Impact of previous cyber security issues on elections

This assignment will focus on the use of blockchain in managing various aspects of business and life that use personal identifying information. The new technology of blockchain is regarded as a revolution in recording system. The idea can now be implemented in creating any trustworthy record. Several industry minds have defined blockchain technology as a “magic beans” (Hanifatunnisa and Rahardjo 2017). The use cases of blockchain can be divided into two parts: blockchain as a system record and blockchain as a platform. As system record, the use cases are healthcare, asset tokenization, data management at organizational level as well as recording digital identity (Kovic 2017). As a platform, blockchain can be used for smart contracting, for automated governance, for markets and for streamlining of settlement and clearing (Yu et al. 2018). The following paragraphs will enlighten on a particular use case of blockchain and critically evaluate the pitfalls of the previous technology and describe how blockchain technology will help in resolving the issues.

1. Blockchain for securing elections:

Malicious persons who altered databases of voter registration and infiltrated voting machines have always threatened the process of election (Yu et al. 2018). Therefore, election security has become vulnerable to attacks. Malicious actors targeted hacking voting machines (Noizat 2015). Apart from hacking, the machines there are several weak points in the election process that can be exploited by the bad actors (Osgood 2016). Therefore, the entire election process needs to be secured. Electoral process consists of five main vulnerable parts as mentioned below:

• Reporting systems in election
• Audits involved in post-elections
• Voting machines and tabulation systems
• Information warfare
• Electronic databases of voter registration

The entire election process is broken down into three parts and each part consist the security vulnerabilities.

The reasons behind performing such malicious actions are unrest between two parties in a city or country. The opponent party always perform wrong activities in election so that the ruling party never wins. The malicious actions performed are altering voter’s information, hacking voting machines and capturing ballot boxes (Yu et al. 2018). When opponent party hacks voting machines then they alter votes polled such that outcome of the election is affected. Wrong election outcome might create political unrest in the city as well as in the country. These actions are mainly performed for winning a position or post. The urge to rule a city or a country forces the party to take such actions that has adverse effect on the society. Opponent party finds weak points of the ruling party and try to exploit those. This is highly unethical act that breaches the General Data Protection Regulation. Therefore, blockchain should be used in managing security aspects of election.    

In pre-election stage, a political opinion is formed by a voter that is bombarded by political disinformation campaigns. As a next step, the voter enters his name in database of voter registration from where hackers breach voter information and alter records.

In this stage, the voter might not be identified in the polls as databases has been altered. If the voter is able to cast his own ballot, then the hackers might change the voting machines that would again lead to security breaches (Susskind 2017). The vote casted by the voter would be miscounted by hacked tabulation system.

Reasons behind such malicious actions

As a final step of the electoral process, the winner of election is declared where malicious actors can use compromised reporting systems to spread alternative results (Yu et al. 2018). As a result, post-election audit would be carried out in response to dispute over election’s integrity that is vulnerable to inaccuracy.

Security breaches that is carried out while hacking voting machines spreads not only in one system however to the entire class of systems. 

Blockchain has some fundamental characteristics that makes it capable for securing elections. The characteristics are immutability, transparency and accountability (Kiayias et al. 2017). Some authors argue that blockchain has the capability of improving security and increase participation of the voters. Whereas some election and cybersecurity experts argue that it only increases complexity of the electoral process and provides same security as other internet connected electoral systems (Susskind 2017). Leaving these arguments behind, a number of projects in the world have started laying foundation for blockchain-based electoral systems.

Blockchain technology supports cryptographic techniques that help in ensuring sources of digital content (Wu 2017). A unique cryptographic identifier that is stamped is only consumed by the voters which when crosschecked with blockchain immutable record can prove the source of media (Ali et al. 2016). If media do not contain an identifier then it is considered as less trustworthy.

The immutable ledger of blockchain will help in recording voter information as well as record digital votes for tabulation (Ayed 2017). Blockchain technology uses biometrics like face and iris data for recognizing a voter and matching him with the digital identity stored in the government databases (Hanifatunnisa and Rahardjo 2017). If any breaches occur during the electoral process if can be detected through this process. Therefore securing Personal Identifying Information of the voters in government voter registration databases.

Election officials in addition with individual voters will have the authority to audit outcome of the election on a public blockchain. Some blockchain technology experts claims that blockchain voting startups like Voatz and Votem will give the authority to voters to check and verify their own votes (Faour 2018). However, blockchain opponents claim that post-election audits can be accomplished more simply in some other ways. For example, the risk-limiting audits that are designed to limit resource amount needed for proving election integrity.

