Online elections in Germany

in #germany3 years ago

The German Federal Office for Information Security recently specified security requirements for the conduct of online social security elections, no not Bundestag elections. One day earlier, the Federal Ministry of Health had presented the "Ordinance on the technical and organizational requirements for conducting an online election as part of the model project, which came into force yesterday, October 1, 2020. It is intended to enable eligible voters in the 2023 social security elections to cast their votes online as an alternative to postal voting.

Concrete requirements for security

First of all, security-relevant topics such as the establishment of an information security management system (ISMS), current cryptographic methods for encryption, electronic signatures and time stamps as well as trust services are dealt with. In addition, the directive lists potential attack vectors, ranging from manipulating voters' registers, distributing malicious code, falsifying results, influencing voters and much more. The further structure of the guideline systematically works through the individual steps of an election with concrete guidelines - preparation, execution, determination of the election result and follow-up.

In the social security elections, which take place every six years, the members of the administrative boards of the statutory health insurance funds are determined. Until now, these elections have been held exclusively by letter. According to the Online Election Ordinance, making digital voting possible is "an important signal for the increasing digitization of the healthcare system". It also offers the opportunity "to strengthen the interest of voters in social self-administration, to open up new groups of voters and thus increase overall voter turnout. However, this would require the fulfillment of high security requirements.