Special Feature: Electronic voting, electronic identity and electronic entitlement

There is a good way to fix the problems with voting, and it’s not with photocopies of gas bills or Railcards. Time for a National Entitlement Scheme.

Something must be done.

At Consult Hyperion, we are interested in electronic voting for three main reasons:

• We are thought leaders in the digital identity space and electronic voting is a key “stress” application for digital identity;
• We advise public sector clients on national identity and identity-related schemes (eg, the Irish Government’s Public Services Entitlement Card);
• While people think about electronic voting in national and other political elections, there are a great many other applications of interest to our clients. A good example is the use of electronic voting for corporate purposes to replace postal voting at shareholder meetings, where the techniques developed for political elections could be used to reduce costs.

The practical deployment of, and experiences learned from the use of, new electronic voting systems are invaluable input into the wider question of identity infrastructure for a modern society, which is why we were delighted to be able to sponsor the 4th International Conference on e-Voting and Identity at the University of Surrey last year. This turned out to be an excellent event and we learned a lot about the different approaches to the problem, constraints, potential solutions and so on. As it happens, there are a great many practical problems around voting, and the solutions are complicated. But there are real social needs that must be addressed, and one of them has just reappeared in the British media.

Voters should be required to show photo ID at polling stations in Great Britain to lessen the risk of fraud, the Electoral Commission has said.

[From BBC News – Voters ‘should be required to show photo ID at elections’, says watchdog]

Personally, I’m in favour of voter IQ laws as well as voter ID laws, but there you go. While electoral fraud is not rampant in the UK, it is certainly not non-existent. The Electoral Commission in fact identified 16 out of the 400 local authority areas in the UK as being at risk, one of these being my own dear Woking, where we have a long and proud traditional of electoral fraud and only last year one of the candidates in local elections was found guilty of electoral fraud. The Electoral Commission highlighted the major problems that have been identified around postal voting (which I do not think should be allowed, but that’s another issue). Foreign readers might be surprised to learn that when you go to vote in the UK you simply give your name and it is crossed off of a list of eligible voters, much as it was when the first Viscount Watkinson was returned as Woking’s MP in 1950 when the constituency was created, or for that matter when Sir Talbot Buxomley was first elected MP for Dunny-on-the-Wold in the reign of George III. This arrangement is no longer immune from the suspicion of personation, so the Commission has recommended the use of photographic ID.

The research revealed that some people were concerned that a requirement for photographic identification would discriminate against certain groups of electors, who would not necessarily have any form of photographic documentation, such as a passport or driving licence.

[From Security Document World]

Similar issues are to the fore across the pond where the US voter ID situation is in a bit of a mess. If I understand the current situation properly, one of the problems with the just-introduced Voting Rights Amendment Act 2014, which is a response to the Supreme Court striking down part of the Voting Rights Act last year, is that there is potential for discrimination against people who are not able to obtain a “Voter ID” card. You can see their point. In other countries, this isn’t a problem, because everyone has some form of ID card. But in the US which, like the UK, has no identity infrastructure, then “systems” developed for other purposes will have to be sub-optimally commandeered. This is the sort of thing that is going to be proposed in, to pick a random example, Nevada.

The new voting system also would link with Department of Motorized Vehicle’s license database, allowing poll workers to visually verify the identity of the person attempting to vote.

[From Nevada secretary of state gets mixed reaction to voter verification proposal – Las Vegas Sun News]

Since the British government recently announced that it was going to put driving licence details online anyway, then I imagine there would be some pressure to use this database, despite its being known to be notoriously inaccurate. But what else do British subjects have to hand with a photograph on it, if not a passport or driving licence? My son could use his student ID card, I suppose (although I am rather against allowing students to vote, on principle) although I’ve no idea how it might be verified on the day. Perhaps they could ask us to sign to vote?

On a recent expedition to New York I was asked for photo ID as condition of entrance to a well-known landmark. I produced the (expired) building pass for our Madison Avenue office as was waved through. Which illustrates what is to me a central problem: if I am required to produce a photo ID at a polling station, it will do nothing to prevent fraud. The polling stations are manned by local volunteers doing their civic duty, not by expertly-trained anti-fraud personnel who are skilled in the inspection and detection of counterfeit identity documents. If I show up to vote and present a driving licence, a Portugese fishing licence or an England football club supporter’s card, the polling station staff will have no means to verify it. As it happens, some UK pressure groups are against photo ID in principle anyway, because it discriminates against people who don’t have a photo ID. Consequently,

the idea of voters being requested to provide a non-photographic form of identification at the polling station was welcomed in principle by both the public and electoral administrators.

[From Security Document World]

This seems utterly stupid to me but it is certainly in the great British tradition of pointless activity! It follows the tried and tested political theory of “something must be done, this is something, therefore it must be done”. So the Mother of Parliaments will rest on a franchise that is protected by photocopies of gas bills, since as we all know, electoral terrorists dedicated to subverting democracy will be unable to forge those. Not that I can produce one anyway, because my gas bill is electronic.

Compared to this, the TSA’s decision to accept Facebook profiles as valid identity for boarding flights in the US seems sound. On balance, I judge it to be far harder to forge a plausible Facebook profile than a plausible gas bill, so if I turn up at the polling station and log in to the Facebook profile for David Birch (if there is a Facebook profile for a David Birch, incidentally, I can assure you it isn’t me) then they may as well let me vote.

