115 9 5MB
English Pages [361] Year 2022
Acknowledgments
C Y BE R - THREAT S TO CANADIAN DEMOCR ACY
i
mcgill-queen’s/brian mulroney institute of government studies in leadership, public policy, and governance Series editor: Donald E. Abelson Titles in this series address critical issues facing Canada at home and abroad and the efforts policymakers at all levels of government have made to address a host of complex and multifaceted policy concerns. Books in this series receive financial support from the Brian Mulroney Institute of Government at St Francis Xavier University; in keeping with the institute’s mandate, these studies explore how leaders involved in key policy initiatives arrived at their decisions and what lessons can be learned. Combining rigorous academic analysis with thoughtful recommendations, this series compels readers to think more critically about how and why elected officials make certain policy choices, and how, in concert with other stakeholders, they can better navigate an increasingly complicated and crowded marketplace of ideas.
1 Braver Canada Shaping Our Destiny in a Precarious World Derek H. Burney and Fen Osler Hampson 2 The Canadian Federal Election of 2019 Edited by Jon H. Pammett and Christopher Dornan 3 Keeping Canada Running Infrastructure and the Future of Governance in a Pandemic World Edited by G. Bruce Doern, Christopher Stoney, and Robert Hilton 4 The Age of Consequence The Ordeals of Public Policy in Canada Charles McMillan 5 Government Have Presidents and Prime Ministers Misdiagnosed the Patient? Donald J. Savoie 6 Cyber-Threats to Canadian Democracy Edited by Holly Ann Garnett and Michael Pal
preface
Cyber-Threats to Canadian Democracy
Edited by
holly ann garnett and michael pal
McGill-Queen’s University Press Montreal & Kingston • London • Chicago
iii
iv
Preface
© McGill-Queen’s University Press 2022 isbn 978-0-2280-1146-0 (cloth) isbn 978-0-2280-1147-7 (paper) isbn 978-0-2280-1279-5 (epdf) isbn 978-0-2280-1280-1 (epub) Legal deposit second quarter 2022 Bibliothèque nationale du Québec Printed in Canada on acid-free paper that is 100% ancient forest free (100% post-consumer recycled), processed chlorine free This book has been published with the help of a grant from the Canadian Federation for the Humanities and Social Sciences, through the Awards to Scholarly Publications Program, using funds provided by the Social Sciences and Humanities Research Council of Canada.
We acknowledge the support of the Canada Council for the Arts. Nous remercions le Conseil des arts du Canada de son soutien.
Library and Archives Canada Cataloguing in Publication Title: Cyber-threats to Canadian democracy / edited by Holly Ann Garnett and Michael Pal. Names: Garnett, Holly Ann, editor. | Pal, Michael, editor. Series: McGill-Queen's/Brian Mulroney Institute of Government studies in leadership, public policy, and governance ; 6. Description: Series statement: McGill-Queen's/Brian Mulroney Institute of Government studies in leadership, public policy, and governance ; 6 | Includes bibliographical references and index. Identifiers: Canadiana (print) 20220161402 | Canadiana (ebook) 2022016164x | isbn 9780228011477 (paper) | isbn 9780228011460 (cloth) | isbn 9780228012795 (epdf) | isbn 9780228012801 (epub) Subjects: lcsh: Elections—Corrupt practices—Canada—Prevention. | lcsh: Threats— Canada. | lcsh: Information technology—Political aspects—Canada. | lcsh: Disinformation—Political aspects—Canada. | lcsh: Democracy—Canada. Classification: lcc jl193 .c93 2022 | ddc 324.60971—dc23
This book was typeset by True to Type in 10.5/13 Sabon
Contents
Figures and Tables vii Acknowledgments ix Introduction: Defining the Field 3 Michael Pal and Holly Ann Garnett PA RT ONE CANADA ’ S LEGAL AND NATIONAL SECURIT Y RESPONSES TO C YB E R - T H RE AT S
1 Securitizing Election Law and Administration? Canada’s Response to the Cyber-Security Threats to Elections Lisa Young
31
2 Defending Democracy from Foreign Cyber-Interference: The Role of Canadian Intelligence Agencies in the 2019 Federal Election 55 Leah West PA RT T WO
DI GI TA L TE C HN OLOGY A N D THE VOTI N G P ROC E S S
3 A Cyber-Threat Analysis of Online Voting in Canada 87 Aleksander Essex and Nicole Goodman 4 Public Opinion on the Use of Technology in the Electoral Process in Canada 116 Holly Ann Garnett and Laura B. Stephenson
vi
Contents
PA RT T H RE E RE S P O NS E S TO M I S I N FOR M ATI ON A N D DI S I NFO RMAT I O N
5 Digital Campaign Threats: Party Responses in an Age of Disinformation 151 Anna Lennox Esselment 6 Confronting Disinformation: Journalists and the Conflict over Truth in #elxn43 174 Chris Tenove and Stephanie MacLellan PA RT FO UR
E ME RGI NG C Y B E R - THR E ATS ON S OC I A L M E D I A
P L AT FO RMS
7 Hierarchy Over Diversity: Influence and Disinformation on Twitter 209 Alexei Abrahams and Gabrielle Lim 8 Microtargeting, Social Media, and Third Party Advertising: Why the Facebook Ad Library Cannot Prevent Threats to Canadian Democracy 236 Philippe R. Dubois, Camille Arteau-Leclerc, and Thierry Giasson 9 A Moderate Proposal for a Digital Right of Reply for ElectionRelated Digital Replicas: Deepfakes, Disinformation, and Elections 270 Elizabeth F. Judge and Amir M. Korhani Conclusion: Key Considerations 312 Holly Ann Garnett and Michael Pal Contributors 327 Index 333
Preface
Figures and Tables
figures 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 7.1 7.2 8.1 8.2 8.3 8.4 8.5 8.6 8.7
Likelihood of using online registration 125 Is online registration risky or safe? 126 Level of comfort in providing information online to Elections Canada for registration 127 Comfort with online tabulation (2015) 128 Likelihood of using online voting 128 Online voting is “just too risky” (2008) 129 Is online voting risky or safe? 130 Should online voting exist? (2011) 130 Should online voting exist? (2019) 131 Lorenz curve for #cdnpoli 222 Lorenz curve for #elxn43 222 The removed “Thanks for this second mandate” ad 248 Advertisements’ tone and targets 254 “Mr. Dressup,” an example of a personalized attack ad 255 Example of a comparative ad promoting Andrew Scheer 256 Attack ads referring to provincial politics 258–9 Topics of ads 260 “Marie Antoinette – Let Them…” attack ad 261
tables 1.1 3.1
Taxonomy of threats to electoral campaigns 38 Current status of observed cyber-threats to online voting in Canada 98
vii
viii
4.1 4.2 4.3
4.4
4.5 8.1 8.2 8.3
Figures and Tables
Predictors of trust and potential usage of online registration 132 Predictors of trust and potential use of online voting 134 Predictors of trust and potential use of online voting and registration 2011 and 2015, including online news consumption variable 136 Predictors of trust and potential use of online voting and registration 2019, including satisfaction with Elections Canada variable 138 Appendix A: Questions from Canadian election study, 2009– 2019 144 Information available in the Facebook Ad Library 245 Canada Strong and Proud network Facebook pages 247 Categories of the content analysis grid 251
Preface
ix
Acknowledgments
This book was made possible with support from the Social Sciences and Humanities Research Council of Canada, through a Connection Grant for the workshop “Defending Democracy: Confronting CyberThreats at Home and Abroad.” It was also supported by a grant from the Royal Military College of Canada, and contributions from the Conference of Defence Associations Institute; the Faculty of Law, Common Law Section, at the University of Ottawa; the Telfer School of Management at the University of Ottawa; and the Smart Cybersecurity Network (serene-risc). We are deeply grateful for the research, administrative, and editorial assistance of Madison MacGregor, now a recent graduate of McGill University. Her assistance with this project, from the initial conference and policy report, through the revisions of this edited volume, were an invaluable contribution to this project. We also acknowledge the research assistance of Sarah Grieve and the technical assistance of Gant Corker with the October 2019 authors’ workshop. We have enjoyed working with McGill-Queen’s University Press, especially Jacqueline Mason, who guided us through the publishing process. Finally, we acknowledge and thank each of the contributors to this volume, whose collegial spirit and enthusiasm made this contribution to the study of Canadian elections in the digital era possible.
