ISLAMABAD: Election Commission of Pakistan (ECP) on Monday published the findings and assessment report of Internet Voting Task Force (IVTF) on voting rights of overseas Pakistanis on its website.
The report was prepared with a task to submit third party technical audit report to the ECP along with its recommendations for improving or upgrading all aspects of internet voting system.
The report was compiled to give any concrete suggestions, or a proposal for a more secure architecture for I-Voting and to evaluate the hosting facility of overseas voting server for denial of service (DOS) or distributed denial of service (DDOS) attacks on voting day or even earlier.
The team who compiled the report expressed the hope that report serves as an informative and useful resource in the development of election technology in Pakistan.
They said that internet voting is a controversial issue and they have made every effort to situate this debate on strong technical foundations.
They added they have attempted to focus on one critical element that has been notably missing from the public debate, which is the experience of other countries using this modality.
Some of the most technologically advanced countries in the world have either rolled back online voting or have deliberately chosen not to deploy it. “In this document, we have highlighted the key features of their arguments and explored their application to our situation,” they said.
The members of the committee thanked the ECP for assisting in their work and NADRA for providing timely technical support, and for facilitating this task force in all of its efforts.
According to findings of the report, iVOTE categorically does not provide ballot secrecy as required in Clause 94 of the Elections Act 2017 and Article 226 of the Constitution of Pakistan. This shortcoming is inherent to this particular model of Internet voting systems.
It was noted that many of these security vulnerabilities are not specific to iVOTE but are inherent to this particular model of Internet voting systems.
Therefore, even if the voting system itself has ironclad security, these attacks will still be effective because they do not target the voting system, but instead they focus specifically on the voter’s computer and the underlying network, both of which are not under NADRA’s control.
It added casting votes outside a poll-booth environment typically enables vote buying and voter coercion. In particular case, there is a very real possibility that votes may be bought and sold and coerced overseas in regions where the ECP has no mandate to investigate or prosecute such attempts.
The report claimed that users can easily mount attacks on this system using their web browsers whereby they can cast votes for whichever national and provincial seat they choose, regardless of their constituency. These attacks can be launched with moderate technical ability and can easily be automated to manipulate votes at a large scale, it added.