Finnish Court Dismisses E-Voting Result

← Back to Stories (view on slashdot.org)

Finnish Court Dismisses E-Voting Result

Posted by kdawson on Saturday April 11, 2009 @09:02AM from the go-back-jack-do-it-again dept.

wizzor writes in with a follow-up on the Finnish municipal election in which 2% of the votes were lost by a defective e-voting system, and which the Helsinki Administrative Court had found acceptable. Now the Supreme Administrative Court of Finland has rejected the election results (original in Finnish; bad Google translation here) and ordered the election to be re-run. The submitter adds, "Apparently 98% of the votes isn't enough to determine how the remaining 2% voted, after all."

114 comments

Min score:

Reason:

Sort:

2% were lost... by Mishotaki · 2009-04-11 09:04 · Score: 5, Insightful

If 2% of the votes were lost, how many were incorrect or not registered properly? If the system can lose votes, it can very easily put them for the wrong person as well...
1. Re:2% were lost... by gringofrijolero · 2009-04-11 09:14 · Score: 4, Funny
  
  Depends how well they were "calibrated"...
  
  --
  Todos mis movimientos están friamente calculados
2. Re:2% were lost... by Jurily · 2009-04-11 09:20 · Score: 2, Insightful
  
  If 2% of the votes were lost, how many were incorrect or not registered properly? If the system can lose votes, it can very easily put them for the wrong person as well...
  All of them. The voting device had serious usability issues, enabling people to get out of the booth without registering the vote.
  
  Re:Usability Glitch? (Score:5, Insightful)
  by Antique Geekmeister (740220) on 2008-10-29 8:47 (#25552091)
  The card should have been locked into the machine until the voter said 'OK' or cleared the screen, and locked it in with an alert and a deactivation warning if the person left the booth without doing either. Anyone can get confused about simple directions for an entirely new system. How many of us have tried to walk away from an ATM with our card still in it because we were distracted?
3. Re:2% were lost... by caliburngreywolf · 2009-04-11 10:14 · Score: 5, Insightful
  
  In the USA, there is often a dramatic difference between early morning voters (usually elderly or thos who work in schools) Mid-day voters (usually unemployed or work non-standard hours) and evening voters (usually work a regular day job) if the 2% was spread out evenly over space and time, representing a random sample, inference is acceptable, but if it represents, let's say, the several thousand factory workers who voted right after work in a district that is abuzz with fervor for a new labor-friendly candidate...yeah, you can't base that 2% of the other 98%
4. Re:2% were lost... by bioglaze · 2009-04-11 16:08 · Score: 1
  
  In this case the error was evenly distributed, because it was caused by bad UI design. The voters could pull off the card before they finished their voting process.
  
  --
  Who is John Galt?
5. Re:2% were lost... by Fulkkari · 2009-04-11 17:30 · Score: 1
  
  If 2% of the votes were lost, how many were incorrect or not registered properly? If the system can lose votes, it can very easily put them for the wrong person as well...
  
  As far as I know, the reason why votes were lost was that the voting system had a very bad UI. For the vote to be registered, you had to push an OK-button more than once *) - something that wasn't that apparent, and which all users did not understand to do. Also, when then removing the voting card from the machine, no indication was given if the vote was registered or not. This caused votes to be lost simply by a bad UI design, which could be fixed later on.
  *) Having a confirm button is good, but the system should in that case clearly indicate that the voting is still in progress.
  
  --
  I demand the Cone of Silence!
6. Re:2% were lost... by wizzor · 2009-04-11 18:37 · Score: 1
  
  The system required the user to insert an electronic ID card, input the candidate number and select OK. After this the system would display candidate information again, and to confirm the vote, the user would have to hit OK again. Apparently what happened was, some users instead removed the ID card prematurely, thus causing their votes not to be cast. So I disagree on your point about the system potentially casting the vote to the wrong candidate, but of course we can't be quite sure, as the internal workings of the system were declared a "trade secret".
7. Re:2% were lost... by Fluffy+Bunnies · 2009-04-11 19:36 · Score: 1
  
  In Finland, elections are held on Sundays so this argument does not apply.
8. Re:2% were lost... by Anonymous Coward · 2009-04-11 20:34 · Score: 0
  
  > If the system can lose votes, it can very
  > easily put them for the wrong person as well...
  The lossage was mostly due to people not hitting a "confirm" button after entering the candidate's number. That does not cause votes to go to wrong candidates.
  2% lossage is low compared to pen and paper voting. And I'd guess the lost votes were more evenly distributed than mis-votes with pen and paper -- e.g. unclear writing of 1 vs 7 will stack for or against candidates with those numbers, while I don't see such bias in failure to press "confirm".
9. Re:2% were lost... by Anonymous Coward · 2009-04-11 21:34 · Score: 1, Insightful
  
  In Finland, average vote loss with pen & paper was around 0.5%
10. Re:2% were lost... by Anonymous Coward · 2009-04-11 21:50 · Score: 0
  
  This guy is right, I'm Finnish too. That voting system had ridiculously bad user interface. I thought that anybody with some common sense or experience with UI design could fart a better system than that.
  Whole thing would have been complete success without their completely stupid UI. This was supposed to be the future with jetpacks and stuff but we still fail to build a simple voting machine.
11. Re:2% were lost... by jate · 2009-04-11 22:26 · Score: 1
  
  According to the original sources (e.g. http://www.effi.org/blog/2008-10-28-finnish-evoting-votes-lost.html): It actually wasn't about losing registered votes, but about votes not getting registered because people pulled their smart cards out too early (insert joke here).
12. Re:2% were lost... by Eunuchswear · 2009-04-11 23:31 · Score: 2, Insightful
  
  In this case the error was evenly distributed, because it was caused by bad UI design.
  
  Uh, no
  You don't think there may be differences in how people who are "elderly or those who work in schools", "usually unemployed or work non-standard hours" and "usually work a regular day job" might react to bad UI design?
  (Using the categories proposed by GP).
  