x
Figures and Tables
Introduction
C Y B E R - THREAT S TO CANADIAN DEMOCR ACY
1
2
Free Women in the Pampas
1928
INTRODUCTION
Defining the Field Cyber-Threats to Canadian Elections
Michael Pal and Holly Ann Garnett
In 2018, whistleblower Christopher Wylie revealed that Cambridge Analytica had harvested the data of millions of unwitting and nonconsenting Facebook users, and provided it to political campaigns, including those on the “Leave” side of the Brexit referendum and prominent American politicians (Cadwalladr and Graham-Harrison 2018). The scandal prompted a variety of official responses due to the complex mix of new technologies, which were not well understood within traditional institutions of electoral democracy. Regulatory bodies in the United Kingdom found that Cambridge Analytica and Facebook breached electoral and privacy laws around the time of the Brexit referendum in 2016 (UK Election Commission 2018; Information Commissioner’s Office 2018). An unprecedented, transnational “Grand Committee” of elected representatives across multiple countries, including Canada, investigated the Cambridge Analytica incident in light of Facebook’s status as the most used social media platform globally (UK Digital, Culture, Media and Sport Committee 2019). The Cambridge Analytica–Facebook scandal, and its suspected role in elections on both sides of the Atlantic, marked a moment of disjuncture between two eras: (1) a time when assertions were often made about how technology could solve democratic deficits on the basis of techno-utopianism applied to the realm of elected politics, and (2) the post-scandal recognition that cyber-threats to democracy must be accounted for, whatever the considerable benefits of digital technologies.
3
4
Pal and Garnett
Canada is not immune to the reverberations from this global reckoning caused by the migration of some aspects of elections to the online world. In the wake of the Cambridge Analytica revelations, the Standing Committee on Access to Information, Privacy and Ethics of the Canadian House of Commons conducted in-depth hearings and produced two substantial reports detailing the emerging digital threats to Canadian democracy and recommending widespread changes to update Canadian laws to protect democracy (Zimmer 2018a, 2018b). While digital technologies have long been recognized as changing political communication in Canada (Marland, Giasson, and Small 2014; Small 2010, 2011), and the use of technology in the process of casting and counting ballots is commonplace, the study and analysis of digital threats to the integrity of Canadian elections has only recently surged. Thus, scholars and practitioners have had few resources with which to understand and analyze the evolving cyberthreats to Canadian democracy. This volume fills this gap by presenting the first comprehensive study of the variety of cyber-threats to the integrity of elections across Canadian jurisdictions. It considers which cyber-threats exist in Canada, provides an empirical assessment of how they played out in the 2019 federal election, analyzes the political and legal implications of these threats, and reflects with a critical lens on emerging ways of thinking about electoral cyber-threats and potential policy responses. Our aspiration is that this volume will help seed the field of study of cyber-threats to Canadian elections, provide empirical evidence as to what reforms are needed to address them, and evaluate the existing legal and policy frameworks in light of these threats. The chapters in this volume seek to point out the depth of the challenges posed by cyber-threats to Canadian elections and democracy. The attendant risks of digital democracy transcend any particular electoral event. This volume is deliberately interdisciplinary. Chapters are written by scholars in political science, computer engineering, law, communications, and other disciplines. The different perspectives are necessary, in our view, to illuminate the full nature of the cyber-threats to Canadian elections. For example, an exclusive focus on behaviour online is not complete without an understanding of the legal framework that may shape and constrain it, and vice versa. We hope that the conversations across disciplines that can be found in reading the diverse chapters together are fruitful and will spark ideas for new
Introduction
5
research. The methodologies in the chapters are also as diverse as the subject matter being studied. They include analysis of public opinion surveys, semi-structured interviews, content analysis, and doctrinal legal analysis. In our view, the cross-disciplinary approaches and variety of methodologies reflected in the pages that follow are a strength of the volume.
defining cyber-threats To begin, it is necessary to explore and define exactly what we mean by “cyber-threats” to elections in this volume. We start with the overarching concept of electoral integrity, a term used to study the quality of elections throughout the electoral cycle, from election day to its aftermath (Norris 2014). Drawing on international agreements, the term refers to the generally agreed upon norms and rules that structure fair political competition in democracies (Garnett and Zavadskaya 2018; James et al. 2019; Norris 2014, 2017). Because many components of the electoral cycle, from voter registration to campaigning and even the voting process itself, have moved into the digital realm, new questions must be asked regarding how elections can be managed according to our democratic ideals of accessibility, security, and fairness with the plethora of new online and offline technologies (Garnett and James 2020). Some scholars use the term “cyber-security,” a narrower phrase than cyber-threat, which implies a close link to the security or vulnerability of computer and online systems. However, the potential negative impacts of new technologies on elections are much broader than this term may imply. Online harassment, disinformation, and degraded trust in institutions are all features of contemporary elections that go beyond the narrower connotations of “cyber-security.” This volume will therefore focus on all cyber-threats to elections, which we define as the use of digital technologies in all activities in the electoral cycle that could have a negative impact on electoral integrity.
identifying cyber-threats to elections We are undoubtedly in a period of rapid technological change. The effects on society at large are beyond the focus of this volume, yet it is not hyperbolic to say that new technologies have significantly
6
Pal and Garnett
changed elections and will continue to do so. The issues discussed in this volume at the intersection of elections and cyber-security are varied and multi-faceted. The chapter authors come from multiple disciplines and apply distinct theoretical frameworks, methodologies, and subject-matter foci. By grouping this variety of perspectives together in this volume, we hope to illuminate the full scope of the challenges and opportunities of this era of digital democracy. In this introduction, we seek to look forward to and set out what are likely to be the enduring, major flashpoints around the cyber-security of Canadian elections in coming years. We set out four main issues: (1) cyber-threats to national and individual security, (2) digital technologies and the voting process, (3) responses to misinformation and disinformation, and (4) cyber-threats on social media platforms. The discussion of these four issues is meant to contextualize the contributions in this volume and to identify where in our assessment continued scholarly and policy energy should most fruitfully be directed. Cyber-Threats to National and Individual Security In its noteworthy report looking forward to Canada’s 2019 federal election, the Communications Security Establishment (cse) found that multiple elections around the globe in recent years suffered from foreign interference conducted largely through digital means (Communications Security Establishment of Canada 2017). To imagine that Canada is immune from such interference would be unrealistic. For example, social media platforms enable digital access to Canadian voters from anywhere on the globe, as well as by state and non-state actors. Media reports have found that foreign entities are extensively involved in Canadian online debates on social media platforms, especially on hot-button topics such as the oil sands (Tunney and Burke 2019). The adoption of Magnitsky Act-style sanctions on Russian actors (Justice for Victims of Corrupt Foreign Officials Act (Sergei Magnitsky Law) 2017; Zilio 2017), conflicts with China and Iran (Tunney and Burke 2019), and so on have laid bare potential conflict lines with states that may have incentives to interfere in Canadian elections, and they are using digital means for that purpose. Non-state actors also remain ongoing threats (Coleman 2014; Communications Security Establishment of Canada 2017). Protecting Canadian elections from foreign interference is and should be a priority for election administrators and national security practitioners.
Introduction
7
Thus, even while recognizing the real threats posed by foreign interference, there is now a need to critically interrogate the relationship between national security and elections. One of the dangling threads remaining from the 2016 presidential election in the United States was how the state should approach the decision to disclose credible threats of foreign interference in a national election. In the context of allegations about Russian interference that were substantiated to some extent by the Mueller Report (Mueller 2019), the United States adopted sophisticated protocols for when to disclose foreign interference to the public and how cooperation between orders of government would occur. These structures reflected a particular view of how to balance the complex mix of the legitimate demand of the public for knowledge about events that might materially affect the election, and national security concerns. For the 2019 federal election, Canada adopted for the first time its own formal, public protocol on when and how the electorate would be informed of foreign interference in elections (Minister of Democratic Institutions 2020). A committee of senior bureaucrats informed by the national security and electoral agencies was tasked with making the decision about whether to inform Canadians about such events. In the end, the committee deemed that no public disclosures were necessary, and Elections Canada ultimately reported to Parliament that no significant cyber-attacks occurred during the campaign (Elections Canada 2020). Some details remain unclear however, such as what threshold is used to determine whether a threat is plausible or material enough to be disclosed. National intelligence agencies now play a role in Canadian elections that would have been deemed too risky or beyond their mandates in earlier years. The old assumption that national security agencies should ideally be entirely at arm’s length from democratic processes such as elections, as long as they stay within a defined role, may no longer be persuasive. Whether csis (Canadian Security Intelligence Service) or cse should have the power to disrupt foreign interference operations is a matter of ongoing public debate (Nesbitt 2019). The national securitization of elections in the face of foreign threats may turn out to be an overreaction that signals an unhealthy impulse and result for a democracy. The relationship between democracy and national security in Canada is and will continue to be relevant to many of the chapters in the volume.
