At the latest with the occurrence of corona, the question of IT security in virtual voting has become even more important. We are repeatedly being asked how we protect the data of eligible voters and improve the security of voting. So we put the question to somebody who should know: Our colleague Vasko Hristov has been a member of the POLYAS data protection team for a long time and is an expert on IT security.
An association decides to carry out an online vote with POLYAS during corona. But what about the IT security, and what happens to the data during virtual voting? Where is the data stored with POLYAS?
We take the protection of personal data very seriously. For this reason, the data of eligible voters are stored exclusively on the servers of certified data centers in the EU. In general, access authorizations are restricted according to a role concept.
Who can see who or what voters voted for?
Nobody. When the ballot papers land in the ballot box, they contain absolutely no personal data. After successful authentication on the POLYAS voting system, the identity of eligible voters is anonymized using a token. The consequence of this is that, in a secret ballot, it is impossible to infer how individual voters voted. Election officers can only see who has voted.
Which data does POLYAS collect during online voting?
POLYAS basically works on the principle of data minimization. That means that you only collect data that is absolutely necessary for the correct implementation of your election or live voting. These are:
- Identification data (e.g. voter ID and password)
- An indication of who has cast a vote
- The ballot paper, but without any means of inferring any further data
The ID data and the details of who voted are used exclusively to ensure one-time voting and to determine your voter turnout.
At no time does even the election organizer have any way of discovering any individual’s voting choice.
How does POLYAS secure customer and voter data?
As soon as we receive plain text that contains sensitive or personal data, this is converted into an illegible character string (ciphertext) with the help of encryption. We also delete the data after the expiry of statutory deadlines in order to reduce the risk of unauthorized access.
The voting system itself encrypts the ballot papers within the voters’ browsers. The vote is securely transmitted to POLYAS via TLS connections and is saved to the ballot box in encrypted form. This end-to-end encryption is used in all POLYAS voting systems.
Decryption after the virtual voting is performed using cryptographic shuffling methods, which makes external manipulation impossible.
Which security risks can be reduced with POLYAS?
One possible attack vector is the use of malicious software on the end device. If this risk is classified as high, POLYAS offers verification methods with alternative devices. For example, a vote cast per laptop can be cross-checked with a smartphone. Furthermore, we always recommend that you keep the operating software and browser version up-to-date so that known software vulnerabilities have been solved by the manufacturer.
What do election officers have to consider to ensure compliance with data protection and data security during the online voting?
When setting up the electoral roll in the POLYAS Online Voting Manager, you should ideally ensure that you only use data about the eligible voters that is really necessary for carrying out the election.
You should also ensure that the e-mail addresses to which election invitations are sent are up to date.
And last but not least: Restrict access to your election configuration in the POLYAS Online Voting Manager to as few users as possible. We also advise you to use two-factor authentication for your account. You can find this function in your profile.
What is the minimum number of members for IT security to be worthwhile?
There is no lower limit for protecting sensitive data. This includes everybody, from small to large associations, universities, companies, municipalities, and even major political parties. POLYAS ensures that everyone can hold an online general meeting even during corona. So there is no specific number of members that an association, company or party should have before carrying out an election with us.
Would you like to conduct online voting with POLYAS? This way >