Committee report electronic voting

From April 26th until December 18th 2013 I was a member of the expert committee on voting computers. This committe was instituted to advise the Dutch Minister for the Interior on the feasability of re-introducing electronic voting methods.

In the past (2008, 2012) I have always been very critical about the way electronic voting was implemented in The Netherlands up to 2007. The lack of transparancy of this method and the impossibility of recounts made this fundamentally incompatible with real democracy and,
after some convincing by citizens, even the government agreed on this.

The commission recommends:

• The use of electronic aids to make the voting and counting processes more reliable and more accessible;
• To this end, account will be taken of the preconditions formulated by the commission;
• The introduction of a single nationwide voting system, consisting of a voting printer so that the voter can print his or her ballot paper and a scanner to count the votes electronically; This system can be made suitable for all voters;
• It should be clear in legislation that the paper process provides the guiding principle;
• Should the voting method proposed by the commission not be implemented, in whatever event it recommends the introduction of electronic counting linked to the introduction of a smaller ballot paper.

More details in the English Summary of the report. For all the entire report, press coverage and interviews go to the Dutch version of this blogpost.

Cyberwar: the west started it

<originally a Webwereld column – in Dutch – also on HuffPo UK, Consortiumnews en Globalresearch>

A few years ago, Israeli and American intelligence developed a computer virus with a specific military objective: damaging Iranian nuclear facilities. Stuxnet was spread via USB sticks and settled silently on Windows PCs. From there it looked into networks for specific industrial centrifuges using Siemens SCADA control devices spinning at highspeed to seperate Uranium-235 (the bomb stuff) from Uranium-238 (the non-bomb stuff).

Iran, like many other countries, has a nuclear program for power generation and the production of isotopes for medical applications. Most countries buy the latter from specialists like the Netherlands that produces medical isotopes in a special reactor at ECN. The western boycott of Iran makes it impossible to purchase isotopes on the open market. Making them yourself is far from ideal, but the only option that remains as import blocked.

Why the boycott? Officially, according to the U.S. because Iran does not want to give sufficient openness about its weapons programs. In particular, military applications of nuclear program is an official source of concern. This concern is a fairly recent and for some reason has only been reactivated after the US attack on Iraq (a lot of the original nuclear equipment in Iran was supplied by American and German companies with funding from the World Bank before the 1979 revolution). The most curious of all allegations of Western governments about Iran is that they are never more than vague insinuations. When all 16 U.S. intelligence agencies in 2007 produced a joint study there was a clear conclusion: Iran is not developing a nuclear weapon (recent speech by the leader of this study here).

And that’s strange.

For if the 16 American intelligence services and their Israeli colleagues, the famous Mossad, can all agree that Iran is not making nuclear weapons, how do you justify an attack against civilian industrial infrastructure? And that this is the equivalent of a military attack is clear when you consider what would happen if Iran had been caught in a cyber attack on ‘our’  instalations in Borssele or Indian Point.

Stuxnet is designed for a single purpose: the damage of nuclear enrichment facilities in Iran. This is a country that just may perform these activities in accordance with the international agreements stipulated in the Non Proliferation Treaty. Iran, like most other countries in the world (except Israel, India, Pakistan, S Sudan and N Korea) signed this Convention. Nuclear weapons are not allowed but civil nuclear industry is,  a detail that sometimes escapes the attention of editors. Like the reason why Iran is not a democracy. I’m not saying the Iranian government are darlings, but the country has not attacked anyone in the past 200 years, unlike several of our NATO partners.

But Stuxnet has made some things very clear to Iran and the rest of the non-Western world. It does not matter that you abide by established agreements and treaties. It does not matter that you’re not a threat to the West. It does not matter that the countries that accuse you most of violating the non-proliferation agreements (U.S. and Israel) arethemselves the most egregious violators; USA by delivering plutonium to Israel and Israel by not even signing the treaty and secretly stashing 100-200 nuclear bombs in the basement.

