Cybersecurity for Elections

A Commonwealth Guide on Best Practice

Paperback: £45.00

Cybersecurity for Elections

Publication date: 1 May 2020
ISBN: 978-1-84929-192-7
Pages: 160

Since the 1990s, Internet-connected devices have become an integral part of day-to-day life for many in the Commonwealth, including for election-related activities. However, during each phase of contemporary elections, the direct and indirect use of computers and other technology introduces a range of risks to electoral integrity.

This guide explains how cybersecurity issues can compromise traditional aspects of elections, such as verifying voters, counting and casting votes, and announcing results. It also explores how cybersecurity interacts with the broader electoral environment, including data management by candidates and parties, online campaigns, social media, false or divisive information, and e-voting. Unless carefully managed, all of these cybersecurity issues can present a critical threat to public confidence in election outcomes — the cornerstone of democracy.

To help Electoral Management Bodies (EMBs) manage cybersecurity risks, this guide describes principles for electoral cybersecurity as well as specific organisational recommendations that can be adapted as required. It additionally signposts an array of more detailed materials that can help with specific technical, social, or regulatory challenges.

ContentsExpand or collapse me

List of Figures
List of Boxes
Abbreviations and Acronyms
About the Authors

1. Introduction
1.1 The increasing vulnerability of electoral systems
1.2 The electoral cycle
1.3 The Commonwealth context
1.4 Relevant organisations and regulatory frameworks

2. Cybersecurity Across the Electoral Cycle
2.1 Election activities across the electoral cycle
2.2 Overarching features of direct threats
2.3 Planning and logistics
2.4 Electoral rolls
2.5 Campaigning
2.6 Voting
2.7 Communication of results
2.8 Auditing and challenging results

3. Overarching Best Practices for Secure Elections
3.1 Holistic action
3.2 International co-operation
3.3 Cybersecurity risk management
3.4 Privacy and data protection
3.5 Electoral campaigns, interference and disinformation

4. Principles and Recommendations
4.1 Democratic self-determination
4.2 International law and co-operation
4.3 Strengthening the use of ICTs for elections while enhancing their security
4.4 Non-discrimination
4.5 Conclusion