The NGO Campaign on the Security of E-voting Machines in the Netherlands
Last updated on December 17, 2013
The Netherlands’ experience provides an example of the challenges that can arise when EMBs, political parties, civil society and other stakeholders do not pay adequate attention to the integrity and security of electronic voting and counting technologies.
In the summer of 2006, a number of computer experts in the Netherlands launched a group called “We Do Not Trust Voting Computers” (“Wij vertrouwen stemcomputers niet”) to publicize their concerns about the security of electronic voting machines and their lack of auditability mechanisms. The use of electronic voting machines was already widespread in the Netherlands, although Amsterdam introduced them for the first time during municipal elections in spring 2006.
The campaign set up a website (http://wijvertrouwenstemcomputersniet.nl) and sought to further investigate the use of electronic voting computers through freedom of information requests. The requested documents revealed a number of security flaws in the voting machines, as well as the extent to which the election process had been outsourced to technology suppliers. The campaign posted the documents on its website, generating controversy with the technology suppliers who claimed the documents included confidential information. The controversy brought increased media attention to the campaign.
The campaign received widespread national exposure in early October 2006 when its experts appeared in an investigative television news program demonstrating the security flaws of the voting machines. The program showed the experts replacing the memory chip in a voting machine in less than five minutes, allowing them to manipulate the results of a mock election; later they reprogrammed the machine to play chess. The report also raised serious questions about the physical security of the machines while in storage and during transport, the testing of machines and the adequacy of the regulatory framework. The campaign released a security analysis at the same time detailing the vulnerabilities identified by the experts, including the possible detection of radio emissions outside polling stations that could compromise the secrecy of the vote.
Following government testing of the machines and an independent review of the election process (see Figure 26, “Re-evaluation of the Use of Electronic Voting Machines in the Netherlands” below), the Dutch Parliament withdrew the enabling legislation for electronic voting in October 2007, returning the country to nationwide paper balloting for the first time in over 40 years.