Britain’s next prime minister could be chosen next week using unproved and controversial technology, which security experts have told the New Statesman is not transparent or robust enough to guarantee the security of the process.
Rules drawn up by the 1922 committee mean that if at least two candidates receive more than 100 MP nominations, the party’s membership will elect the leader. They will do so using an online voting system, making Britain the second country in the world to choose its head of state using online voting. But while Estonia has spent 17 years developing a system that allows around 40 per cent of its electorate to vote online, this will be the primary option for Conservative members – and they will have less than a week to access and familiarise themselves with the system.
Tory party officials have sought to reassure voters that the leadership race will be immune from foreign interference if it goes to an online ballot next week. But “e-voting” and “i-voting” are still relatively immature technologies with significant security challenges.
These techniques remain controversial even among the cryptographers who have spent decades developing them. “No one to date has come up with an entirely satisfactory solution [for online voting], including myself,” said Peter Ryan, applied security professor at the University of Luxembourg, who worked at GCHQ and the Ministry of Defence before spending almost 20 years studying and developing online voting systems.
A perfect system would be easy to use, guarantee the voter’s anonymity and demonstrate to them that their ballot had been counted accurately. But these competing demands are extremely difficult to balance theoretically, and even more so in real-world applications. The New Statesman has asked the Conservative Party to guarantee that voters will remain anonymous, and that they will be able to check how their votes have been counted, but has yet to receive a response.
Ryan said he is concerned at the lack of transparency around a system that is being used to decide who runs the United Kingdom. When the party gave its members the option to vote online in this summer’s leadership election, he approached the Conservative Party and Civica, the software supplier that was managing the ballot, to request details of how it would work: “Civica said something like, ‘we cannot discuss an election of such sensitivity’.”
The party chairman, Jake Berry, made similar remarks in a statement on Thursday afternoon (20 October). “Without going into the security measures we will take, for reasons I’m sure you will understand, we are satisfied that the online voting system will be secure,” he said.
“My response is,” said Ryan, “it’s precisely because it is such a sensitive election that you should be talking to experts and displaying a bit of transparency about the process. We have no grounds really to trust the process apart from blind trust.”
In August, the Conservatives were advised by security experts at the National Cyber Security Centre (NCSC) to drop plans to let members alter their votes after submitting them, due to concerns that it increased the risk that hostile actors would interfere with the process. The party accepted the advice and made no other changes.
Ryan said the implication was that NCSC was otherwise “moderately happy” with the system. “If you’re prepared to trust that Civica will maintain the security of their servers and so on, the system will probably work OK – but there’s a lot of trust there.” He said he did consider the company trustworthy and competent, but “having to place such trust in a single outfit is profoundly worrying… I really want transparency in the process, so that we can verify that it will be conducted properly.”
The contest’s short time scale means a foreign power, even with advanced cyber capabilities, would find it difficult to compromise a sufficient number of voters’ devices to alter the outcome. It is not yet clear who will run the process, but any credible supplier would also be expected to have established firewalls around their servers, to protect them against external attacks.
The more significant concern among security experts relates to how the party verifies voters. The news organisation Tortoise has taken legal action against the Conservative Party after it refused to reveal details of its membership. Tortoise’s journalists had successfully registered memberships for four fake individuals, including two foreign nationals. “In a way, what worries me more [than the prospect of a breach],” said Ryan, “is that we have this murky electorate we know nothing about, which is not in any way representative of the UK.”
As the country continues to feel the consequences of Liz Truss‘s economic mismanagement, the UK hardly needs more reasons to reject a system in which less than 0.2 per cent of the population appoints the country’s prime minister. If the party cannot guarantee that the votes of even this tiny minority are properly represented, this will only lend further weight to calls for a general election.
[See also: Boris Johnson’s path back to power is a treacherous one]