  --
  Watch this Heartland Institute video
13. Re:2% were lost... by Anonymous Coward · 2009-04-11 23:34 · Score: 0
  
  In this case the votes were 'lost' because the user interface was poorly designed. Some voters didn't complete the voting process, because they didn't realize they had to press the final submit button.
  Also, this trial with electronic voting, was done only in 3 municipalities through out the country.
14. Re:2% were lost... by hydrofi · 2009-04-12 03:03 · Score: 1
  
  This glitch occured in Finnish municipality elections, where it is not uncommon to loose or win a seat with a margin of a few votes. In one of the municipalities, which trialed e-voting, a party could gain a seat with as few as 130 votes. More importantly, in the voting list sytem the people who actually go into the office (from their respective parties), is decided by their relative popularity on the party list. Therefore, even a single vote can easily (and commonly) change *who*, from the party gaining the seat, actually becomes a representative, and a bunch of votes could easily change the power-balance of the parties in a small municipality (and even decide if a minority party gets their single seat). No wonder most of the people who appealed to court were candidates who were a few votes short of gaining an office in the municipalities with problems.
What was the margin of victory? by TechwoIf · 2009-04-11 09:05 · Score: 0

If the margin of victory was greater then 2 percent, then it should be non-issue as far as who is in office. But it should be fixed for the next election.
1. Re:What was the margin of victory? by Quothz · 2009-04-11 09:12 · Score: 4, Informative
  
  If the margin of victory was greater then 2 percent,
  It was not, as best as I can tell from the translation:
  
  Kauniainen municipality electronically of the votes lost to two percent, and for missing votes in the number would have been enough change in the outcome of the elections.
2. Re:What was the margin of victory? by blind+biker · 2009-04-11 09:15 · Score: 4, Insightful
  
  In theory, because of the voting system used, 2% of the votes could have dramatic consequences. Of course, we'll never know because the votes are anonymous and the recipients secret, but if you think that quite a lot of candidates got in with just a few dozen of votes, you can clearly see how 2% could have determined a lot.
  
  --
  "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
3. Re:What was the margin of victory? by 99BottlesOfBeerInMyF · 2009-04-11 09:32 · Score: 2, Interesting
  
  If the margin of victory was greater then 2 percent, then it should be non-issue as far as who is in office. But it should be fixed for the next election.
  There were several issues here. First, according to some sources, a few elections were close enough that 2% may have made a difference. Second, the machines put in place did not have adequate safeguards against fraud or adequate ability to do accurate recounts. The former is enough to have to do one or two elections over, but the latter was such that the people running the elections were declared to have been potentially acting in bad faith and the equivalent of a constitutional right to equal voting was violated, requiring the process to be redone. It's sort of like throwing out a criminal case and all evidence involved when there is wrongdoing on the part of police, since you can no longer trust the other evidence in the case and as a way to discourage others from trying to profit by such actions in future.
4. Re:What was the margin of victory? by Anonymous Coward · 2009-04-11 09:36 · Score: 0
  
  In theory every winner who didn't have 2% margin of all votes WITHIN the party/list compared to first loser in the party/list could be replaced. The differences between the parties would theoretically be much more stable. See http://en.wikipedia.org/wiki/D%27Hondt_method
5. Re:What was the margin of victory? by Anonymous Coward · 2009-04-11 09:58 · Score: 3, Informative
  
  In municipal elections of Finland, each municipality chooses it's leaders. The amount of depends on the size of the municipality but in mine (Vantaa), there are 67 representatives for less than 200 000 people and not nearly everyone votes (it's closer to 100 000 people voting).
  Add to that that we use different system than the USA. The person who gets most votes within any given party gets all the votes given for that party. The person who would have gotten second most votes gets half of the votes given to the whole party, the next person gets one third... And each politicians votes counted like that they are put against each other and the people with most votes at that point get the seats.
  And we don't vote between two parties but a lot of them. In my municipality, there are representatives of 7 parties (and one chosen from outside party lists).
  So a few votes can often completely change what parties get to be in power AND which representatives get in.
6. Re:What was the margin of victory? by spire3661 · 2009-04-11 10:09 · Score: 1
  
  With an error so large in such a critical application, you cant be sure that 2% is the correct number. A flaw this large calls the entire result in question, as it rightfully should.
  
  --
  Good-bye
7. Re:What was the margin of victory? by an+unsound+mind · 2009-04-11 11:04 · Score: 1
  
  According to Sanoma sources, which in general are sufficiently reliable, especially in matters like this.
  In general, we can take it as a fact that the missing 2% could have changed the results of the election.
8. Re:What was the margin of victory? by Chandon+Seldon · 2009-04-11 14:46 · Score: 1
  
  If the margin of victory was greater then 2 percent, then it should be non-issue as far as who is in office. But it should be fixed for the next election.
  Unless you're actually serious about the importance of voting, in which case the response here is very simple: Throw out the invalid votes (all of them) and re-run the election.
  
  --
  -- The act of censorship is always worse than whatever is being censored. Always.
9. Re:What was the margin of victory? by tgv · 2009-04-11 19:52 · Score: 1
  
  It is the Supreme Court's task, at least in other countries, to set the rules for once and for all, not to address incidents. Based on the available evidence, it has decided that such voting problems are unacceptable *in general*.
10. Re:What was the margin of victory? by weicco · 2009-04-11 20:25 · Score: 2, Interesting
  
  And besides that is not even the point in my opinion. I was candidate in our municipality (but not in those in question) and I couldn't care less if one or two votes were missing. The issue I think is that we can now point our fingers and say "There, there is the problem. Now fix it!" and because this was forced on us by our goverment it is the goverment's job to fix the problem. So it is no matter if 1, 2, 3 or 50 percent of votes were lost. Just fix the damn problem and be done with it!
  Of course fixing the problem means re-election to those municipalities. This way we get back to the democratic way of voting which how law writers meant it to happen when they wrote our Vaalilaki (law about elections) minus those stupid e-voting changes that were made in 2006 by our former parliament (and promoted by Tuija Brax).
  
  --
  You don't know what you don't know.
how many coffin nails will it take? by mtrachtenberg · 2009-04-11 09:06 · Score: 5, Insightful

E-voting has had more lives than a cat. It should be over, done, kaput. An experiment that failed.
1. Re:how many coffin nails will it take? by Anonymous Coward · 2009-04-11 09:17 · Score: 2, Insightful
  
  It still amazes me that we put full trust (and R&D $$$) into electronic banking systems yet can't get the same technology to work for something as simple as counting votes.
2. Re:how many coffin nails will it take? by Jurily · 2009-04-11 09:26 · Score: 3, Insightful
  
  It still amazes me that we put full trust (and R&D $$$) into electronic banking systems yet can't get the same technology to work for something as simple as counting votes.
  "I consider it completely unimportant who in the party will vote, or how; but what is extraordinarily important is this--who will count the votes, and how." - J. Stalin
  Electronic voting does not have an inherent paper trail.
3. Re:how many coffin nails will it take? by Presto+Vivace · 2009-04-11 11:23 · Score: 1
  
  E-voting has had more lives than a cat. It should be over, done, kaput. An experiment that failed. Preach it brother, it amazes me that we put up with it. Verified Voting is trying to do something about it, for those who are interested.
4. Re:how many coffin nails will it take? by ctmurray · 2009-04-11 15:31 · Score: 1
  
  The alternative of paper ballots is not much more accurate. I am in Minnesota and we are still counting ballots 5 months later and have 312 votes separating the candidates out of 5 million cast. Devil in the details regarding absentee ballots. Sort of a MN version of hanging chads.
5. Re:how many coffin nails will it take? by ctmurray · 2009-04-12 14:58 · Score: 1
  
  Correction to my post. 3 million votes (not 5).
Banking doesn't usually require anonymity by Chmcginn · 2009-04-11 09:20 · Score: 4, Insightful

The problem with the electronic voting vs. banking comparison is that bank account have your personal information all over them. Votes, however, do not. If you gave up secret voting, you could likely make a 'secure enough' voting system, since anyone could check their own vote in the system.

