This year’s conference, under the title “Next Generation Society: Technological and Legal issues”, will explore the following questions: Is our society ready to adopt the technological advances in ubiquitous networking, next generation Internet, and pervasive computing? To what extent will it manage to evolve promptly and efficiently to a Next Generation Society, adopting the forthcoming ICT challenges? In this respect, several topics will be addressed, covering both technological and legal-sociological aspects.

For more information visit https://www.e-democracy2009.gr.

Democratic societies of today face the challenge of upgrading public dialogue and reinforcing citizens’ participation in decision making, thus passing from an e-government to an e-governance model. eVoting is an important aspect of this effort, while at the same time is one of the most controversial issues at a technological, political and social level. A basic precondition for the maturity and acceptance of eVoting systems is the establishment of trust for their users.

The concept of public trust

Public trust is a complicated and hard to formalize concept with social and also philosophical extensions. It can be viewed as a social property based on interactions among a set of different entities and hence can be established only if all entities are persuaded that a situation or a system satisfies specific properties of trust. A more pragmatic view of trust maybe as follows:

Trust of an entity A in a service X is the measurable belief of A in that X will behave dependably for a specified period within a specified set of principles and rules.

In the eVoting domain, entity A is the voter and service X is the eVoting system. The term “dependably” refers to the ensuring of the basic requirements which apply to both electronic and conventional voting, such as democracy, secrecy, fairness, verifiability, etc. Under this view, the management of trust is the effort to translate, specify and incorporate these requirements in the system, in a completely transparent way that will allow for verification by everyone.

Transparency is probably the biggest advantage of traditional voting systems. In electronic systems though, it is not easy for someone to comprehend precisely how they work, since one does not know how the computer operates internally. Especially when such systems operate as black boxes (e.g. to protect intellectual property rights) it is not possible to establish a minimum acceptable transparency level. This means that, as in many information systems providing e-services, the property of trust is mostly based on the reputation of the eVoting system developer or operator (e.g. the State).

Open Source software and transparency

Any eVoting system should be a democratic system. This implies that it should be open to scrutiny by everyone. Of course, the majority of people lack the e-skills required to validate the design soundness or to assess test results. However, they may be motivated by others who are experts.

The most natural way to achieve this is to use open source software in the development process of an eVoting system, using a model/procedure similar to the one described hereafter:

A group of developers implements the system and subsequently distributes it for free use by all, e.g. through the web. In addition, if the development process is combined with typical design methods and risk analysis techniques, as opposed to ad-hoc system design, the result will be an extended documentation of all design and development details. The software is open and extendable and allows the easy incorporation of new protocols.

Expert programmers from around the world may download the software, execute it and identify and fix potential security flaws. Various user communities (e.g. blogs) may test the software and provide feedback to the open source community for possible modifications, refinements and improvements that might ensure ease of use and thus greater user acceptance.

Scientists and security professionals may check the documentation thoroughly and provide mathematical evidence for the security and the scientific soundness of the system (e.g. quality and length of cryptographic keys). The State or other authorities may organize open calls for attackers who will in turn help the system mature and become more robust.

This mobilization of an international community actually creates added value for the system. This approach may require fairly long time but is an open and democratic procedure, fully compatible with the character of voting. What is more, the adoption of an open source model ensures independence from specific vendors and offers lower costs in relation to commercial software.

How safe is the use of open source?

The usual critique against using open source in eVoting is that the provision of an open system to malicious users may make it an easy target for attacks. However, after the maturity stage, one expects that the system will be secure and robust against such attempts. Just to set an example, Linux kernel, Apache server and openVPN, are among the most secure open source systems. The AES algorithm that substituted DES was the result of an open contest, its source code was published and analysed for a long time, it was approved by the National Security Agency, and was the first to be openly released for use by everyone. Many cryptographic libraries have been developed based on the open source model and are freely distributed over the web.

Similar examples also exist in the eVoting domain, the example of Australia being the most characteristic. In Australia, the eVoting system used in ACT election on October of 2001 was developed by a private company but subsequently, the source code was opened to public, which led to the identification of some problems that needed to be fixed.

Conclusion

The use of open source software in eVoting systems, together with an effort for free distribution to the widest possible community, can substantially increase the transparency and trustworthiness of the system and facilitate its social acceptance. Other issues that emerge, such as who is the owner of the system, to what extent are commercial interests harmed by the use of open source and whether an equilibrium condition may be found, should be encountered at a different level (e.g. at State level) and out of the scope of the open source model.

