by CHRIS ALBON
Last week, a user identifying him or herself as vvk-ehk uploaded a collection of Python code to the popular open source code repository site, Github. On the surface, the upload, titled “evalimine,” looks similar to the thousands of lines uploaded to the site every day, which range from scripts that scrape websites to scripts that process images. However, this code was different: it decides who governs Estonia.
Vvk-ehk is the Estonian National Electoral Committee and evalimine is the server-side source code for the country’s Internet-based election system. Since 2005, the small European nation has been a pioneer in electronic voting, including allowing citizens to vote over the Internet. To vote online, citizens scan their national ID in a simple smart-card reader to confirm their identity and cast their ballot over the Web. To give citizens confidence that their vote will count, they are allowed to vote multiple times—both electronically and in person—prior to election day. Only the most recent ballot cast, whether online or offline is counted. While there have been some controversies, overall the system has been a success.
According to the creative commons license the code is released under, it cannot be used in any derivative software. In other words, you can download it, you can look at it, but you cannot make anything from it. So if Estonia does not want people to build off their code, why did they release it? Because the release has little to do with software development and everything to do with democracy.
As a concept, democratic elections are beautiful in their simplicity: leaders are selected from citizens by citizens. As a reality, however, democratic elections are a complex and daunting task both for governments as for voters. Elections are a massive, involved, time-sensitive event that is accessible while still being compliant of a myriad of sophisticated voting rules and procedures, vote counting methods, technical limitation, and legal requirements.
Even more daunting is this simple point: for an election to be truly democratic, voters must be considered an “informed participant.” That is, they must have a firm understanding of how the electoral system works, so they can cast their ballot intelligently. For example, under some voting systems you might vote for a single political party, while in others you rank parties according to your preference. These differences have a significant effect on the outcome of the election, and only through an informed electorate an individual citizen understand how to match what they want to happen with what they should put down on the ballot, and the only way to do this is to have clear election rules and procedures.
What does this have to do with open source software? Everything. Just the way democracy requires transparency in the voting system it uses to select leaders, it also requires transparency in the tools used in that system. No piece of software is ever perfect; it always contains bugs and quirks that have a real outcome on performance. When this software is used in democracy elections—elections that are dependent on transparency—that software must have transparency as well. It is for this reason that experts like Bruce Schneier have been adamant for almost a decade that one tool in e-voting, electronic voting machines, must be “open to public scrutiny.” It’s hard to argue that a system is unfair when we can see how it works.
For a decade, some makers of e-voting machines have resisted calls for them to release their source code. They argue releasing the code would expose their systems to security risk. The reality is that it would expose their product to criticism. The end result is that in elections using closed source electronic voting machines, voters can see a politician’s policy position, speeches, past performance, often even personal finances—but when it comes to how votes are actually tabulated, citizens have no right to see. This is antithetical to democracy.
Openness is a requirement of democracy, from the laws and voting procedures to the tools used to count the votes. This is why closed source e-voting systems are one of the greatest vulnerabilities of democratic governance. The reality is, Internet-based voting is only going to become more prevalent in the future. It’s clear why Estonia’s release of their source code is so important. It is a democratic state clearly announcing: this is how we rule ourselves, and this is how we make our voices count.
Chris R. Albon is a political scientist and writer on the global politics of science and technology. Chris earned a Ph.D. in Political Science from the University of California, Davis. He blogs at ChrisRAlbon.com.
Illustration by Fernando Alfonso III