--
Have you been touched by his noodly appendage?
1. Re:Banking doesn't usually require anonymity by Morten+Hustveit · 2009-04-11 10:08 · Score: 2, Informative
  
  If you gave up secret voting, you could likely make a 'secure enough' voting system, since anyone could check their own vote in the system.
  This is actually a solved problem. When you vote, you get a unique random sequence of characters. After the election is completed, a list of all votes is published. Next to each vote, the SHA1 sum of the voter's personal ID number concatenated with the random characters is listed. Example (truncated SHA1 sums):
  64038c437f2c republicans
  aea7fb41626d republicans
  86895065f81f democrats
  0ee79f4948b0 democrats
  The random characters are never stored by the voting system, only the resulting hash. Any one person can verify that his vote has been counted, because he knows his own random characters and resulting hash. No one can find out what anyone else voted, because they don't have the random characters.
2. Re:Banking doesn't usually require anonymity by Sheafification · 2009-04-11 10:12 · Score: 5, Informative
  
  If you gave up secret voting, you could likely make a 'secure enough' voting system, since anyone could check their own vote in the system.
  There's no need to give up on secret voting to get this. Thanks to advances in cryptography we can have secret *and* verifiable ballots. An example implementation can be found at Helios voting. Also, check out a description of a paper based system: Scratch and Vote [PDF]
3. Re:Banking doesn't usually require anonymity by GvG · 2009-04-11 10:16 · Score: 5, Insightful
  
  You could be forced by a third party to reveal how you voted (they would force you to give them your random characters and then they would be able to verify that you voted as you were told to.)
4. Re:Banking doesn't usually require anonymity by Anonymous Coward · 2009-04-11 10:18 · Score: 0
  
  Also, check out a description of a paper based system: Scratch and Vote
  So you scratch your ballot to find out who you voted for?
5. Re:Banking doesn't usually require anonymity by Naturalis+Philosopho · 2009-04-11 10:19 · Score: 1
  
  Great solution. Now explain how that works to my sister or my mom.
6. Re:Banking doesn't usually require anonymity by FailedTheTuringTest · 2009-04-11 10:19 · Score: 1
  
  Unfortunately this enables coercion and vote-selling, as does any system that gives the voter a receipt that can be linked to how they voted. An Evil Election Stealer can say, if you vote for candidate X, everything will be fine. But please tell us the code that the voting machine gave you, so we can be sure you did what we told you to do.
7. Re:Banking doesn't usually require anonymity by spanky+the+monk · 2009-04-11 10:26 · Score: 1
  
  Just hash everyones voter ID and match it with the result set. This is easy to brute force because there is only a small set of IDs to be hashed.
8. Re:Banking doesn't usually require anonymity by Morten+Hustveit · 2009-04-11 10:32 · Score: 1
  
  You don't need to. You just tell them to look up the hash in the local newspaper after the election (if they want to), and disregard the random numbers they got along with it. Other people will check that the hash matches the random number and social security number.
9. Re:Banking doesn't usually require anonymity by rkit · 2009-04-11 10:34 · Score: 1
  
  The real problem with electronic voting vs banking comparison is that banking has a completetly different aim: earning money.
  Electronic banking is not secure. Period. E.g. in 2008, in the U.K. online banking fraud caused losses in the order of 50 Million Pounds. However, the banks still make a profit. ("It's just the cost of doing business...")
  This kind of thinking is a bit problematic with voting.
  
  --
  sig intentionally left blank
10. Re:Banking doesn't usually require anonymity by rkit · 2009-04-11 10:41 · Score: 1
  
  Even if this works in theory, there may be flaws in the implementation. And even if implemented correctly, there may be issues with key management.
  But most importantly, for 99,9% of the voters, it is impossible to understand the system, let alone verify the actual vote. Therefore, it is just a matter of time (or money) before some manipulation by insiders takes place.
  
  --
  sig intentionally left blank
11. Re:Banking doesn't usually require anonymity by Razalhague · 2009-04-11 11:15 · Score: 1
  The appended random characters make that impossible. Consider if they used id + random = sum, all just plain integers, no hashing (which is approximately equivalent given large enough range for the random values, I think). You know every possible id and every resulting sum, but you still can't connect them because you don't know the random number added to the id.
  Here's the that would be data published: (in "sum -- voted for" format)
  
  18273 -- Mr. X
  38475 -- Ms. Y
  83744 -- Mrs. Z
  23876 -- Dr. W
  The voter IDs were 1, 2, 3, and 4. Please connect who voted who.
  However, it's easy for voter ID 1 to check that her vote (for Dr. W) registered properly, since she remembers the random number added to her ID number was 23875.
12. Re:Banking doesn't usually require anonymity by xZgf6xHx2uhoAj9D · 2009-04-11 11:29 · Score: 1
  
  "Verifiable" means you don't have to trust the implementation.
13. Re:Banking doesn't usually require anonymity by deraj123 · 2009-04-11 11:47 · Score: 1
  
  Hence the whole "If you gave up secret voting". So long as we agree that secret voting is necessary (and I would, in fact, agree to that), then this won't work as a solution for our voting problem. But your comment is largely irrelevant to the context in which this solution was presented.
14. Re:Banking doesn't usually require anonymity by Profane+MuthaFucka · 2009-04-11 12:03 · Score: 1
  
  You DO need to. The reason democracy works is because people believe in it, see it work, and can understand it.
  Things you believe in that you can't understand and can't see work are called RELIGIONS.
  
  --
  Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
15. Re:Banking doesn't usually require anonymity by Morten+Hustveit · 2009-04-11 12:05 · Score: 2, Insightful
  
  But most importantly, for 99,9% of the voters, it is impossible to understand the system, let alone verify the actual vote.
  To verify the system, only a small absolute number (not percentage) of people needs to verify it. Assume 1% of the votes are incorrect and 500 random (from the cheater's perspective) people verify their hashes. The probability that none of these are victims of a forged vote is 0.65%. If only 0.1% of the votes are tampered with, you need 5000 people to achieve a similar percentage.
  Your made up number of 0.1% of the people checking the hashes will thus be very resilient for voting populations greater than 500,000.
  As for preventing the insertion of fake votes, you need to publish a list of who voted, and compare the length of this list to the length of the vote list. This list can also be verified by random sampling.
16. Re:Banking doesn't usually require anonymity by Chandon+Seldon · 2009-04-11 14:44 · Score: 1
  
  "Verifiable" means you don't have to trust the implementation.
  But that raises the next question: Verifiable by who?
  Saying that there are some experts who can verify the proper execution of an election simply isn't good enough, at least not if you want to call that election "democratic". With paper ballots marked with pens and placed in a ballot box, any voter of normal intelligence can observe an election, understand the security properties needed at each step, and see for themselves if those security properties are maintained. Any alternate system must maintain this property.
  