Web Science Conference 2009 (https://www.websci09.org/), is the 1st international conference on Web Science and is dedicated to the presentation of research into society on the Web.

WebSci’09 will be held on March 18-20, 2009, in Athens, Greece.

During the WWW Forum, which is the opening event of the conference, Tim Berners-Lee, inventor of the Web and top agenda setter will discuss with the public and famous scientists and politicians the following themes:

• Web Science and Research
• Web Technology and Practice
• Web for Society

Although significant eVoting initiatives have taken place in several countries (e.g. national elections in Estonia, Switzerland, etc.), eVoting is far from being fully accepted. It is still a highly controversial issue in the minds of politicians and citizens, raising a lot of critique, while several incidents of misconduct (e.g. in USA or in UK) further harm citizens’ trust and increase wariness.

On the other hand, other critical eGovernment applications (such as tax payment applications or financial transactions) seem to be well established and accepted by the public, despite the fact that they also involve sensitive personal data and that they are supported by similar underlying technologies.

Further research on this diverse degree of acceptance of the two electronic services could provide valuable insight on the factors that affect eVoting acceptance and could reveal new approaches towards successful initiatives. This research would be multidisciplinary, involving areas of technology, political sciences, sociology, psychology, etc. Some thoughts are presented here as a starting point for further discussion.

eGovernment applications cover everyday needs of citizens, returning immediate and tangible benefits (time saving, ease of use). As a result, citizens are highly motivated to use them, even putting aside their potential reluctance. On the other hand, in the case of eVoting, the benefits are mostly for the government (cost saving) or the society in general (increased participation), thus only indirectly affecting the citizen.

What is more, eGovernment applications are longer established, more mature, and people are more familiar with them.

Cautiousness against voting (and hence eVoting) procedures is further increased when considering their global impact, affecting the society as a whole and not only individuals.

Another influential factor is that voting procedures occur less frequently and attract huge attention (by people, politicians, media). Cases of misconduct are also highly publicized. On the contrary, eGovernment transactions occur on a daily basis and are smaller-scale by nature.

After all, maybe in the minds of citizens, their vote is more critical and sensitive than financial data.

Bearing these considerations in mind, some approaches towards increasing eVoting acceptance could involve:

• Wide promotion and dissemination of the proven technological excellence of a system as well as the organizational procedure foreseen, in order to convince the public for the sound operation and running of the whole voting procedure.
• Emphasis on specific aspects of an e-service that seem to affect the users’ trust, for example clear presentation of privacy protection policy or possibility of direct contact with person responsible.
• Awareness raising, with a two-fold aim:

• Familiarization with the concepts of participation in common matters.
• Familiarization with existing tools and technologies but also existing risks and ways of protection. A first step could involve familiarization with the plethora of eVoting or e-participation tools that are available online.

To conclude, one of the major challenges of successful eVoting initiatives, apart from working on technological solutions to meet voting requirements, is to increase public trust and acceptance. To this end, a gradual and multi-faceted approach should be followed.

by Anastasia Panagiotaki, eGov Sector, Computer Technology Institute

The Research Academic Computer Technology Institute (CTI) is a non-profit National Research Organisation under the supervision of the Hellenic Ministry of Education. The Institute’s goals are:

- to conduct basic and applied research concerning hardware and software technology, networks and the socio-economic impact of Information Society,

- to design and develop products and services, to support all forms of ICT, education and training in relation to the Information Society, – to provide consulting, management and technical support services, – to promote innovation and transfer of know-how.

CTI executes 25 projects annually on average, financed by the EU and national actions. CTI has also worked as a technical consultant for numerous Ministries for information and telecommunication technologies, in the Greek Public Sector, having therefore significant expertise in the use of ICTs in decision-making processes.

CTI has a modern technical infrastructure, a complete organisational set-up and a remarkable scientific staff of 210 people: experienced researchers, faculty members, computer engineers and technicians, other domain experts, postgraduate students and administrative staff.

CTI’s e-Government Sector (www.teg.cti.gr) is active in a wide range of areas concerning electronic governance:

- Electronic Democracy and security/trust methodologies with emphasis on electronic voting systems.

- Digitization, documentation, management and promotion of content.

- Language processing infrastructures and tools for effective information management

- Enterprise resource management systems, back-office reorganization and web services

Recently, eGov Sector has designed and developed an internet e-voting system, within a national research project.

For more information please visit: www.cti.gr

INSERT_MAP