8
Pal and Garnett
We also suggest that the issue of the security of voters’ private information will endure. Elections have now been “datafied” (Information Commissioner’s Office 2018). That is, political parties rely on amassing data about voters to hone messaging, engage in get out the vote operations, fundraise, and so on. Developing profiles about voters in party databases and using big-data analytics to draw inferences about voter behaviour are at the core of political parties’ activities in Canada (Bennett 2016; Bennett and Bayley 2012; Judge and Pal 2021). The ability of parties to connect with voters is at the heart of electoral democracy and political parties have enthusiastically used new technologies to do so. From voters’ perspective, however, the law has not kept up with the datafication of politics. Privacy law in Canada generally sets limits on how data about individuals can be collected, analyzed, and used. Either federal or provincial law imposes privacy obligations on most major public and private organizations. Yet political parties are not covered by either of the two major federal pieces of privacy legislation, pipeda (Personal Information Protection and Electronic Documents Act) or the Privacy Act. With the exception of some restrictions in British Columbia, provincial law also generally does not cover political parties. Parties therefore gather and use data about voters but are not required to meet the same standard for privacy protection as private and public sector actors. Political parties are no longer mass movements reflecting deep social roots, either globally (Katz and Mair 2018) or in Canada (Johnston 2014). They are perhaps more like cartels whose purpose is capturing the state to extract value (Katz and Mair 2018; MacIvor 1996) or leader-driven vehicles in the context of “audience democracy,” where leaders seek to forge direct connections with voters through the media (Manin 1997). In most theories, parties now operate as vehicles for winning elections, including through online tactics. Political parties in Canada were quite triumphalist from the 2006 election onward about their “online games” and digital databases (Bennett et al. 2014; Judge and Pal 2021) but the “robocalls” scandal around the 2011 election (Pal 2017) and the Facebook revelations from 2018 showed the dark side of big-data politics and put a break on that mood. The online world remains at the core of parties’ strategies, however. That includes digital advertising, fundraising, and voter engagement and turnout. Digital operations are now an undeniably foundational
Introduction
9
aspect of party politics in Canada (Marland, Giasson, and Small 2014). Parties have adopted an array of applications that have altered even the previously offline realm of door-to-door canvassing (McKelvey and Dubois 2017). These changes have introduced new threats, such as the hacking of voter databases that contain heaps of sensitive, personal information (Bennett et al. 2014; Judge and Pal 2021), voter suppression through digital means (Vaidhyanathan 2018), and advertising on social media that lacks transparency (Pal 2018). The standards that do exist federally and apply to parties do not seriously protect privacy, given how politics now operates. The basic information in the voters’ list provided to parties contains only minimal privacy protections, mainly a restriction on using the list for nonpolitical purposes (cea, s. 385[1]). The Elections Modernization Act was a missed opportunity. Although it took a step forward in requiring parties to have a privacy policy that covers certain areas, it failed to actually require meaningful privacy protection for the sensitive, personal information of voters covered by the privacy policies. And all of the major federal parties already had such policies (Bennett 2016). It seems likely that data about voters will only grow in value as a currency for political parties. If that is the case, it also seems probable that privacy concerns about the unauthorized gathering of data, or its misuse once acquired, will remain salient. The logic behind protecting privacy in how data is collected and used by the public and private sectors does not disappear during elections. Pressure for meaningful privacy reform for voter privacy therefore appears likely to continue. Protections for privacy in the electoral context should take into account the need for parties to gather data about and communicate to voters (Judge and Pal 2021). Whether privacy law for voters, elections, and political parties will evolve sufficiently to facilitate the connection between voters and parties while also protecting voters’ sensitive personal information will be of great concern in the coming years. Digital Technologies and the Voting Process Models of election administration developed for the offline world are now confronting multiple cyber-threats as technology continues to be infused piecemeal into the electoral process. Electoral management bodies (embs) administer Canadian elections at the federal and provin-
10
Pal and Garnett
cial levels. Whether these entities have the necessary legal authority, resources, technological prowess, and popular trust to enforce electoral legislation online is an open question (Garnett 2019; van Ham and Garnett 2019; James 2019). embs possess only the authority granted to them by legislatures. They operate independently from the political branches of government, but are constrained by the particular legal authority provided to them by statute. The effect of digital technologies also stretches election administration into realms that were previously seen as outside of election law, such as voter privacy, social media platform regulation, and so on. Expanding election administration into new areas challenges embs’ understanding of their own roles and powers and, potentially, public confidence in their capacity to ensure electoral integrity. For example, how can a single regulator keep up with the enforcement of rules for political advertising when there are millions of different iterations of advertisements running on a social media platform that has a proprietary algorithm (Turnbull 2018)? Canada has taken some steps toward the use of technology in election administration, though perhaps more slowly than in some comparable jurisdictions. Take the practice of voting. Online voting has not to date been adopted for federal or any provincial elections. Estonia was the first country in the world to adopt a fully online nationallevel election (E-Estonia 2020). Online voting options are also available for municipal elections in many provinces, including some of the largest municipalities in Ontario (Cardillo, Akinyokun, and Essex 2019). Elections in some First Nations, Inuit, and Métis communities and territories have been conducted at least partially online (Gabel et al. 2017). More recently, the first fully online election in a province or territory occurred in the Northwest Territories, in 2019 (Bird 2019). Parliament and provincial legislatures to date have not signalled a willingness to follow these jurisdictions. The provinces have more readily accepted vote tabulating technology. While the use of technology in the voting process is not new around the world, the shift from punch cards and levers to vote tabulation machines and optical scans was particularly noted in the American context post-2000. Those technologies are not used at the ballot box in Canadian federal elections but are becoming common in provincial elections, where optical scanners are increasingly used to count ballots. The most significant move toward embracing new technology at the federal level is the adoption of online registration, which allows
Introduction
11
voters to be listed on the National Register of Electors by providing pieces of information on a secure website. Identification is then checked at the polls. Online registration has been demonstrated to attract voters, particularly younger voters, who may find this measure an added convenience, even if same-day registration remains permitted at the polls in Canada (Garnett 2019). Advance registration provides the voter with printed information in the mail (the “Voter Information Card”) with details about their polling stations for advanced voting and on election day. Threats to electoral integrity in the form of malfeasance or fraud have always been a risk for Canadian elections. The introduction of new technologies or ways of delivering elections did not give birth to the possibility of domestic or foreign election interference. The use of new technology simply opened up new potential threats. New technologies deployed across ridings in a jurisdiction may increase the risk of interference that was likely to have been only local in the past. Stealing a voters’ list for a riding, for example, has less potential to harm a federal election as a whole than a cyber-attack on a centralized voter registration database. Awareness of cyber-threats must be central to the decision to adopt any particular new technology in election administration. The decision must balance the convenience or cost effectiveness of a new technology against the likelihood of interference, whether foreign or domestic, and the potential scale of the impact. Democracy rests on the public legitimacy provided, if not exclusively, then at least significantly, from elections. Election procedures and outcomes must be trusted by the public to have legitimacy (Norris 2014; Lipset 1960). New cyber-threats to democracy may reduce public trust, whether because of concerns about the security of the system due to manipulation or hacking or voters’ unwillingness to believe any electoral information due to issues with disinformation. The effect on public trust of integrating new technologies must also be top of mind. Misinformation and Disinformation The challenges posed by electoral misinformation and disinformation online are also pressing. Misinformation refers to the unintentional spreading of inaccurate information whereas disinformation means deliberate attempts to mislead by disseminating a particular
12
Pal and Garnett