The USA’s Transport Security Administration is accepting sight of a traveller’s Facebook profile as a form of ID, it has emerged.

[From Facebook profile accepted as ID at airport security | The Drum]

One can imagine that this approach might itself still be further secured by the addition of photo ID. There’s an app for that…

An upcoming app for Android, iOS, and Google Glass called NameTag will allow you to photograph strangers and find out who they are — complete with social networking and online dating profiles.

[From Facial recognition app matches strangers to online profiles | Crave – CNET]

So all we need to do is equip the polling clerks with Google Glass and job done? I don’t think so. I think we should think about what infrastructure is needed here and then work out the best to way implement it. There are a great many circumstances in which I would certainly imagine a Facebook profile to be a much better form of identification than a photocopy of my gas bill, but voting isn’t one of them, especially if there are already concerns about fraud.

But Electoral Commission chairwoman Jenny Watson said most voters could use passports, driving licences or even public transport photocards to prove who they are at polling stations. Those without any of these documents could request a free elections ID card, she added.

[From BBC News – Voters ‘should be required to show photo ID at elections’, says watchdog]

I am not making this up. Gas bills, Facebook profiles and railcards. That is where our democracy is in 2014. What a joke.

This is something.

The real solution is, of course, not using Railcards or football supporter’s cards, or indeed special-purpose election ID cards, but a general-purpose National Entitlement Scheme (NES). Few readers will remember this, but some time before the UK government’s last attempts to introduce a national identity card, there were consultations around a much better idea, which was a national entitlement card. As my colleague Neil McEvoy and I pointed out in Consult Hyperion’s response to this consultation, the “card” is only one mechanism for storing and transporting entitlements and in the modern age there might be better ones, such as mobile phones for example, that can not only present credentials but also validate them.

It is time to revisit that proposal to try and get the British government out of its muddle about identity infrastructure. A future administration will certainly have to introduce something, not only because of the issue of voting fraud but due to continuing concerns about illegal immigration, health tourism, benefit fraud and so forth. Suppose that the vision for national identity (based on the concepts of social graph, mobile authentication, pseudonyms and so on) focused on the entitlement rather than on the transport mechanism or biographical details? Then, as a user of the scheme, I might have an entitlement (ie, a public key certificate) on my purpose-built national entitlement card (so that’s some of the population taken care of), I might have a entitlement certificates on my bank card (so that’s the overwhelming majority of the population taken care of) and I might have certificates in my mobile phone (so that’s 99.9% of the population taken care of). Remember, these certificates would attest to my ability to do something: they would prove that I am entitled to do something (access the NHS, open my office door, buy things in Waitrose), not who I am. They are about entitlement, not identity as a proxy for entitlement. The government could give out free smart card readers (as they do in Spain) or leave it to the banks to distribute them.

In practice, I think the example set by a modern countries such as Turkey and Estonia are most attractive: I log in to the whatever with some pseudonym, the service provider sends a message to my mobile phone (over-the-air or via NFC or BLE in the future), the PKI in my SIM decodes the challenge and signs the response, and I’m connected. Securely and simply. And if other service providers want me to log on in the same way, they can issue their own certificates as well. There’s a similar approach to this in Norway except there the IDs are issued by the banks and used by the government and other private sector organisations. Imagine a national entitlement scheme that used this technology: it would be efficient and cost-effective, since it would use the phones that people already have to deliver services that they definitely want.

And, best of all, my phone would be able to check the entitlement presented by your phone, so none of us would need special equipment. I show up with my phone and claim that I am entitled to vote: my phone presents a meaningless but unique number, this is entered manually or automatically into the polling clerk’s phone which flashes up my picture if I am entitled to vote or a red cross if I am not. I show up with my entitlement card and the polling clerk reads it using their NFC interface, and so on. Instead of postal votes, the polling clerk can go to the old folk’s home and let them vote individually, certain that they are not being threatened or cajoled.

Should people be allowed to go one step further and simply log in to vote from home? For political elections, I think not. Voting must be in public in order to dispel any suspicion of coercion. Maybe it won’t have to be a polling booth any more (you could have general elections that last a week during which people can vote at Post Offices or bank branches or whatever), but it has to be somewhere public.

Therefore it must be done.

It seems to me that a national plan to finally do something useful about identity might obtain “parasitic vitality” (to use one of my favourite ID phrases) from the specific issue of voter ID. In the UK and in the US, this might be a way to both improve security around the act of voting as well as vector for deployment. Maybe electronic voting can be a focus to get the Cabinet Office’s Identity Assurance (IDA) scheme a flagship and get the public and private sector working together to deliver an infrastructure that will be of benefit to all.  I should mention in passing that we have been working with the Cabinet Office on one of their “Alpha Projects” in the North of England which, as it happened, included photo ID for authentication as one of the use cases.

I’ll be talking about the idea of National Entitlement Scheme (NES) in my keynote at the 17th annual Consult Hyperion Tomorrow’s Transactions Forum in London on 19th and 20th March 2014. Unfortunately, mine will only be the second most interesting keynote at the event, because the kick-off keynote will be by Felix Martin, the author of “Money: The Unauthorised Biography”. As always the Forum — thanks to the fantastic support from our platinum sponsors Visa Europe & VocaLink, and our sponsors Fiserv & Olswang — is limited to 100 places. Oh, and did I mention that all delegates will be getting a complementary copy of Felix Martin’s excellent book, by the way?

See you at the America Square conference centre on 19th March at 9.30!