Cybersecurity for Elections
A Commonwealth Guide on Best Practice
Contributors: Commonwealth Secretariat
Publication date: 1 May 2020
ISBN: 978-1-84929-192-7
Pages: 160
Since the 1990s, Internet-connected devices have become an integral part of day-to-day life for many in the Commonwealth, including for election-related activities. However, during each phase of contemporary elections, the direct and indirect use of computers and other technology introduces a range of risks to electoral integrity.
This guide explains how cybersecurity issues can compromise traditional aspects of elections, such as verifying voters, counting and casting votes, and announcing results. It also explores how cybersecurity interacts with the broader electoral environment, including data management by candidates and parties, online campaigns, social media, false or divisive information, and e-voting. Unless carefully managed, all of these cybersecurity issues can present a critical threat to public confidence in election outcomes — the cornerstone of democracy.
To help Electoral Management Bodies (EMBs) manage cybersecurity risks, this guide describes principles for electoral cybersecurity as well as specific organisational recommendations that can be adapted as required. It additionally signposts an array of more detailed materials that can help with specific technical, social, or regulatory challenges.
This guide explains how cybersecurity issues can compromise traditional aspects of elections, such as verifying voters, counting and casting votes, and announcing results. It also explores how cybersecurity interacts with the broader electoral environment, including data management by candidates and parties, online campaigns, social media, false or divisive information, and e-voting. Unless carefully managed, all of these cybersecurity issues can present a critical threat to public confidence in election outcomes — the cornerstone of democracy.
To help Electoral Management Bodies (EMBs) manage cybersecurity risks, this guide describes principles for electoral cybersecurity as well as specific organisational recommendations that can be adapted as required. It additionally signposts an array of more detailed materials that can help with specific technical, social, or regulatory challenges.
Contents
Acknowledgements
List of Figures
List of Boxes
Abbreviations and Acronyms
About the Authors
1. Introduction
1.1 The increasing vulnerability of electoral systems
1.2 The electoral cycle
1.3 The Commonwealth context
1.4 Relevant organisations and regulatory frameworks
2. Cybersecurity Across the Electoral Cycle
2.1 Election activities across the electoral cycle
2.2 Overarching features of direct threats
2.3 Planning and logistics
2.4 Electoral rolls
2.5 Campaigning
2.6 Voting
2.7 Communication of results
2.8 Auditing and challenging results
3. Overarching Best Practices for Secure Elections
3.1 Holistic action
3.2 International co-operation
3.3 Cybersecurity risk management
3.4 Privacy and data protection
3.5 Electoral campaigns, interference and disinformation
4. Principles and Recommendations
4.1 Democratic self-determination
4.2 International law and co-operation
4.3 Strengthening the use of ICTs for elections while enhancing their security
4.4 Non-discrimination
4.5 Conclusion
List of Figures
List of Boxes
Abbreviations and Acronyms
About the Authors
1. Introduction
1.1 The increasing vulnerability of electoral systems
1.2 The electoral cycle
1.3 The Commonwealth context
1.4 Relevant organisations and regulatory frameworks
2. Cybersecurity Across the Electoral Cycle
2.1 Election activities across the electoral cycle
2.2 Overarching features of direct threats
2.3 Planning and logistics
2.4 Electoral rolls
2.5 Campaigning
2.6 Voting
2.7 Communication of results
2.8 Auditing and challenging results
3. Overarching Best Practices for Secure Elections
3.1 Holistic action
3.2 International co-operation
3.3 Cybersecurity risk management
3.4 Privacy and data protection
3.5 Electoral campaigns, interference and disinformation
4. Principles and Recommendations
4.1 Democratic self-determination
4.2 International law and co-operation
4.3 Strengthening the use of ICTs for elections while enhancing their security
4.4 Non-discrimination
4.5 Conclusion
Browse subjects
- Agriculture Expand or collapse me
- Democracy and elections Expand or collapse me
- Debt and finance policy
- Economic development Expand or collapse me
- Education, gender and health Expand or collapse me
- Law and human rights Expand or collapse me
- Oceans and natural resources Expand or collapse me
- Public administration and governance Expand or collapse me
- Small states Expand or collapse me
- Sport for development and peace
- Taxation
- Trade Expand or collapse me
- Youth policy