1. Governance Strategy proposal that manages the GDPR aspects in blockchain electoral process:

The European Union (EU) formalized a new legal framework in 2016 known as the General Data Protection Regulation. The regulation came into effect from 28^th May, 2018 (Ayed 2017). The business operations as well as organizations that will fail to comply with GDPR would be subjected to financial penalties of more than 4% of their annual turnover or 20 million Euros (Ali et al. 2016). The regulation is applicable for every individual living in European Union. It is concerned for the following two aspects:

• Processing personal information of any individual residing in European Union.
• Free movement of personal information and data of any individual residing in European Union. 

Previous electoral processes were vulnerable to security issues (Zyskind and Nathan 2015). This was due to the fact that Personal Identifying Information (PII) such as name, address, age and phone number as mentioned in the general data protection regulation were easily available to hackers (Faour 2018). Therefore, the hackers altered information of voters to change outcome of the election. The voting machines were hacked to poll their own votes (Zyskind and Nathan 2015). Therefore, according to GDPR personal data belonging to individuals residing in European Union were processed and moved without the consent of the individual thereby breaking the GDPR aspects. 

Pre-election

In blockchain electoral process, cryptographic techniques are used so that personal information belonging to any individual is not easily displayed to hackers. Blockchain ledger securely records and stores personal data of various voters (Ali et al. 2016). This will reduce the probability of hacking voting machines and voter registration databases. The tabulation system also will not be tampered. The public blockchain will involve the voter itself in post-election audits thereby making the electoral process transparent to voters. This will lead to high election integrity and accuracy.

Therefore, blockchain technology has proven itself to comply with GDPR aspects for election process.

Conclusion:

From the above discussions, it can be concluded that election process have been vulnerable to security issues from the past. Hacking voting machines, capturing ballot boxes, tampering with tabulation systems of vote result in low election integrity and accuracy. These actions might go against the General Data Protection Regulation. Personal Identifying Information of people that needs to be stored to identify individuals during elections were being hacked and altered by malicious actors, thereby going against the GDPR aspects. These problems can be resolved by using blockchain for securing personal information of the voters. The features of blockchain that makes it beneficial for securing data are transparency, immutability and accountability. The feature of transparency is achieved by giving individual voters the authority to check their own votes. Therefore, the votes polled by the voters will be counted before displaying the outcome of electoral process thereby following the General Data Protection Regulation. An immutable ledger is used by the blockchain to store information of voters. It stores data securely such that it cannot be altered without the consent of voter. Various cryptographic techniques are used by blockchain to resolve cyber security issues.

Ali, M., Nelson, J.C., Shea, R. and Freedman, M.J., 2016, June. Blockstack: A Global Naming and Storage System Secured by Blockchains. In USENIX Annual Technical Conference(pp. 181-194).

Ayed, A.B., 2017. A conceptual secure Blockchain-based electronic voting system. International Journal of Network Security & Its Applications, 93.

Faour, N., 2018. Transparent Voting Platform Based on Permissioned Blockchain. arXiv preprint arXiv:1802.10134.

Hanifatunnisa, R. and Rahardjo, B., 2017, October. Blockchain based e-voting recording system design. In Telecommunication Systems Services and Applications (TSSA), 2017 11th International Conference on(pp. 1-6). IEEE.

Kiayias, A., Russell, A., David, B. and Oliynykov, R., 2017, August. Ouroboros: A provably secure proof-of-stake blockchain protocol. In Annual International Cryptology Conference(pp. 357-388). Springer, Cham.

Kovic, M., 2017. Blockchain for the people: Blockchain technology as the basis for a secure and reliable e-voting system.

Noizat, P., 2015. Blockchain electronic vote. In Handbook of digital currency(pp. 453-461).

Osgood, R., 2016. The Future of Democracy: Blockchain Voting’. COMP116: Information Security.

Susskind, J., 2017. Decrypting Democracy: Incentivizing Blockchain Voting Technology for an Improved Election System. San Diego L. Rev., 54, p.785.

Wu, Y., 2017. An E-voting System based on Blockchain and Ring Signature.  University of Birmingham.

Yu, B., Liu, J.K., Sakzad, A., Nepal, S., Steinfeld, R., Rimba, P. and Au, M.H., 2018, September. Platform-independent secure blockchain-based voting system. In International Conference on Information Security(pp. 369-386). Springer, Cham.

Zyskind, G. and Nathan, O., 2015, May. Decentralizing privacy: Using blockchain to protect personal data. In Security and Privacy Workshops (SPW), 2015 IEEE(pp. 180-184). IEEE.6CC517 Sustainable Information and Corporate Governance