false message. Misinformation and disinformation in elections are not new problems (Eisler 2020; Douek 2021; Karanicolas 2020; Ohlin 2020). Messages of dubious accuracy targeting politicians are a regular part of the partisan fray. Propaganda issued by a foreign government but entering into domestic media at election time is a regular feature of an open, democratic system. The major question here is about how the courts will view the constitutionality of any restrictions imposed by the state on electoral speech in the era of digital democracy. The standard answer provided by Canadian law as to whether misinformation in politics can be regulated is a resounding “No.” The Supreme Court has held in its jurisprudence that nearly all expression, excluding violence and threats of violence (Canada (A.G.) v. J.T.I. MacDonald, [2007] 2 scr 610 at para 60; R. v. Zundel, [1992] 2 s.c.r. 731), is protected by s. 2(b) of the Charter. Even lies knowingly told fail to attract the protection of s. 2(b). Political expression is further considered to be at the core of the guarantee of freedom of expression. In combination, the broad definition of expression, the protection for even deliberate falsehoods, and heightened recognition of the need to insulate political expression from state interference mean that it is difficult for any regulation of misinformation to pass constitutional muster. A “truth in political advertising” law, with a government regulator determining whether an advertisement was “true” or “false” and imposing a significant fine or jail time if found to be “false,” is assumed by the courts to be the antithesis of a free society and thriving democracy. The approach to misinformation is a civillibertarian one premised on the need to keep the state away from the “marketplace of ideas” (Harper v. Canada (A.G.), 2004 scc 33). As a result of the Charter and the approach taken by the Canadian courts to interpret political expression, “misinformation,” with only small exceptions, is generally not restricted by the Canada Elections Act. As opposed to misinformation, some of the rougher edges of disinformation have been regulated. The Elections Modernization Act states that it is an offence to impersonate, say, the Chief Electoral Officer (ceo) in communicating with voters, for example, or to disseminate a message while purporting to be a candidate (ema, s. 347[1]). If anyone could impersonate the ceo and instruct voters to vote on the wrong day or in the wrong location, there would be a serious risk of voter suppression. Just such a scenario occurred during the robocalls scandal, though the communication was over the telephone rather than
Introduction
13
online. The scale and speed of communication over the internet allows for misinformation to spread across the country nearly instantaneously. If we were searching for a unifying theme, we could argue that these and related provisions are aimed at stopping disinformation where there is a direct threat of corrupting the electoral process. Limitations on freedom of political expression are presumably constitutional if they ensure the integrity of the electoral process. The courts have recently had to engage directly with election disinformation and misinformation and what is permitted by the Charter. There have long been prohibitions regarding false statements of various kinds about candidates in federal electoral legislation. Section 91(1) prohibited certain false statements about candidates, party leaders, and political figures, including about their professions, criminal convictions, and place of birth, among others. Amendments to s. 91(1) in 2018 meant that false statements about the protected individuals were no longer explicitly required to be made “knowingly.” Justice Davies of the Superior Court of Ontario interpreted that provision as being breached even if an individual unknowingly disseminated false information that they thought to be true. In Canadian Constitution Foundation v. Canada (Attorney General) (ccf 2021), Justice Davies therefore struck down s. 91(1) of the Canada Elections Act for violating the constitutional protection for freedom of political expression and not constituting a justifiable limit. It appears that Parliament will attempt to remedy the constitutional deficiencies by re-inputting a knowledge requirement into an amended s. 91(1). Whether the decision of Justice Davies will be narrowly interpreted in the future as turning on specific facts of legislative drafting or presages a more civil-libertarian interpretation of freedom of political expression by the courts remains to be seen. While s. 91(1) was not a prominent feature of Canadian election law before the case, the decision is potentially a consequential one. How the case is interpreted by courts in the future will partially determine whether provisions geared to protecting electoral integrity, such as the ban on impersonating the ceo or a candidate, may also be vulnerable to challenge. The collision between the internet and freedom of expression doctrines developed before the advent of instantaneous, global online communications promises to be a recurring issue. The regulation of disinformation is premised on the idea that the vaunted “marketplace of ideas” is dysfunctional when flooded with deliberate lies rapidly spread. The velocity and the magnitude of the spread of disinforma-
14
Pal and Garnett
tion are dramatically different from the pre-internet context from which the marketplace idea emerged. It is possible that the courts will remain reluctant to permit any regulation of not just misinformation but also disinformation. Alternatively, they may also reach the conclusion that the internet changes how we must understand freedom of political expression and what limits on it are justifiable. These concerns come to a head on issues such as “deepfakes,” or forms of impersonation, as discussed by Judge and Korhani in chapter 9 or issues about online interpretation. Restrictions on impersonating candidates could be seen as furthering electoral integrity or as restricting the legitimate expression of political views. Convincing but fake digital replicas have the potential to undermine voters’ capacity to determine how to exercise their right to vote, who to support at election time, and so on. It is likely that there will be future efforts to regulate deepfakes or other forms of impersonation. Whether constitutional protection for freedom of political expression evolves in response to online communication of this type will be among the most important issues shaping Canadian electoral cyber-security. Cyber-Threats on Social Media Platforms The final major issue relates to the social media platforms where a variety of cyber-threats have found a home. Before 2008, social media platforms were largely irrelevant to elections. Now they permit widescale dissemination of messages without the traditional media acting as a filter between the speaker and the audience (Marland, Giasson, and Small 2014). Canadians’ widespread use of social media platforms has meant the emergence of entities such as Facebook and Twitter as key tools of political communication (Small 2010; Vaidhyanathan 2018). Politicians seek to communicate organically with voters, volunteers, and donors on these platforms (Delacourt 2016; Marland, Giasson, and Small 2014). The online space has also become a key vehicle for paid political advertising. Facebook and Google now dominate the online commercial advertising market. The same has become true for political advertising (Turnbull 2018; Pal 2018; Vaidhyanathan 2018). Whether Canadian jurisdictions will legislate to shape how political communication happens on these platforms and, if so, how they will proceed, are now questions of paramount importance in election law.
Introduction
15
Because these entities are relatively new and are constantly evolving, election law has not yet imposed the degree of regulation to online platforms that it does to television or radio communication. However, rules developed for offline communication often do extend online. The spending limits facing third parties during the election period, for example, capture both online and offline spending on political advertising. Whether they are enforceable is another matter, due to the lack of transparency in some online transactions. Some offline rules do not apply online, for the good reason that they do not fit with how online platforms operate compared with traditional media. Many provisions of the Canada Elections Act designed to ensure fair advertising in radio or television simply do not apply to online platforms, such as s. 335(1), which allocates broadcasting time on television to political parties. It is also possible to find examples where a rule applying to traditional media should apply online, but does not (Pal 2020). In sum, the regulation of social media platforms by election law appears inconsistent and incomplete in Canada. There are gaps in the law, and even where the law applies a reasonable observer could conclude that there is a paucity of enforcement in some areas. The absence of regulation by Canadian election law often means that the internal rules of the platform are the de facto law and thus undeniably shape political communication. Parties seeking to maximize engagement with potential voters or contributors must be cognizant of how the platforms operate. The effect of algorithms that determine what content gets shared online, with how many people, and how quickly is of great consequence for online communication generally, including for political messaging (Cohen 2020; Zuboff 2020). Much of the scholarly analysis of platform decision-making has focused on “content moderation,” the decision taken by online entities on whether to take down controversial or illegal content. Content moderation includes oversight of posts or tweets or other forms of communication by candidates, elected representatives, and political parties. The internal rules of moderation may apply to both organic or paid content. The platforms have developed content moderation workforces operating under guidelines based not only on the platforms’ own policies but also informed by state law (Klonick 2018). Facebook has now established internal private governance mechanisms that purport to independently adjudicate a narrow set of con-
16
Pal and Garnett