  --
  -- The act of censorship is always worse than whatever is being censored. Always.
17. Re:Banking doesn't usually require anonymity by jhol13 · 2009-04-11 16:32 · Score: 1
  
  Utter bull.
  The mathematics do not address situations like results of temporary calculations being stored in hard disk and never overwritten.
18. Re:Banking doesn't usually require anonymity by myspace-cn · 2009-04-11 17:25 · Score: 1
  
  Nothing Informative here. Just a complete lack of understanding how voting works.
  But it's GREAT if you want to have a DICTATORSHIP!
19. Re:Banking doesn't usually require anonymity by weicco · 2009-04-11 17:56 · Score: 1
  
  But there's still room for tampering the votes. There's always the question about public trust to the system also. Let me clear this up a bit. Oh, and I'm a Finn...
  Traditional pen & paper method is almost 100% fool proof system. It is almost impossible to tamper the votes and here's why: Every party sets their own observer to overlook the counting. Any foul play is quickly discovered by observers. In order to fool the system you would need to bribe a whole lot of people.
  With computer based counting all you need to do is tamper the code that counts the votes. Allthought I don't know if the counting machines are checked against the tampering.
  Currently we, the voters, count on our old style voting method a great deal. But when faced with e-voting some questions tend to arise. Is this as fool proof as the old system? Is the machine coded correctly? etc. etc. We know what kind of mess the-company-which-should-not-be-named produces where ever it operates in public projects and this brings a great deal of untrust to the picture. Add our almost-totally-incompetent Minister of Justice Tuija "science fiction" Brax to the mix and we can pretty much forget about demcratic elections as we know it.
  
  --
  You don't know what you don't know.
20. Re:Banking doesn't usually require anonymity by nedlohs · 2009-04-11 18:27 · Score: 1
  
  Do that and you don't have secret voting anymore. Sure a random person can't tell how another random person voted, but your union boss can see how you voted, or your boss, or your husband, or your pastor, etc.
21. Re:Banking doesn't usually require anonymity by rkit · 2009-04-11 19:49 · Score: 1
  
  Just some thouhgts: The paper ballot can be understood and verified by every voter. The technique used may be simple, but the protocol is quite sophisticated. To verify the system you propose, you would still need to repeat all calculations. Also, how do you verify that the random numbers are really random? Your argument for stochastic verification suffers from a lack of randomness. The 0.1% percent that actually check will be far from random. Electronic voting is supposed to make the voting process easier. Manual verification of hashes of several hundred bits is not my idea of simplicity.
  
  --
  sig intentionally left blank
22. Re:Banking doesn't usually require anonymity by DMNT · 2009-04-11 21:57 · Score: 2, Informative
  
  I'm also a Finn and I was counting the votes at the municipal elections in Helsinki late last year. The system is even more tamper proof than described previously. First of all, the ballot box is checked at the casting of the first vote that there's no extra votes within the box. The first vote is stamped (like the rest will be) and put in to the box. The parties have a right to set an observer for the whole time until the votes have been counted. The next day the votes are recounted (which is where I was part of):
  All districts are dealt out randomly to counting groups. The groups then count the votes and if they agree on the number of votes with the first count - and don't disqualified any votes accepted previously due to certain criteria - then the result is accepted. The votes can be disqualified for multiple reasons: The vote paper might be completely unmarked and it is counted separately as an official form of protesting against every party. The other reasons are ambiguous number (usually trouble separating 1 from 7 and 6 from 0 or numbers that look different upside down, like 188 vs. 881 when a single vertical bar is used for number 1.), additional non-clarifying markings in the vote that could be used to link the person to the vote (to prevent vote buying & selling), lack of stamping (to prevent people slipping in multiple votes within the true vote) or using other than official voting paper in voting. Lot of votes disqualified contain all kinds of messages to the government, from a friendly "F U government!" to cryptic messages to God or Bavarian Illuminati.
  If the result is in any way different from the previous count then it is dealt randomly to another counting group which will verify the result. All the disqualified votes go to the jurisdiction to give a final verdict on the votes and if possible decide the candidate the ambiguous vote is for.
  All this counting is done in a group supervised by political parties, though in current stable political environment the supervision is only superficial. Being a member of this counting process has only increased my trust in paper voting and distrust in e-voting.
  
  --
  ?SYNTAX ERROR
23. Re:Banking doesn't usually require anonymity by weicco · 2009-04-11 22:39 · Score: 1
  
  Thank you very much! I wasn't in the know how counting goes in action and that cleared things up a lot.
  Btw. I was counting votes last year in Kokoomus Puoluepäivät and there we had to disqualify, if I remember correctly, only one vote. I guess our party's voters are more adept in writing numbers. Just kidding... :)
  
  --
  You don't know what you don't know.
24. Re:Banking doesn't usually require anonymity by Anonymous Coward · 2009-04-11 23:10 · Score: 0
  
  So how do you ever get your mother to use cryptography?
25. Re:Banking doesn't usually require anonymity by Anonymous Coward · 2009-04-11 23:19 · Score: 0
  
  It only has to be random from the cheater's perspective, meaning the people modifying the votes must not be able to predict who will test them.
  A hash verification takes about one minute to perform - someone could make a JavaScript-based application, put it up on a web site, and let people enter their ID number and and random number to see the correct hash.
26. Re:Banking doesn't usually require anonymity by Repossessed · 2009-04-11 23:34 · Score: 1
  
  So driving is a religion? Most people don't understand how their car works either. They definatley don't get how the voting machine works.
  
  --
  Liberte, Egalite, Fraternite (TM)
27. Re:Banking doesn't usually require anonymity by jsiren · 2009-04-12 00:21 · Score: 1
  
  weicco wrote:
  
  But there's still room for tampering the votes. There's always the question about public trust to the system also. Let me clear this up a bit. Oh, and I'm a Finn...
  Traditional pen & paper method is almost 100% fool proof system. It is almost impossible to tamper the votes and here's why: Every party sets their own observer to overlook the counting. Any foul play is quickly discovered by observers. In order to fool the system you would need to bribe a whole lot of people.
  Another Finn here, and I agree with parent.
  Electronic voting has been marketed as ultimately enabling voting by web, SMS, and whatever channels. The reasoning is to increase voting activity. The reason why it doesn't work is that it's not the process of voting that keeps activity down - voting cannot get much simpler and still stay reliable - but the substance of politics. They're seemingly after the votes of those who don't care who gets elected, or feel that there is any difference between candidates... wait, what?
  I'm sorry if I'm being cynical, but I think the problem that this system really solves is a cashflow problem for the developer company. After all, their main product is billable hours, and their main customer is the public sector.
  
