Finnish e-voting system must not stay a trade secret ? Electronic
Frontier Finland
2008-02-11

A member of Electronic Frontier Finland (Effi), a Finnish association
for promoting digital rights, recently sent a request of information
to the Finnish Ministry of Justice regarding their planned e-voting
system [5]. The system will be piloted in the municipal elections in
October 2008, and it is based on a DRE (Direct Recording Electronic)
type e-voting system from TietoEnator Finland, and a Spanish back-end
provider, Scytl [7].

In their response, Ministry of Justice states that the documentation
that has been written concerning the specific details of the e-voting
system has to be kept secret on the basis of the Act on the Openness
of Government Activities. Documents that have to be kept secret
include documents related to the information security of the system
and documents that contain information about the trade secrets of a
private company, in this case, the systems provider [1].

Effi's analysis of the system is only based on high-level documents
provided by the Ministry of Justice [2] and a U.S. patent that has
been granted to Scytl, and is assumed to form the basis of the Finnish
e-voting system core [3]. According to this analysis, the system will
not utilise any voter-verified paper ballot system or even the
electronic receipt system that is detailed in the Scytl patent.

The current, traditional Finnish elections feature a widely
distributed ballot counting process, which is carried out manually and
collectively by the representatives of the competing parties at each
polling station. The results of each polling station are individually
published, providing the representatives with a possibility to
cross-check that the votes at their polling station have been
correctly tallied. The ballots are then separately counted again,
independently of the original count, and archived in the case of
further recounts being deemed necessary. The system is quite fast,
providing results in a matter of hours from the whole country, easy to
understand, and very resilient.

The e-voting system as currently proposed would make recounts that
would be independent of the electronic system impossible. It would
also make it possible for a much smaller team of individuals to alter
the election results, as the software, which counts the ballots, is
not public. Since Effi's original press release, the Ministry of
Justice has unveiled a plan to contract an audit of the software from
the University of Turku in Finland [6], but this effort does seem to
be rather underresourced when compared to U.S. e-voting system audits,
and is likely to just scratch the surface.

As a counterexample, thirty U.S. states have already made a
voter-verified paper ballot a mandatory part of electronic voting [4].
For some reason, the Finnish Ministry of Justice has not seen this as
a requirement for the all-electronic voting system in Finland.

Electronic Frontier Finland
http://www.effi.org/

[1] Ministry of Justice response on January 23rd, 2008 to a member of
Electronic Frontier Finland (Effi), in Finnish:
http://www.effi.org/system/files?file=om-2008-01-23.txt
[2] E-Voting pilot: Technical implementation and information security,
20th June 2007, TietoEnator, in Finnish:
http://www.effi.org/system/files?file=Pilotin_tekninen_esittely_v1.0H.pdf
[3] U.S. patent 7,260,552, granted 21st August, 2007.
[4] http://www.verifiedvoting.org/, retrieved on 28th January, 2008.
[5] Effi: Voting systems must not be trade secrets. Press release from
Electronic Frontier Finland on 25th January, 2008, in
Finnish. http://www.effi.org/julkaisut/tiedotteet/lehdistotiedote-2008-01-25.html
[6] Municipal elections 2008: Electronic voting in three
municipalities. Press release from Ministry of Justice, 8th February
2008, in
English. http://www.om.fi/en/Etusivu/Ajankohtaista/Uutiset/1201510039860
[7] Web demonstrator and an informational page for the e-voting
system, retrieved 11th February, 2008, in
Finnish. http://www.vaalit.fi/sahkoinenaanestaminen/