tent moderation decisions by the quasi-judicial “Oversight Board” (Klonick 2018; Douek 2019). Given the centrality of online platforms for political communication, “deplatforming” an individual or specific content can make it significantly more difficult for their capacity to spread their message. Canadian election law generally seeks a “level playing field” (Harper 2004), but it is not clear whether the decisions of platforms on speech reflect or advance this model. There are two dimensions to the level playing field. The most commonly remarked upon relates to money in politics, in the form of spending and contribution limits designed to prevent those with more resources from dominating electoral politics. A level playing field, however, also means that all political entities are to be equal under the law and in the actions of the emb, Elections Canada. The Canada Elections Act cannot favour large political parties as the expense of small or new ones (Figueroa v. Canada (A.G.), 2003 scc 37). Decisions by Facebook to take down posts or by Twitter to ban an elected representative from the platform are not commanded by the Elections Act and are not subject to the Charter. Yet they raise similar issues about whether a level playing field exists for political entities competing to spread their message online but subject to the platforms’ private, internal rules. Whether content moderation decisions will disproportionately harm certain political messengers or messages will be of ongoing relevance given political entities’ reliance on the platforms to communicate. Whether, and if so, how the platforms take into account the legal standards in the Canada Elections Act or the Charter in making decisions about moderating political content remains to be seen. There is evidence that the decisions and policies of the platforms on content are primarily shaped by American free speech standards, such as the First Amendment and the case law of the United States Supreme Court, or by global trends (Douek 2019; Klonick 2018). Certainly the US standards at least are unlikely to fit with Canadian constitutional and statutory law on freedom of political expression, because Canada has adopted a more “egalitarian” approach rather than the more libertarian model in the United States (Feasby 1999; Manfredi and Rush 2008). The internal architecture of the platforms has also proven to be a key variable in shaping political advertising. The main driver here is platforms selling various types of microtargeting advertising. For example, Facebook permits the microtargeting of advertisements at
Introduction
17
individuals on the basis of granular data amassed from the platform user’s own activity (Vaidhyanathan 2018). These advertisements are not subject to the same publicity as those run on television or radio would be; they may only be seen by the individual user or a small number of users. Whether this functionality of Facebook encourages more polarizing messages or voter suppression are ongoing questions worthy of further investigation, and would have been irrelevant before the widespread use of the platform. The relatively strict regulation of political advertising in the Canada Elections Act, however, was not designed with the reality of microtargeting in mind. The Act imposes various transparency requirements. Those seeking to spend more than trivial amounts on advertising during the regulated pre-election and election periods must register with Elections Canada. Similar rules exist in most provinces. Advertisers, including political parties and third-party interest groups, must also disclose themselves as the source of the advertisement (cea, s. 320, s. 349.5). However, with microtargeting, the general public and Elections Canada does not get to see if the advertiser is complying with transparency rules. Only the audience, which may be small, and the online platform, know whether the source is being disclosed and whether registration requirements were triggered. Microtargeted advertising therefore seriously undermines the integrity of the regulatory regime around political advertising, and it is difficult or impossible for Elections Canada to know whether advertisers are complying with transparency requirements. If platforms are the entity most knowledgeable about what happens on their online properties, it would be logical to impose legal obligations on them to ensure advertisers’ compliance. The Elections Modernization Act made some small steps in this direction. It created a new offence applicable to platforms that place an advertisement from a foreign source that is barred from advertising in a Canadian election (Pal 2020). The Elections Modernization Act also imposed another obligation on online platforms to ensure transparency despite microtargeted advertising: an advertising repository. Platforms with more than a certain number of users in Canada or Quebec are obliged to keep a repository of all political advertisements disseminated on their networks during the regulated pre-election and election periods (ema, s. 208.1). The repositories must be searchable and archived for a number of years to allow them to be scrutinized for possible violations of elec-
18
Pal and Garnett
tion law. Determining whether the platforms are using the statutory definitions of “political advertising” or “partisan advertising” and capturing all relevant messages will be key to assessing the effectiveness of the repository at furthering the value of transparency. The tentative steps by Parliament to impose legal duties on platforms to facilitate electoral integrity will undoubtedly only be the early part of a much longer journey. Canadian election law has often been remodelled in response to new technologies, and social media platforms are just the latest in a long line of new regulated entities under the Canada Elections Act. When television arose as a means of communication relevant for politics, a whole suite of rules about broadcasting time, advertising transparency, and spending limits emerged in response. As political behaviour online and the internal rules of the platforms evolve, the law will similarly need to keep pace. Otherwise, it will be impossible to realize the values of transparency, integrity, and a level playing field. How to adapt Canadian election law to the online space to further these values will be an ongoing matter of political and legal debate that shows no signs of abating.
this volume The chapters in this volume address a variety of actors and institutions. They consider not only political parties and third parties, which are traditional foci of the study of elections and electoral law, but also social media platforms, national intelligence agencies, public opinion, and private vendors. They consider jurisdictions that include Canada and the provinces, including municipalities, territories, and Indigenous governments, since the digital cyber-threats to Canadian elections are hardly territorially defined. We summarize each of the chapters here. To begin, in Part 1, the first two chapters, by Lisa Young and Leah West, consider how cyber-threats have been conceptualized by Canadian law and national security organizations. In chapter 1, Young critically examines the “securitization” of Canadian election law and administration, identifying it as emerging as a result of digital campaigning and globalization. Canada’s attempt to comprehensively regulate campaigns and political parties in the Canada Elections Act (2000) is, in the author’s assessment, being challenged by these twin developments. Young questions whether the securitization narrative is the appropriate lens through which to shape legislative, executive, and
Introduction
19
administrative responses to digital campaigning. The chapter furnishes a taxonomy of digital threats to elections, identifies securitization as the dominant mode through which state actors have viewed these threats, and details the policies that were promulgated between 2016 and 2019. Young also returns to a foundational problem in Canadian election law: partisan self-dealing (Feasby 1999; Pal 2011; Dawood 2012), and argues that some of the responses to date have reflected narrow, factional, partisan self-interest. In chapter 2, West dives deeper into one institutional facet of the securitization of elections identified by Young by considering the specific role played by the national intelligence agencies in the 2019 federal election. The chapter considers how the mandates of the Canadian Security Intelligence Service (csis) and cse have evolved in light of credible cyber-threats to electoral integrity. Notably, in time for the 2019 election, csis and cse had new powers conferred by legislation to actively disrupt foreign interference operations. The chapter considers these new powers in light of the evolving cyber-threat environment and also details the workings of the Security and Intelligence Threats to Elections (site) task force, composed of csis, cse, gac (Global Affairs Canada), and the rcmp, which was newly constituted for the 2019 election. The chapter relies on open-source information and access to information requests. West concludes that even if the effectiveness of foreign interference operations in moving votes and opinions is unclear, national security agencies retain an important mandate to identify what foreign interference is occurring and to stop it if possible. The next two chapters, which comprise Part 2, consider the adoption of digital technologies for the voting process in Canada. In chapter 3, Nicole Goodman and Aleksander Essex draw attention to the extensive use of electronic voting in subnational jurisdictions in Canada. While federal elections use paper ballots, many jurisdictions, including municipalities, the Northwest Territories, and Indigenous governments, employ online voting. Large jurisdictions such as Ontario use electronic tabulators. The emphasis on the federal case in the literature on election administration has, arguably, obscured the widespread adoption of electronic voting at other levels of government in Canada. Goodman and Essex detail the challenges posed by electronic voting and make recommendations on how to manage cyber-threats to elections in light of the practices that they outline in the chapter.
