to assess the "verifiability, security and transparency" of the Estonian electronic voting system. The working group consisted of state officials, representatives from universities and research institutes, critics, and creators of the system. In December 2019 they presented results of the six-month investigation, with 25 proposals for improving the core infrastructure of the Estonian e-voting system.
History
2019 elections
In the 2019 parliamentary elections, 247,232 people, or 43.8% of all participants, voted over the Internet.
In the European Parliament
elections, 155,521 people voted over the Internet. This means that roughly 46.7% of participating voters gave their vote over the Internet.
2017 elections
In the 2017 local municipal elections, 186,034 people voted over the Internet. This means that roughly 31.7% of participating voters gave their vote over the Internet.
2015 elections
In the 2015 parliamentary elections, 176,491 people, 30.5% of all participants, voted over the Internet.
2014 elections
In the European Parliament elections, 103,151 people voted over the Internet. This means that roughly 31.3% of participating voters gave their vote over the Internet.
2013 elections
In the 2013 local municipal elections, 133,808 people voted over the Internet. This means that roughly 21.2% of participating voters gave their vote over the Internet.
It was also the first election where vote verification with mobile device was implemented.
2011 elections
In the 2011 parliamentary elections, 140,846 people voted over the Internet. This means that roughly 15.4% of the persons with the right to vote and 24.3% of participating voters gave their vote over the Internet. It was also the first election to allow for voting through chip-secure mobile phones, following a law approved by Parliament in 2008.
2009 elections
In the 2009 local municipal elections, 104,415 people voted over the Internet. This means that roughly 9.5% of the persons with the right to vote gave their vote over the Internet.
In the European Parliament
elections, 58,669 people voted over the Internet. This means that roughly 14.7% of participating voters gave their vote over the Internet.
2007 elections
In 2007 Estonia held its and the world's first general elections with Internet voting available from February 26 to 28. A total of 30,275 citizens used Internet voting (3.4%), which means for every 30 eligible voters one of them voted through the Internet.
2005 elections
In 2005 Estonia became the first country to offer Internet voting nationally in local elections.Estonia pulls off nationwide Net voting
News.com
''CNET'' (short for "Computer Network") is an American media website that publishes reviews, news, articles, blogs, podcasts, and videos on technology and consumer electronics globally. ''CNET'' originally produced content for radio and televi ...
, October 17, 2005 9,317 people voted online (1.9%).
References
Further reading
Internet Voting in Estonia: Statistics and Methodology
E-Voting in the 2005 local elections in Estonia
by Fabian Breuer and Alexander H. Trechsel, European University Institute, Report for the Council of Europe
The Council of Europe (CoE; french: Conseil de l'Europe, ) is an international organisation founded in the wake of World War II to uphold European Convention on Human Rights, human rights, democracy and the Law in Europe, rule of law in Europe. ...
E-Voting Uses in Elections in Estonia
Entry on Estonia in the International E-Voting Database hosted by E-Voting.CC
Practical Security Analysis of E-voting Systems
by Triinu Mägi, a master thesis studying the security of the Estonian e-voting system and Secure Electronic Registration and Voting Experiment (SERVE)
E-Voting Conference: Lessons learnt and future challenges
Agenda and presentations of the Oct 2006 Tallinn conference, hosted by th
e-Governance Academy
(an Estonian e-governance and e-democracy NGO, organiser of the event)
2nd International Workshop on Electronic Voting 2006
in Bregenz, Austria.
An interview on YouTube about the trust-aspect of i-voting in Estonia
with Thad Hall from the University of Utah who was observing the elections in Estonia. Skip to 01:30 for the actual interview.
"Online Voting Clicks in Estonia"
An article in Wired News on e-voting in Estonia that is also mentioned at the beginning of the interview with Thad Hall.
"Centre of Excellence for Internet Voting"
Based in Estonia, network of engineers that specialise in the implementation of Internet voting in Government elections.
{{DEFAULTSORT:Electronic Voting In Estonia
Estonia
Politics of Estonia