  --
  Usage: km/h for speed (kilometers per hour); kph for very slow impulses (kilopond hours).
28. Re:Banking doesn't usually require anonymity by weicco · 2009-04-12 01:33 · Score: 2, Informative
  
  Electronic voting has been marketed as ultimately enabling voting by web, SMS, and whatever channels.
  Internet-voting is absolute horror. It can be made technically sound but that's about it. Who can assure that it is my wife who gives the vote and not me who stole my wife's ID card or whatever (not that I would do so, just for example)? Who can assure that one isn't giving vote under physical threat? Rhetorical questions but current paper & pen method prevents these kinds of situations perfectly.
  
  --
  You don't know what you don't know.
29. Re:Banking doesn't usually require anonymity by 517714 · 2009-04-12 02:07 · Score: 1
  
  So they just keep "two sets of books". One that is used for anyone inquiring about their vote and one that is used to report to the election commission that the highest bidder has won. Fraud is easily perpetrated on any "anonymous" system. Anonymity and verifiability are incompatible in a sophisticated system.
  
  --
  The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
30. Re:Banking doesn't usually require anonymity by rkit · 2009-04-12 06:36 · Score: 1
  
  Great idea, send your secret random bits to some web app for harvesting
  
  --
  sig intentionally left blank
31. Re:Banking doesn't usually require anonymity by rkit · 2009-04-12 06:44 · Score: 1
  
  Maybe I am overlooking something, but what is the point of hashing here? What is the gain compared with simply handing out a random number?
  Assuming the number is not random or can be stored, the hash will not prevent a dictionary attack.
  
  --
  sig intentionally left blank
32. Re:Banking doesn't usually require anonymity by Profane+MuthaFucka · 2009-04-12 13:13 · Score: 1
  
  Crypto is not democracy. Do not confuse the two. Do not ask questions as if I am confusing the two. I am not stupid.
  
  --
  Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
33. Re:Banking doesn't usually require anonymity by Profane+MuthaFucka · 2009-04-12 13:40 · Score: 1
  
  Driving is not democracy. Do not confuse the two. Do not ask questions of me as if I am confusing the two. I am not stupid.
  
  --
  Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
34. Re:Banking doesn't usually require anonymity by stephanruby · 2009-04-12 14:38 · Score: 1
  
  Internet-voting is absolute horror. It can be made technically sound but that's about it. Who can assure that it is my wife who gives the vote and not me who stole my wife's ID card or whatever (not that I would do so, just for example)? Who can assure that one isn't giving vote under physical threat? Rhetorical questions but current paper & pen method prevents these kinds of situations perfectly.
  My state (California) allows me to vote by mail, which I love, and it's not as horrific as you make it sound. In fact, I'm probably a better voter because of it. I'm not sure why, but the fact that I can send back my ballot right away by mail means that I'll get started on it earlier and will do far more research on it than before. And it's not that the system prevented me from starting earlier when I used to vote in person, after all I did receive a sample ballot that I could fill out in advance if I wanted to, but there is definitely something to be said for the added positive psychological effect that an absentee ballots have on voters.
35. Re:Banking doesn't usually require anonymity by weicco · 2009-04-12 19:19 · Score: 1
  
  But that enables, for example, me to vote "in behalf" of the whole family in the next elections, wouldn't it?
  In my opinion, of course, there are some problems with elections in Finland but I don't think the actual voting happening is one of them. We have elections once a year at max so I don't think it is insurmountable problem to get to the election site. You have something about two weeks time to give your vote plus the actual election day. If you are sick in hospital, you get the change to vote from your sickbed.
  Problem with the low voting activity is something to do with the candidates and parties. Candidates try to create images of themselves. Why don't they tell voters what they are actually trying to accomplish? Parties are sometimes so close together so that you can't tell a difference. Even in the god damn (excuse my language but I take this seriously) municipal elections no-one is telling the voter why he/she is running for the council! How can voter make a choice? By throwing the dice?
  If I ever get the change to be a candidate again I have some nice ideas for my campaing :)
  
  --
  You don't know what you don't know.
36. Re:Banking doesn't usually require anonymity by Anonymous Coward · 2009-04-13 20:59 · Score: 0
  
  You didn't have party voters there, you had party cadres. ;-) (there actually is a difference - people who are iinterested enough in politics to be party members and participate in a meeting, are probably
  a) a bit better schooled than average (and for example careful with there 7:s, 1:s, 0:s and 6:s)
  b) not likely to cast an empty protest vote for e.g. Juho Kusti Paasikivi...
  Laura Kataja (too lazy to register)
37. Re:Banking doesn't usually require anonymity by weicco · 2009-04-14 05:22 · Score: 1
  
  Probably, not always. I have two years of commercial school behind and I'm myyntimerkantti ;)
  
  --
  You don't know what you don't know.
(potentially) overjoyed by blind+biker · 2009-04-11 09:21 · Score: 1

A pro-cycling candidate didn't get in because he was short just a handful of votes. Well, now they're organizing the voting again (from the article in Finnish (yeah, I'm one of those who actually understand that crazy language)) and my candidate has another shot at it :o)
Don't you love second chances?
Of course, the real reason I'm happy is that this absurdity with 2% invalid voting has been overturned. Everybody knew that Helsinki Administrative Court's (Hallinto Oikeus) decision was shit - so, I celebrate this sudden and unexpected victory of common sense.

--
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
1. Re:(potentially) overjoyed by noidentity · 2009-04-11 09:25 · Score: 1
  
  How is it a second chance? There so far has been no first chance, since the votes made the first time around don't count.
2. Re:(potentially) overjoyed by Savage-Rabbit · 2009-04-11 10:16 · Score: 1
  
  How is it a second chance? There so far has been no first chance, since the votes made the first time around don't count.
  Think of it as a chance for whoever is in charge of that election *NOT* to misplace 2% of the electorate.
  
  --
  Only to idiots, are orders laws.
  -- Henning von Tresckow
3. Re:(potentially) overjoyed by drinkypoo · 2009-04-11 10:41 · Score: 1
  
  Or viewed from the other side, a chance to participate in a fair[er] election.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Let me guess... by Trintech · 2009-04-11 09:21 · Score: 0

these were Diebold voting machines?
1. Re:Let me guess... by Trintech · 2009-04-11 09:25 · Score: 1
  
  nevermind, actually RTS and it said e-voting. I r troll. /bends over for Mods
A bold prediction by hyades1 · 2009-04-11 09:23 · Score: 4, Funny

I bet Diebold, or Premier, or whatever it is that pack of cheats and liars are calling themselves these days, won't be trying to place their voting machines in Finland any time soon. I doubt they could attain 98% accuracy even with only one candidate on the ballot.