20
Pal and Garnett
Holly Ann Garnett and Laura Stephenson, in chapter 4, place public opinion about the use of technology in elections squarely within the conversation. The authors note that Elections Canada introduced online registration for the 2015 election, but that federal elections still lag behind many other jurisdictions, including provinces and territories, in the use of new technology. In determining whether to expand the use of new technologies at any stage of the electoral process, the chapter argues that we should consider public opinion and how the use of new technology would affect Canadians’ trust in the electoral process itself. The chapter therefore asks how trusting Canadians are of technology in elections, and whether socio-demographic variables are related to trust in election technologies. Employing data from the Canada Election Studies conducted between 2008 and 2019, Garnett and Stephenson consider in particular whether age is related to trust in the technology used in elections and whether the participation gap for young people could be reduced by the use of such technology. They conclude that there is relatively widespread acceptance of the use of technology in elections, though an appreciable proportion of the public is skeptical of online voting in particular. Trust in technology used for elections is related to age, education, and income, though not to gender, in their findings. The authors conclude that fully adopting online technologies may be harmful because some groups would be less likely to use them, particularly individuals of lower socio-economic status who are less trusting of the technology. Younger people, who are more likely to trust such technology, may, however, be more likely to participate. In light of the data, the authors conclude that it would be premature to say whether online voting should be adopted or not. The two chapters in Part 3 deal with how political parties and journalists have responded to the different challenges presented by online media in elections. First, in chapter 5, Anna Lennox Esselment builds on the theme of the evolving role of political parties by investigating their responses to digital cyber-threats. Esselment begins by looking at the digital cyber-threats that have had a negative impact on parties in the past, and then at what threats materialized during the 2019 election. The chapter, which relies on approaches such as media monitoring and accessing the Facebook Advertisement Library (fal ), provides a typology of digitalcampaign threat responses on the basis of a comparative analysis
Introduction
21
with other jurisdictions, and then identifies which federal parties adopted which responses in 2019. The online dissemination of misinformation and disinformation poses multiple serious challenges for electoral integrity, including how to ensure an informed electorate in a new information environment. In chapter 6, Stephanie MacLellan and Chris Tenove grapple with one dimension of this issue by focusing on how journalists responded to the threat of online disinformation in the 2019 federal election campaign. They argue that journalists have long played a gatekeeping role with political information. There is a risk that journalists will wittingly or unwittingly spread or give credence to misinformation or disinformation that will be believed by the public. The authors interviewed over thirty journalists before, during, and after the federal election to establish how journalists defined and responded to the potential spread of disinformation. MacLellan and Tenove conclude that while some organizations and reporters developed new techniques and approaches, many journalists turned to long-standing practices of journalistic and editorial judgment to weed out misinformation and disinformation. The final set of chapters, in Part 4, covers three distinct cyberthreats: bot activity, third parties, and digital replicas/deepfakes. In chapter 7, Alexei Abrahams and Gabrielle Lim frame fears of foreign interference and informational propaganda as commonplace but often lacking rigorous attempts to track and measure the effect that particular communications have on voters. The chapter therefore seeks to measure the level and effect of disinformation campaigns during the federal election on one social media platform. The authors collect data from Twitter using the popular #cdnpoli and #elxn43 hashtags. They find false and misleading content, but little evidence of coordinated disinformation campaigns in 2019. They do identify a “remarkable hyper-concentration of influence” by a small number of individuals who drive the Twitter conversation. The dominance of the “Twitter elite” challenges an assessment of the platform as horizontal or, even, an appropriate forum for democratic engagement. In chapter 8, Philippe Dubois, Camille Arteau-Leclerc, and Thierry Giasson examine the workings of third parties in federal politics to assess the risks posed by domestic rather than foreign cyber-threats to electoral integrity. Third parties are defined in s. 2(1) of the Canada
22
Pal and Garnett
Elections Act as any individual or organization other than a registered political entity, such as a political party, candidate, leadership contestant, or electoral district association. The study of third parties is an important focus given their increasing role in Canadian politics. The number of third parties increased significantly between the 2011, 2015, and 2019 elections (Elections Canada 2020). Some of these third parties are primarily or exclusively digital operations that deploy organic, or free user-generated and shared material, and paid advertising (Pal 2018). Dubois, Arteau-Leclerc, and Giasson analyze the strategies of the Canada Strong and Proud network, such as “Proud to be Canadian” and “Québec fier,” during the 2019 federal election, using this material to assess the adequacy of the fal as a tool for ensuring transparency in political communication during the election period. The imposition of a requirement for large online platforms to have an advertising repository was a key component of the government’s legislative response to cyber-threats found in the Elections Modernization Act (2018). The fal was the most prominent of these repositories, given the decision by Google, Facebook’s main competitor for advertising dollars, to refuse to accept political advertisements during the regulated period of the 2019 election (Thomson 2019). The chapter concludes that the fal suffers from several drawbacks and that the approach taken in the Elections Modernization Act is incomplete and already in need of an update. Finally, in chapter 9, Elizabeth F. Judge and Amin M. Korhani assess the potential use of deepfakes in Canadian politics. Deepfakes, a cutting-edge technology with the potential to undermine electoral integrity, are convincing videos that are inauthentic but that have been manipulated to look real (Chesney and Citron 2019; Hasen 2019). They are disinformation in video form, rather than in words or texts. Judge and Korhani warn that by synthesizing existing images with fake ones, deepfakes can be used to make any politician appear to be saying something that they have never said. The widespread use of deepfakes would be a serious challenge to electoral integrity, given how difficult it would become for individuals to assess the veracity of videos that capture statements, or even actions, seemingly made by politicians. Choosing how to respond to the risks posed by deepfakes is a complex endeavour, given the right to freedom of political expression in the Canadian Charter of Rights and Freedoms, the various existing provisions in the Canada Elections Act regarding false speech about candidates, and the need to ensure the
Introduction
23
free flow of political expression. Building on the lessons of intellectual property law, Judge and Korhani argue that the best response in these circumstances is a digital right of reply for individuals who have been “deepfaked” and sketch how such a right of reply would operate in practice. The volume’s conclusion by Garnett and Pal provides ten key crosscutting considerations for the field of election cybersecurity in Canada that can be drawn from looking at the chapters in the volume as a collective. They are also forward looking and seek to highlight ongoing challenges for election cybersecurity.
conclusion Given the revelations of foreign interference in the US presidential election of 2016 in the Mueller Report, and the Cambridge Analytica scandal, one could be forgiven for viewing the Canadian federal election of October 2019 as a pivot point for assessing whether Canada had adequately responded to the emergence of cyber-threats to electoral integrity. The responses to these threats in the lead-up to the vote in 2019 were numerous, including the Elections Modernization Act, the internal decisions of political parties, actions by the social media platforms, the work of the national intelligence agencies and the site task force, and so on. Rather than seeing the federal election of 2019 as an endpoint, the chapters in this volume instead show the ongoing challenges posed by digital cyber-threats both foreign and domestic, and the continuing need to assess the adequacy of the responses. It is our hope that this volume will help to foster the analysis and debate that is necessary given the digital cyber-threats to Canadian elections and democracy.
references Bennett, Colin J., 2016. “Big Data and Voter Surveillance.” Workshop on Big Data Surveillance, Queen’s University. Bennett, Colin J., and Robin M. Bayley. 2012. Canadian Federal Political Parties and Personal Privacy Protection: A Comparative Analysis. Office of the Privacy Commissioner of Canada. Bennett, Colin J., Kevin D. Haggerty, David Lyon, and Valerie Steeves, eds. 2014. Transparent Lives: Surveillance in Canada (The New Transparency Project). Edmonton: Athabasca University Press.
24
Pal and Garnett
Bird, Hilary. 2019. “N.W.T. to be 1st Province or Territory to use Online Voting in General Election.” cbc News. https://www.cbc.ca/news/canada /north/nwt-election-online-1.5199115. Cadwalladr, Carole, and Emma Graham-Harrison. 2018. “Revealed: 50 Million Facebook Profiles Harvested for Cambridge Analytica in Major Data Breach.” https://www.theguardian.com/news/2018/mar/17 /cambridge-analytica-facebook-influence-us-election. Cardillo, A., N. Akinyokun, and A. Essex. 2019. “Online Voting in Ontario Municipal Elections: A Conflict of Legal Principles and Technology?” International Joint Conference on Electronic Voting (E-Vote-id) 2019. Lecture Notes in Computer Science, vol. 11759. Chesney, Robert, and Danielle Citron. 2019. “Deep Fakes: A Looming Challenge for Privacy, Democracy, and National Security.” California Law Review 107 (6): 1753–820. Cohen, Julie. 2020. Between Truth and Power: The Legal Constructions of Informational Capitalism. Oxford: Oxford University Press. Coleman, Gabriella. 2014. Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. London: Verso. Communications Security Establishment of Canada. 2017. Cyber Threats to Canada’s Democratic Process. csec (Ottawa). https://cyber.gc.ca/en/guidance /cyber-threats-canadas-democratic-process/page2. Dawood, Yasmin. 2012. “Electoral Fairness and the Law of Democracy: A Structural Rights Approach to Judicial Review.” University of Toronto Law Journal 62 (4): 499–561. Delacourt, Susan. 2016. Shopping for Votes: How Politicians Choose Us and We Choose Them. Madeira Park: Douglas & McIntyre. Douek, Evelyn. 2019. “Facebook’s ‘Oversight Board’: Move Fast with Stable Infrastructure and Humility.” North Carolina Journal of Law & Technology 21 (1): 1–78. – 2021. “The Free Speech Blind Spot: Foreign Election Interference on Social Media.” In Defending Democracies: Combating Foreign Election Interference in a Digital Age, edited by Jens David Ohlin and Laura H Carnell. Oxford: Oxford University Press. E-Estonia. 2020. “i-Voting.” E-Estonia. Eisler, James. 2020. “Constitutional Formalities, Power Realities, and Comparative Anglophone Responses to Foreign Campaign Meddling.” Election Law Journal 20 (1): 32–53. Elections Canada. 2020. Report on the 43rd General Election of October 21, 2019. Elections Canada.