So there is no reason for you to stick to agreements or treaties because it does not guarantee that the parties on the other side will do the same and it may offer a strategic disadvantage. And if you going to have the disadvantage of alleged conduct (boycotts, threats of bombing), it is logical that you also want the benefits. It is almost rational for Iran to develop a military nuclear program. Certainly North Korea seems to get away with it. As a bonus, is now has a few nuclear weapons and that is still the best guarantee that the U.S. will not be bringing unsolicited packages of "democracy" (although a lack of oil wells also seems to help).

Like the attack on Iraq, which was carried out based on deliberate lies (The US and UK knew Saddam had no WMDs), the U.S. again does not comply with the standards that it happily tries to impose on others. With the result that no-one takes such standards seriously anymore and the world (and cyberspace) becomes a wild west shooting gallery.

And that’s exactly what you do not want in a world where a handful of angry Chinese / Russian / Iranian / Iraqi / <insert other country> can completely anonymously and in secret take down your critical infrastructure. Western countries are much more vulnerable due to their high degree of automation than countries that have just outgrown their third world status. Cyber ??weapons are relatively inexpensive and developing them is more difficult to detect than the construction of missiles and aircraft carriers. The best defense against it is the prevention of an arms race. Like a nuclear war everybody loses in a cyber war. Safety in such a context is created by moral leadership (starting with: follow your own rules) and actively working at de-escalation. And that is exactly what the U.S. and Israel have not done.

With such friends, we are assured of a continuous stream of new enemies in countries that mainly want to be left alone, but that arm themselves just in case the "free West" is on the prowl in their region.

Setting up a Dutch Cyber ??Army while the sluices and pumping stations are equipped with factory-default passwords in their SCADA controllers seems pretty stupid. If you live in a glass house, not throwing stones and not motivating others to do so, is the smarter move.

Update: a NATO research team has determined thet Stuxnet ‘attack’ against Iran was an ‘Act of Force‘ (not an ‘Act of War). We’ll see if that determination holds up if a non-NATO country (let’s say Iran) does the same to a NATO country.

IT and government, what to do?

<originally a Webwereld column in Dutch>

Friday a week ago I, along with other "experts", attended  a Parliamentary Working Group to answer questions about government IT projects. This was a Parliamentary group of MPs investigating the many IT failures of the government. After the summer (and the sept 12th elections), the investigation should begin with a sharp set of research questions. The invited experts were there to help formulate the right questions.

Here are my blog links to some of the available online advice written by the working group and the video stream (all in Dutch). It was striking how unanimous was the message presented by all the IT experts, given the variety of backgrounds.

Like other columnists and opinion writers, I also emphasised the failings of government and egregious damage to national security, privacy and general public funds. From available data, in terms of the government, the cost to the Dutch has moved from millions to billions of euros annually.

With such a government it is like shooting fish in a barrel for columnists. Therefore it was refreshing on this occasion to make a more constructive contribution. Although it was a pity that such meetings do not occur more frequently and are not better attended by the officials and suppliers who are responsible for all these projects. As 6 billion euros pour down the drain every year (and that is only the out-of-pocket costs – the social impact may be much higher) it might be a good idea to hold consultations more often. While I doubt that the gathering last week has any ready-made solutions for all the problems, I think there is a reasonable degree of consensus about their root causes:

 1. Wrong incentives for both government and suppliers; who actually has an interest in completing projects within the agreed time frame and under budget? Nobody. Not the supplier, who could just add many more billable hours, and therefore finds added complexity much more lucrative. Not the responsible bureaucrats, because when a project runs they have a job and a growing staff to do things – the larger your group, the more important you are. And because projects quickly become a political matter, and then a 1000% overspend becomes perfectly acceptable in order to save the neck of some senior official. There are never any penalties for any of the involved parties, no matter what the scale and comsequences of the failures. The same officials continue to hire the same 10 major suppliers.