--
I've calculated my velocity with such exquisite precision that I have no idea where I am.
1. Re:A bold prediction by igny · 2009-04-11 14:49 · Score: 1
  
  When we are talking about 2% loss, it is not about voting accuracy, it is about vote retention.
  
  --
  In theory there is no difference between theory and practice. In practice there is. - Yogi Berra
2. Re:A bold prediction by ibbey · 2009-04-11 15:27 · Score: 1
  
  When we are talking about 2% loss, it is not about voting accuracy, it is about vote retention.
  Since the election used a blackbox system (ie. no voter verified paper trail), we have no way of knowing whether the votes were recorded as cast or not. It's relatively easy to discover if the total number of votes recorded is inaccurate. Finding out whether they were recorded as cast is an entirely different thing.
  The problem in this case appears to be a usability issue, so there is no reason to be more suspicious of this election than any other blackbox election. However we can never really know the outcome of any election for certain without a paper trail.
3. Re:A bold prediction by Anonymous Coward · 2009-04-11 17:29 · Score: 1, Insightful
  
  When your company name is so sullied that you need to change it, you ought to realize that you have reached the end of the line...
Most still voted with traditional methods by sakari · 2009-04-11 09:34 · Score: 4, Informative

Just to clarify on this, most still voted with the traditional pen & paper methods. I guess E-voting was tested in some places. The finnish E-voting system was programmed by TietoEnator, which has had some questionable results in the past too in delivering working software. Still they get a lot of the government related jobs .. gee, wonder why ?

--
GeoKone.NET :: Create Sacred Geometry in your browser
1. Re:Most still voted with traditional methods by Anonymous Coward · 2009-04-11 10:26 · Score: 0
  
  Still they get a lot of the government related jobs .. gee, wonder why ?
  Want to compile a list of companies with Finnish offices and a track record of solid, secure, verifiable e-voting systems with a tangible prototype to impress the decision-gorillas?
  Or make that anywhere in the world.
2. Re:Most still voted with traditional methods by ultrabot · 2009-04-12 07:01 · Score: 1
  
  Want to compile a list of companies with Finnish offices and a track record of solid, secure, verifiable e-voting systems with a tangible prototype to impress the decision-gorillas?
  Give me 500EUR and I'll hack up such an e-voting system in one workday.
  Why on earth is this not a trivial problem?
  
  --
  Save your wrists today - switch to Dvorak
I am glad. by Landak · 2009-04-11 09:41 · Score: 1

That, for all else that is wrong with our system of democracy here in the UK, we have not forgotten how to use a pen and a piece of paper. When elections are being held, there's something rather reassuring to see a (usually rather dented) black box padlocked shut with a small hole at the top, and a large number of people queuing up to put their slip of paper in. It's worked quite well for the last 300 years. I really don't know what's wrong with it...

--
My UID is prime. Is yours?
1. Re:I am glad. by John+Hasler · 2009-04-11 10:34 · Score: 2, Interesting
  
  When elections are being held, there's something rather reassuring to see a (usually rather dented) black box padlocked shut with a small hole at the top, and a large number of people queuing up to put their slip of paper in. I It's worked quite well for the last 300 years.
  "300 years"? Really. What, then, did the ballot act of 1872 do?
  
  And then there is the matter of numbered ballots...
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
From EFFI by Razalhague · 2009-04-11 09:46 · Score: 5, Informative

Here's an article in non-google-translated English. Also contains some other links in English.
Effi has an English article on this by mjrauhal · 2009-04-11 09:46 · Score: 2, Informative

Electronic Frontier Finland (Effi) has an English article on this matter as well.
More Info in English by pookie13 · 2009-04-11 09:48 · Score: 4, Informative

Actually the machines were supplied by local company called Tieto.

More about the case in English
Yle News
Helsingin Sanomat
Newsroom Finland
The systems did not lose any information by Anonymous Coward · 2009-04-11 09:51 · Score: 0

The story has been written incorrectly. The systems were not defective nor did they lose any voter data. The user interface was just badly designed and a bunch of voters didn't press OK or something and their votes were not registered. Do check your facts first.
1. Re:The systems did not lose any information by Maxmin · 2009-04-11 10:54 · Score: 1
  
  The systems were not defective nor did they lose any voter data. The user interface was just badly designed
  Industrial Design 101: A system, such as a user interface, whether mechanical, software-based, or both, that allows a transaction to be left in an ambiguous state, is indeed a defective design.
  At the very least, they could have designed it to warn the user, upon yanking out their ID card *mid-transaction*, with loud sounds and flashing screen messages. Or, to notify the voting administrators that a voter had inadvertently not completed their vote.
  It could also have been designed to mechanically lock the voter's ID card in place, until the transaction was complete. Some ATMs are designed to perform in this way - your card is not returned until you have completed whatever function(s) you began.
  
  --
  O lord, bless this thy holy hand grenade, that with it thou mayest blow thine enemies to tiny bits, in thy mercy.
2. Re:The systems did not lose any information by Ethanol-fueled · 2009-04-11 14:52 · Score: 1
  
  Some ATMs are designed to perform in this way - your card is not returned until you have completed whatever function(s) you began.
  So a person distracted with music or a cell phone takes their money from the ATM and for some reason runs off, leaving their card.
  
  Around these parts it used to be that way, now it's the opposite: you make your transaction, and the machine spits out your card and prompts you to take it before it spits out the money and/or receipt. YMMV.
3. Re:The systems did not lose any information by jaria · 2009-04-11 17:11 · Score: 2, Informative
  
  Please check YOUR facts first. There were several problems:
  - bad user interface design
  - machines freezing up at the critical moment
  - machines crashing when presented with the voting card
  - instruction leaflet asking the voter to press "OK" once when twice was needed
  - secret, closed source design
  - no paper verification
  - no public review possible of the algorithms etc
  Of course, the publicity around this case centers on the first issue, because its the easiest to understand. But there were other problems, too, just read the witness statements from the actual appeals.
4. Re:The systems did not lose any information by Anonymous Coward · 2009-04-12 03:07 · Score: 0
  
  Acknowledged, it's mostly the "dip and remove" style with ATMs. I've had my card get stuck a couple of times, which needless to say, is a problem when it happens after hours. This is going back at least eight years.
  Just saying, with voting machines, the needs are somewhat different, and the sequence of steps could be more clearly articulated to the user.
  I once worked on an ID passcard entry system, in which the card dropped halfway into the slot, leaving half exposed. During the evaluation phase, when the human guard compared your face with the picture on the card (I know, I know - this is before facial recognition and other electronic verification means), both the ID passcard and *you* were locked in the gate booth. For a large defense contractor who shall remain nameless.
2% creates doubt and mistrust by Anonymous Coward · 2009-04-11 10:33 · Score: 3, Insightful

2% creates doubt and mistrust in the election results and that is unacceptable. What if the votes were lost in a non-random fashion? What if the same e-voting system gets reused later in a case where 2% could mean the difference between a seat going to one candidate or another? What if the root cause of the loss caused other problems as well? What does it say about the quality control and security of the system? People should be able to trust the outcome of an election.
2% of the Vote? by Caraig · 2009-04-11 11:30 · Score: 1

"Apparently 98% of the votes isn't enough to determine how the remaining 2% voted, after all."