Introduction
25
Feasby, Colin. 1999. “Libman v. Quebec (A.G.) and the Administration of the Process of Democracy Under the Charter: The Emerging Egalitarian Model.” McGill Law Journal 44 (1): 5–38. Figueroa v. Canada (A.G.), 2003 scc 37. Gabel, Chelsea, Karen Bird, Nicole Goodman, and Brian Budd. 2017. “The Impact of Digital Technology on First Nations Participation and Governance.” The Canadian Journal of Native Studies 36 (2): 107–27. Garnett, Holly Ann. 2019. “Evaluating Online Registration: The Canadian Case.” Election Law Journal 18 (1): 78–92. Garnett, Holly Ann, and Toby S. James. 2020. “The Cyber-Era of Election is Already Here.” MacDonald-Laurier Institute. https://www.macdonaldlaurier.ca/cyber-era-elections-already-holly-anngarnett-toby-s-james-inside-policy/. Garnett, Holly Ann, and Margarita Zavadskaya, eds. 2018. Electoral Integrity and Political Regimes: Actors, Strategies and Consequences. London: Routledge. Harper v. Canada (A.G.), 2004 scc 33. Hasen, Richard L. 2019. “Deep Fakes, Bots, and Siloed Justices: American Election Law in a Post-Truth World.” St. Louis University Law Journal 64 (3): 535–68. Information Commissioner’s Office. 2018. Democracy Disrupted? Personal Information and Political Influence. ico (London: ico). James, Toby S. 2019. “Better Workers, Better Elections? Electoral Management Body Workforces and Electoral Integrity Worldwide.” International Political Science Review 40 (3): 370–90. James, Toby S., Holly Ann Garnett, Leontine Loeber, and Carolien van Ham. 2019. “Electoral Management and the Organisational Determinants of Electoral Integrity: Introduction.” International Political Science Review 40 (3): 295–312. Johnston, Richard. 2014. “Canada is Polarizing–And It’s Because of the Parties.” The Washington Post. https://www.washingtonpost.com/news /monkey-cage/wp/2014/02/18/canada-is-polarizing-and-its-because-of-theparties/. Judge, Elizabeth F., and Michael Pal. 2021. “Voter Privacy and Big Data Elections.” Osgoode Hall Law Journal 58: 1:1–55. Justice for Victims of Corrupt Foreign Officials Act (Sergei Magnitsky Law). 2017. In Bill S-226, edited by Parliament of Canada. Karanicolas, Michael. 2020. “Subverting Democracy to Save Democracy: Canada’s Extra-Constitutional Approaches to Battling ‘Fake News’’.” Canadian Journal of Law and Technology 201: 200–25.
26
Pal and Garnett
Katz, Richard S., and Peter Mair. 2018. Democracy and the Cartelization of Political Parties. New York: Oxford University Press. Klonick, Kate. 2018. “The New Governors: The People, Rules, and Processes Governing Online Speech.” Harvard Law Review 131 (6): 1599–670. Lipset, Seymour Martin. 1960. The Political Man: the Social Bases of Politics. New York: Doubleday. MacIvor, Heather. 1996. “Do Canadian Political Parties Form a Cartel.” Canadian Journal of Political Science 29 (2): 317–33. Manfredi, Christopher, and Mark Rush. 2008. Judging Democracy. Toronto: University of Toronto Press. Manin, Bernard. 1997. The Principles of Representative Government. Cambridge: Cambridge University Press. Marland, Alex, Thierry Giasson, and Tamara A. Small, eds. 2014. Political Communication in Canada: Meet the Press and Tweet the Rest. Vancouver: ubc Press. McKelvey, Fenwick, and Elizabeth Dubois. 2017. “Computational Propaganda in Canada: The Use of Political Bots.” Oxford Project on Computational Propaganda Working Paper. https://comprop.oii.ox .ac.uk/. Minister of Democratic Institutions. 2020. “Combatting Foreign Interference.” mdi. https://www.canada.ca/en/democraticinstitutions/news/2019/01/combatting-foreign-interference.html. Mueller, Robert S. 2019. Report On The Investigation Into Russian Interference In The 2016 Presidential Election. Washington dc: US Department of Justice. Nesbitt, Michael. 2019. “Bill C-59 and csis’s ‘New’ Powers to Disrupt Terrorist Threats: Holding the Charter-Limiting Regime to (Constitutional) Account.” Alberta Law Review 57 (1): 233–66. Norris, Pippa. 2014. Why Electoral Integrity Matters. Cambridge: Cambridge University Press. – 2017. Strengthening Electoral Integrity. Cambridge: Cambridge University Press. Ohlin, Jens David. 2020. Election Interference: International Law and the Future of Democracy. Cambridge: Cambridge University Press. Pal, Michael. 2011. “Breakdowns in the Democratic Process and the Law of Canadian Democracy.” McGill Law Journal 57 (2): 299–347. – 2017. “Canadian Election Administration on Trial: ‘Robocalls’, Opitz and Disputed Elections in the Courts.” King’s Law Journal 28 (2): 324–42. – 2018. “Third Party Political Participation and Anti-collusion Rules.” Canadian Public Administration 61 (2): 284–303.
Introduction
27
– 2020. “Social Media and Democracy: Challenges for Election Law and Administration in Canada.” Election Law Journal 19 (2): 200–13. http://doi.org/10.1089/elj.2019.0557. Small, Tamara A. 2010. “Canadian Politics in 140 Characters: Party Politics in the Twitterverse.” Canadian Parliamentary Review 33 (3): 39–45. – 2011. “What the Hashtag? A Content Analysis of Canadian Politics on Twitter.” Information, Communication & Society 14 (6): 872–95. Thomson, Stuart. 2019. “Facebook Touts Compliance as Google Throws in the Towel on Government’s Election Bill.” National Post. https://nationalpost.com/news/politics/facebook-touts-compliance-asgoogle-throws-in-the-towel-on-governments-election-bill. Tunney, Catharine, and Ashley Burke. 2019. “Federal Parties Being Warned of Efforts by 6 Foreign Countries to Influence Election: Sources.” cbc News. https://www.cbc.ca/news/politics/china-india-interference1.5284473. Turnbull, Lori. 2018. Transparent and Level: Modernizing Political Financing in Canada. Public Policy Forum. Ottawa. UK Digital, Culture, Media and Sport Committee. 2019. Disinformation and “Fake News”: Final Report. UK House of Commons. UK Election Commission. 2018. Report on an Investigation in respect of the Leave.eu Group Limited. UK Election Commission. Vaidhyanathan, Siva. 2018. Antisocial Media: How Facebook Disconnects Us and Undermines Democracy. New York: Oxford University Press. Van Ham, Carolien, and Holly Ann Garnett. 2019. “Building Impartial Electoral Management? Institutional Design, Independence and Electoral Integrity.” International Political Science Review 40 (3): 313–34. Zilio, Michelle. 2017. “Canada Sanctions 52 Human-Rights Violators under New Magnitsky Law.” Globe and Mail, 2017. Zimmer, Bob. 2018a. Addressing Digital Privacy Vulnerabilities and Potential Threats to Canada’s Democratic Electoral Process. Privacy and Ethics Standing Committee on Access to Information. Ottawa. https://www.ourcommons.ca/Content/Committee/421/ethi/Reports/RP 9932875/ethirp16/ethirp16-e.pdf. – 2018b. Democracy Under Threat: Risks and Solutions in the Era of Disinformation and Data Monopoly. House of Commons Standing Committee on Access to Information, Privacy and Ethics. Ottawa. Zuboff, Shoshana. 2020. The Age of Surveillance Capitalism. New York: Hachette.