2. Too little substantive knowledge; allows suppliers to drive the process; because most government departments lack the expertise they allow suppliers to drive virtually all substantive activities. This allows vendors to interfere in advisory roles about the the delivery of products and the implementation of services. This is very profitable for the suppliers, but not so great for the cost or technology choices that are supposed to work in the interest of the government and the citizens.

3. Total lack of oversight and transparency; there is so little transparency that the government does not know what it has, what it buys and how much it costs. Previous attempts by Parliament to get an insight into all this failed. The consequence is that most so-called "business cases" are mostly hot air. If it is impossible to assess what something currently costs and the expense of replacing it, we are sailing blind. Probably on the ‘advice’ of the vendors mentioned in Point 1.

4. Dangerously naive attitude to security risks; the recent incidents involving SCADA systems and many, many other broken online government services show that the security risks are not incidental but structural in nature. Add Stuxnet to the mix, and it is clear that public systems can be easily manipulated. The social consequences of a targeted attack are difficult to predict, and the government has no contingency plan whatsoever. It is not even clear who is responsible for picking up the pieces when certain services fail.

5. There is no discernable ambition to rectify any of the above points; the government remains quite content to define them as an immutable law of nature or fate and therefore outside its ability to influence.

That all sounds terrible. The question remains – is there anything we can do? Yes we. Because if you have read this, you will probably be concerned about government, your hospital that you might need some day, the school where your children go, the pumping station that keeps your feet dry.

The solution starts with recognizing the five points above. It is not good enough to dismiss the scale of the problem with statements like "but it is not always wrong …". A car which sometimes does not explode is not good enough. After recognising the problem, there must be a real will to improve (perhaps spurred on by a penalty imposed by Parliament). The government must have the ambition to seriously revise its traditional modus operandi. In addition, there must be the will to have a real, effective government, not some call centre for a corporation. The government is not a business, so it should stop pretending. This goal should be the visible core of all subsequent behaviour. Greater transparency will sharply expose any lack of expertise and the wrong incentives; as a result targeted action can be taken. Transparency also makes it much easier for other experts to advise government (for example about that naïve attitude to security).

How large, complex and important all these questions may seem to be. Yet the more important questions were asked last month by Professor Eben Moglen in a masterly speech in Berlin: "Why Freedom of Thought Requires Free Media and Why Free Media Requires Free Technology". Under the speech there are now discussions that ‘I  Have a Dream‘ meets ‘Band of Brothers‘ (a vision combined with a call to action). That is how this speech should look to anyone involved in IT, and triply so to bureaucrats. I hope that our MPs can also spare an hour to watch it this summer. To waste 6 billion Euros a year is bad, but to throw away the hard-won freedoms of the past 1000 years – that’s really bad.

Doublethink and Zen

<originally a Dutch Webwereld column>

Doublethink is a concept that was introduced by George Orwell in his famous novel ‘1984 ‘. It is a mental mechanism that allows people to believe sincerely and simultaneously two completely opposing ideas without a problem.

In the ten years that I have been involved with open source and open standards in the Dutch public sector, I have encountered many double thinkers. So for years I have endured “experts” and insiders patiently explaining that the migration to open source desktops within that community would be impossible, because civil servants could not work with other platforms. Asking non-techies to use anything but the Windows + Office desktop they were taught at Dutch schools would lead to disaster. It Just Could Not Happen.

The certainty with which this (to this day) is  mouthed as an aphorism everywhere has always amazed me. Previously, the Netherlands had migrated from WP5.2 in DOS to Windows Word 6, yet the Earth kept turning, children went to school and there was water from the tap.

Multiple migrations, mostly outside the Netherlands, have also demonstrated that ordinary users can do their work well with alternative platforms, provided they are given some training and support (something, indeed, that is perfectly normal when migrating to new releases of the usual proprietary systems).