And why should they be? Not every country has a 'winner take all' simple majority voting system. And even if Finland doesn't, every vote has to be understood to have been counted even if they didn't go to some arbitrary clear-cut winner.
Besides, that race might very well have been neck-and-neck. 2% of the vote either way might have decided it.

--
"I am an Adept of Tantric VAX."
1. Re:2% of the Vote? by jaria · 2009-04-11 17:18 · Score: 1
  
  The loss of a single vote might have affected the results, given the Finnish system.
  My city was one of the affected ones. In our city there were candidates A and B who got the same number of votes, both on the margin that you need to get in, and only one place was left. Only one made it to the city council, based on a toss of a coin by the voting board. If there had been one more on vote on either one, the random selection would not have been necessary.
  Remember that we are talking about local elections and elections of individuals as opposed to parties. The number of votes lost in my city was greater than the number of votes needed to get into the city council.
Quick and dirty translation by Card · 2009-04-11 11:41 · Score: 3, Informative

The Supreme Administrative Court ruled that the municipal elections will be renewed at Karkkila, Kauniainen and Vihti. Last autumn 232 votes were lost in the three municipalities that participated in the electronic voting pilot.
The court annulled the election results and ordered the election to be held again. In its summary, the court finds that the errors in the e-voting system, the insufficent instructions and the large amount of lost votes mean that the election wasn't properly held.
16 citizens appealed about the election results, some of whom were also candidates in the election. The previous appeal the Helsinki Administrative Court didn't result in the rejection of election results, as the Administrative Court did not consider the voting problems serious enough.
That verdict wasn't satisfactory to the appellants, who took the matter to the Supreme Court. Two percent of the votes were lost in the municipality of Kauniainen; the difference would have affected the outcome.
Minister Tuija Brax (Green party) - one of the main proponents of the highly controversial e-voting system - said that she was happy with the decision. Before the court's ruling came in, the minister refused to comment about the necessity of holding a new election, as such thing was impossible [without court order]. Before the election, minister Brax had said that all the [proposed] problem scenarios with the election system were pure "science fiction".

The story isn't that well written. The system allowed the user to remove his ID card before the vote was registered. The lack of a paper trail is a large problem, and the lack of openness in the design doesn't help to gain the users' trust. Further, the system was designed by Tieto Oy (formerly TietoEnator), also responsible for the new systems at Sampo Bank (with numerous login problems, XSS exploits and such). Vestigia terrent.
1. Re:Quick and dirty translation by Anonymous Coward · 2009-04-11 17:43 · Score: 0
  
  Further, the system was designed by Tieto Oy (formerly TietoEnator), also responsible for the new systems at Sampo Bank (with numerous login problems, XSS exploits and such). Vestigia terrent.
  FWIW, Sampo Bank uses the systems of it's parent company - i.e. those of Danske Bank.
  And those the responsible party for those is IBM.
  Google it.
How hard can it be to get this right? by Narcocide · 2009-04-11 11:42 · Score: 1

Seriously?! More broken fucking e-voting machines? Who are these idiots and why can't they make a simple kiosk work? Why are they being paid to do this and why haven't I been hired instead? What am I missing out on here? Anyone? I *KNOW* that I could make a simple web app launched in firefox and attached to a locally-running apache instance on a linux box NOT MISS A SINGLE VOTE. I could even add touch-screen activation with the proper hardware. How hard can this be to get right?
1. Re:How hard can it be to get this right? by Morten+Hustveit · 2009-04-11 12:31 · Score: 2, Interesting
  
  I *KNOW* that I could make a simple web app launched in firefox and attached to a locally-running apache instance on a linux box NOT MISS A SINGLE VOTE.
  I guess the problem was that these people also "knew", and thus didn't see the need to actually test the interface on a sufficient number of people - There's a 95% change that at least 1 out of 150 random testers would fall victim to a 2% failure rate. If you allowed the testers to leave feedback, the mistakes could probably have been discovered a lot faster. I'm basing this on #27545121, which claims this was a user interface issue.
  They could have put the machine up in a mall, and let people use it to leave customer feedback or something, with a chance to win a small prize.
2. Re:How hard can it be to get this right? by Chandon+Seldon · 2009-04-11 14:49 · Score: 2, Insightful
  
  It sure seems like an easy problem, doesn't it.
  As a programming problem, it seems like an easy problem because it is. Thing is - it's not a programming problem. It's a security problem. As a security problem, the programmer is the most significant potential attacker. Does it still seem easy?
  
  --
  -- The act of censorship is always worse than whatever is being censored. Always.
3. Re:How hard can it be to get this right? by jaria · 2009-04-11 17:59 · Score: 1
  
  How does your system allow voting from multiple locations, prevent duplicate votes, prevent voters to be associated with their votes, etc?
  It is funny, and perhaps lucky that they got the user interface work so badly botched. The user interface is the easy part. The hard part is getting the security right and the entire country-wide system reliable, and not allow any particular party (such as the vendor) steal the elections, or allow government to look at how you voted.
  The system we used failed on all counts, but only the user interface problems were visible to the end-user. For instance, revealing votes: the government officials have keys to open the ballots and see who voted how. Luckily, they have promised not to look, so we can all sleep well now.
4. Re:How hard can it be to get this right? by Rockoon · 2009-04-12 03:21 · Score: 1
  
  The problem with testing for 2% error rates on "usability" problems, is that there is a real chance that at least one of your testers is throwing a wrench into the gearts on purpose.
  
  Pick 150 random people from a "representative voter sample" of a population, like say 150 people selected for jury duty in new york city ("you people vote red.. the rest vote blue") and you are going to have more than 2% assholes that want the system to fail..
  
  ..and more than 2% drooling retards.. (remember, 50% of the people are below average at whatever it is you are sampling)
  
  The ultimate question is, is the system reasonably foolproof. That is not to say that 100% of fools are accounted for, but rather that a reasonable number of them are.
  
  "Some men you just can't reach. So you get what we had here last week..."
  