The same people who for years have claimed with great certainty that "It Just Could Not Happen” have been busily rolling out iPads to the many managers and directors, who for many and varied reasons discover they need one. Apparently the adoption of an entirely different platform with a totally different interface is not as problematic as was asserted for all those years. Huh?

The classic “civil service desktop” tribe, led by IT heads of ministries and municipalities and supported by Microsoft, Pinkroccade and Centric, have had many happy years of “standardising” the Netherlands on proprietary tools, the management of which would then be done by the Dutch business partners of Microsoft. When asked why such a vulnerable and expensive monoculture was necessary, the standard reply is "working together!". For “working together”, according to these people, can only occur if everyone works with exactly the same stuff (never mind that millions of people on the internet are working together with very different tools). And that stuff should be consistent with what people already know, because learning something new is ultimately ‘not realistic’.

The Web 2.0 tribe wants everything on "the cloud" so that with iPads they can “work together” from Starbucks with colleagues and consumer-citizens-entrepreneurs. That this places control of state information in the hands of uncontrolled private and foreign parties is not part of the discussion. "We must work with the most modern tools!" When asked what they do in concrete terms,  the  answer is almost always shifty or there is some muttering about experiments and the importance of “working together”.

Both of the above tribes mix at “e-government” conferences and other such events and hear both perspectives, one after the other, with nobody apparently perceiving  these contradictions. It is Doublethink in its ultimate form: simultaneously believing two contradictory ideas without experiencing a conflict: from 11:00 to 11:30 they can believe that a Microsoft monoculture is a necessary requirement for civil servants to “work together”, and then from 13:30 until 14:00 just as happily accept that all hip 2.0 workers, with their privately-bought iPads authorised via LinkedIn, must have access to the State-intranet so that they are finally able to “work together” with other officials. And nobody is pointing to the naked emperor and saying that at least ONE of these two stories has to be nonsense (and probably both).

Despite all this focus on collaboration between government organizations are regularly at odds, working against each other, re-inventing wheels 300 times, or point to each other when things go wrong. Even Caligula or G W Bush could still learn a thing or two from such levels of surrealism.

Proprietary vs. open source in government is just ONE of the examples where sly salesmen from dubious companies appear to be much more attractive than people with demonstrated expertise. Also in the cases of Electronic Health Records, voting computers, the public transport chip card and the security of its own systems, the government actively chose lying, cheating vendors and/or incompetent bureaucrats over its own citizens and academics with a proven expertise.

After last year’s ‘Leaktober month’ and the Diginotar drama, it appeared that some light might finally break in, but now it is clear that one deals with problems by treating them as an immutable fact of reality. With the logic of “as it is now, so shall it remain”, the years-long impetus towards greater vendor independence and diversity of systems ground to a halt. Now the same logic is used as an excuse to defend failure everywhere. It’s a bit like claiming to achieve fire safety by shouting that not every building is on fire, and anyway the fire engines can drive with 130km/hr away – "We react so quickly!". Prevention is seen as difficult and, moreover, "as it is now, so shall it remain – you will never be safe."

Despite this latest capitulation to foreign intelligence services and criminals, yet more megalomaniac IT projects are underway. Citizens continue to entrust the government with all their personal information, despite the fact that the government itself admits to being unable to protect them adequately. When working on such projects, you’d need to remain in a permanent state of Doublethink to avoid a serious moral dilemma.

Once the Netherlands had a government that built the Delta Works to keep the sea out and ensured that the country was ranked in the global top 2 or 3 in the fields of health, education, social security, security, democracy and transparency of governance. Only Sweden and Denmark sometimes did better.

Today feels like the Dutch government is abolishing itself. It knows nothing, wants nothing, does nothing. Perhaps we the citizens should do the same. Give them nothing, ask for nothing, expect nothing. The Zen of the citizen-government relationship. Happiness is low expectations!