  --
  "His name was James Damore."
How hard is it? by kaptink · 2009-04-11 12:22 · Score: 1

Really, how hard is it to put together a secure e-voting system? I mean seriously, it's the kind of thing you would do for an assignment as a 2nd or 3rd year computer science student. I fail to see how these private companies can botch up such a simple concept as much as they have unless they've done it intentionally. What is stopping the adoption of a transparent open source system. Developed and refined by the open source community, free to be scrutinised by the best and brightest? The point of it being open source is so that everyone can feel safe that the system isn't being manipulated and/or rigged.. *cough cough* Diebold .. A secret proprietary system is what you would expect to see in a country under a dictatorship, not in a supposed "land of the free" democracy.

--
Those who can, do. Those who cannot, sue.
1. Re:How hard is it? by jaria · 2009-04-11 17:23 · Score: 2, Insightful
  
  Its actually surprisingly hard, if you start to think about it. If you compare to the paper ballot system, there are checks and balances. The different party officials and citizens can oversee the counting (in fact, they volunteer to do it). One corrupt counter does not break the system, however, because the others will catch him. And its very hard to cause a country-wide discrepancy.
  If you compare an e-voting system to, say, a banking application, there's one big difference: in the banking application you WANT a secure trail of events, stored for perpetuity. In voting you want anonymous results while at the same time secure results. Its very hard to do this, as almost every design makes you trust someone in some way.
  Then if you add the issue of voters not being able to verify the system for various commercial reasons... my take on this is that an e-voting system does not make sense for simple and efficient elections like the ones we have in Finland. Counting is fast, there are no reliability problems (in fact, there is a 10x higher reliability in paper ballots). Its cheap, because its mostly run by volunteers who have an incentive to participate.
Obligatory Comment by Anonymous Coward · 2009-04-11 12:32 · Score: 0

Finnish him!
Where do you draw the line? by Joce640k · 2009-04-11 16:01 · Score: 1

If 2% is acceptable then what about 5%? 10%...? Where do you draw the line?
The running of an entire country is at stake here and 2% is certainly enough to show there's serious problems with the system.

--
No sig today...
News in English by kaip · 2009-04-11 17:37 · Score: 4, Informative

Some news in English about the court decision:
Finnish e-voting results annulled, municipalities to hold new elections by Electronic Frontier Finland ry (Effi), the best summary in English, IMO;
Helsingin Sanomat;
Helsinki Times;
The Brad Blog;
NewsRoom Finland;
YLE; and
Turre (the lawyers that won the case).
The voting system was provided by Tieto and Scytl. In their News Page, Scytl declares: "Scytl's Pnyx.core successfully used in local elections in Finland" Shouldn't they update this...? It is even possible that the 2% of the votes lost was due to the Pnyx.core, instead of usability issues with the voting terminals, as has been commonly assumed - who knows.
Interesting facts about the case by jaria · 2009-04-11 17:41 · Score: 4, Interesting

It is of course a completely correct decision from the supreme court to re-run the elections, and we are very happy about it.
But it has been interesting to follow the developments and the various attempts to avoid this outcome.
Before the elections, the minister of justice, Tuija Brax claimed any possible problems were "science fiction". After the elections and when the problems were announced, she has not been a support of new elections, just stating that the courts need to decide. However, she was quick to launch an internal investigation and fire the Director of Elections. Not sure the director was really the true guilty person here, but at least a scapegoat had been found...
The city voting boards very resisting new elections for the last second. They came up with interesting claims to prevent this from happening. One claim that we've heard often -- even after the decision -- is that the new elections do not matter, because the party situations would not change. Well, they were missing the minor issue that in Finland the election system is based on voting on persons, not parties. Some of us do care about who we vote there. A more sinister claim was that the voters had conspired to misuse the voting system on purpose, to show that it was unreliable (!). Now, talk about science fiction, maybe these guys could be of some use in the JFK murder investigation? Not to mention the fact that a correctly implemented voting system should not be vulnerable to such misuse.
The three cities involved are now extremely unhappy with the ministry, as the law requires them to pay for the new elections. The ministry has promised an extra budget to help out... though in my mind, the architects and vendors of the system should get to pay.
Its also been extremely difficult to get any information from the government on the details of the system. The local EFF wanted to take a look before the elections, but was refused (or impossible NDAs were requested). I made an official request to get the cost information of the entire project, and the government claimed that they have no such information. One number that has been circulated in the press was 700 000 euros, but that seems low, given that a large number of design and specification work went in, even at the ministry level not to mention the vendors.
All in all, a happy outcome:
- director of elections fired
- minister is now pro-open source and paper trail
- general knowledge of possible problems in e-voting was increased in the country :-)
- elections are re-run
However, everyone is quite focused on the specific bugs we experienced, thinking that individual bugs can easily be fixed. I'm more worried about the process and the way that these things are done. I don't see a way to avoid bugs next time either, for instance. Lack of verifiability, openness, government not listening to citizens or outside experts, blind acceptance of vendor sales pitches, lack of sensible motivation for the entire effort are the worrisome aspects.
1. Re:Interesting facts about the case by Anonymous Coward · 2009-04-12 02:32 · Score: 0
  
  One claim that we've heard often -- even after the decision -- is that the new elections do not matter, because the party situations would not change.
  I'd be amazed if that statement alone wouldn't case the situation to change after the next election. I know you realise the argument is silly but it's just so mind numbingly absurd that it could be extend towards arguing against holding an election all together after four years (assuming it's four year terms over there).
2. Re:Interesting facts about the case by Urkki · 2009-04-12 06:57 · Score: 1
  
  One claim that we've heard often -- even after the decision -- is that the new elections do not matter, because the party situations would not change. Well, they were missing the minor issue that in Finland the election system is based on voting on persons, not parties.
  The election system is primarily based on voting the party, and only secondarily based on voting the person inside the party. Thinking it's about voting a person is wrong, meaning it makes people vote for the wrong reasons, even against what they believe in. The vote goes first to the party, so first thing for a voter is to choose a party. Then the voter can choose a candidate inside that party to support, but that's not as important as choosing the party.
  It's less important both because even if you favorite candidate does get in, they're likely to act according to party line, and because it's quite possible your candidate doesn't get in, in which case your vote only benefits the party in the end.
How do you verify a paper vote? by Anonymous Coward · 2009-04-11 19:16 · Score: 0

Is there any need for a verification in the e-voting system? Why is it so important to know if someone's vote was actually registered? This kind of verification system does not exist in paper voting. There is no way you can be sure that your vote was counted right, or even counted at all in paper voting system.
English Article by vally_manea · 2009-04-11 19:21 · Score: 1

English article from a Finnish newspaper here
Voting systems matter by ggeens · 2009-04-11 22:18 · Score: 1

Most of Europe uses a proportional voting system. (Each voting district elects several representatives at once.) As far as I can see, Finland has one too.
A difference of just a few percent can shift a seat from one party to another.

--
WWTTD?