28
Pal and Garnett
Introduction
PA RT ONE
Canada’s Legal and National Security Responses to Cyber-Threats
29
30
Free Women in the Pampas
1928
1 Securitizing Election Law and Administration? Canada’s Response to the Cyber-Security Threats to Elections
Lisa Young
The Canada Elections Act governs the conduct of campaigns for and elections to the Canadian House of Commons. While it is a critically important piece of legislation for structuring democratic competition in Canada, until recently it has not been seen as important or relevant to national security. However, the wave of election cyber-interference disrupting national elections and referendums, most notably in the 2016 US presidential election, raised the question of election law as a matter of national security. When Canadian legislators turned their attention to the Canada Elections Act in the aftermath of the 2016 election, how did they conceptualize the emerging threats to election campaigns? How did other state actors, including the chief electoral officer and national security agencies, shape the discussion? How well did this prepare Canada for the 2019 general election campaign? To provide a framework for analysis, this chapter introduces a taxonomy of threats to democratic elections in the digital era, distinguishing between analogue and digital threats, and domestic and foreign actors. It then goes on to review legislators’ and other state actors’ articulations of the threats to election campaigns in Canada, concluding that the dominant narrative emphasized national security, protecting the national election against the threat of hostile foreign
31
32
Lisa Young
intervention. This represents what can be understood as a modest “securitization” of election law, that is, that the issue is cast as a matter of national security. Examining the kinds of activities that were observed in the 2019 campaign, the chapter concludes that there was a mismatch between the perceived threats and the actual campaign activities. Although the securitized frame was an appropriate response to the possibility of hostile foreign actors, it failed to address the emerging problem of domestic actors using digital means to intervene in elections to spread disinformation and employ inauthentic digital activities. This illustrates the challenge of using legislation to respond to the rapidly evolving potential threats to election campaigns.
the concept of securitization The term securitization has a specific meaning in the international relations literature. According to Buzan et al. (1998, 24–5; cited in Balzacq, Léonard, and Ruzicka 2016, 495) “when a securitizing actor uses a rhetoric of existential threat and thereby takes an issue out of what under those conditions is ‘normal politics’ we have a case of securitization.” When an issue is “securitized,” it takes on greater importance in the public eye, and can be subjected to greater secrecy. Journalists and other observers may come to accept that relatively little information will be disseminated, because the matter relates to national security. To say that an issue has become securitized should not necessarily be understood as a critique. In some strands of the international relations literature, the term is used critically, arguing that framing an issue in terms of security justifies state action that might otherwise be illegitimate. In other strands of the literature, discussions of the securitization of climate issues (for example) point to the importance of a security frame for prompting policy action on the issue. This chapter argues that the narrative of external threat that animated discussion of changes to election law and practice in 2018 narrowed and confused the policy response. The coincident emergence of digital campaigning and globalization has created a complex range of policy challenges, and a more expansive understanding of the kinds of threat that are required to inform policy responses. This chapter categorizes these risks.
Canada’s Response to the Cyber-Security Threats to Elections
33
digital globalization and democratic elections: a taxonomy of threats In recent decades, two phenomena have coincided to present fundamental challenges to the conduct of democratic elections: the rise of digital communications technologies and a related new era of globalization. The two phenomena are mutually reinforcing and therefore difficult to disentangle. Nevertheless, it is important to draw the distinction to design effective and appropriate policy responses. As new communication technologies become available, they shape parties’ efforts to communicate their message to potential voters. The advent of radio, and then television, allowed parties to add audio and then video messages to their newspaper advertisements. The creation of the internet and social media platforms has once again expanded the repertoire for both paid and unpaid communications with voters (see chapter 5 [Esselment] in this volume; and Small, Giasson, and Marland 2014; Patten 2017; Marland 2016; Bennett 2016). As voters increasingly use social media as their source of information, parties and candidates have followed them onto these platforms to win their support. Digital communications media invite campaigns to segment their communications, so that very different messages are being conveyed to different voters, through a process of microtargeting. In the broadcast era, parties produced a relatively small number of advertisements during a campaign, and targeting was limited to considerations of the demographics of the audience for a particular television show or radio station. In the digital era, social media platforms permit parties to target voters based on detailed demographic characteristics, type of social media network, and past political behaviour. Messaging can be closely adapted to the intended recipient’s psychographic profile. As Persily observes, “The Internet’s unprecedented ability to facilitate the targeted delivery of relevant information, marketing and even friendship also leads to the bubbles, filters and echo chambers that shelter people from information that might challenge the messages sent to them by campaigns’ partisan media or social networks” (Persily 2017, 72). The privacy of digital messaging has the potential to exacerbate the effect of targeting. In the broadcast era, journalists would cover television advertisements with controversial content, which sometimes
34
Lisa Young
resulted in a party deciding to stop running an ad that was seen to be misleading or corrosive. This oversight is much more difficult to exercise in the context of multiple versions of a party’s message targeted to different subsets of the electorate appearing on their Facebook feed or sent directly via text messaging. Segmentation, the relative absence of oversight, and the sheer speed with which social media disseminates content combine to make social media a fertile ground for the spread of disinformation. Although some disinformation may be spread inadvertently, digital communications facilitate deliberate efforts to misinform or destabilize through disinformation. Digital platforms lend themselves to distributing what Woolley and Howard term “computational propaganda,” which they define as “the use of algorithms, automation, and human curation to purposefully manage and distribute misleading information over social media networks” (2019, 4). While there is nothing new about propaganda or other attempts to mislead, “the pernicious advantage of computational propaganda is in enabling the rapid distribution of large amounts of content, sometimes personalized in order to fool users into thinking that messages originate in their extended network of family and friends” (Woolley and Howard 2019, 5). Zappone and Sussex, writing about “weaponized narratives” in the social media era, observe that “the low barrier of entry to producing content along with existing confirmation bias makes generating [deliberately false] narratives extremely easy. Repetition helps them grow and become accepted” (2018). An important contrast between the broadcast and digital era is the capacity of governments to regulate. In Canada, the broadcast era took place on airwaves that were understood as public property subject to regulation. Through legislation, Canada developed a national broadcasting system comprising domestically owned and controlled providers that were subject to considerable regulation, including in their obligations during national elections. In the digital era, internet providers and social media platforms have joined broadcasters in selling advertising to parties, candidates, and third parties during elections, as well as becoming the medium through which unpaid content is distributed. There is a debate about whether these platforms should be treated as analogous to broadcasters during elections (see Pal 2020). Moreover, these largely transnational corporations are much less easily regulated.
Canada’s Response to the Cyber-Security Threats to Elections
35
The digital era opens up new avenues for electoral intervention. In chapter 5 in this volume, Anna Esselment details four types of electoral interventions that can disrupt elections: security breaches (hacking data or servers); invading electronic systems to distort results; circulating disinformation about a party, leader, issue, or election; and trolling. Although these interventions are not necessarily foreign, in many instances they are. State and state-sponsored actors are significant players in these efforts, but are now joined in some instances by non-state actors seeking to pursue political objectives (Applebaum et al. 2017). Globalization and Foreign Threats Digital communications have contributed to the broader phenomenon of globalization, which is characterized by increased economic interdependence and mobility of goods and people. Globalization presents a challenge to the conduct of elections, because it blurs the boundaries between foreign and domestic. Mobility and the consequent rise of dual citizenship raise questions about who “belongs” in a polity; the rise of complex global corporations makes it difficult to determine which corporations can give money (where corporate contributions are permitted); and global media platforms have become the terrain on which elections are conducted (see, for example, Orr 2019). There is nothing new about state efforts to interfere in other countries’ elections. Levin has identified 117 national elections between 1946 and 2000 in which either the United States or the ussr/Russia intervened (Levin 2016). Techniques for intervention include funding the preferred candidate (covert or overt), public policy inducements or disincentives (i.e., promises that aid would be provided or cut, depending on the outcome of the election), public declarations of support or opposition to a party or candidate, provision of campaign materials or other assistance, and sabotage of opponents through leaked information (Levin 2016). The digital era has expanded the repertoire and opportunities for governments and other actors seeking to interfere in another state’s election. Between 2016 and 2019, there was an increase in high-profile instances of foreign intervention in national elections using digital means. These included state-sponsored Russian efforts to intervene in
36
Lisa Young
the 2016 US presidential election, which have been well documented. The Mueller Report (2019) outlines Russia’s Internet Research Agency’s (ira) efforts to exacerbate political tensions and disseminate information, as well as the Russian intelligence agency’s (gru) hacking of the Clinton campaign to obtain materials subsequently released by WikiLeaks (Mueller 2019). There is also evidence of Russian interference in the French presidential election and other European elections (Davis 2018), and in the UK’s Brexit referendum (see United Kingdom House of Commons Culture 2019). What Is the Harm of Foreign Intervention? Categorizing the types of foreign intervention in domestic elections requires a discussion of the harms posed, because modes and sources of intervention potentially pose different harms. All foreign interventions into a domestic election pose a threat to sovereignty and selfdetermination. In a democracy, elections are structured to give power to citizens to elect their representatives. This is operationalized by restricting the right to vote to citizens, who are those who have legal recognition as belonging to that country’s political community. Many democracies explicitly ban foreign entities or individuals from intervening in elections through rules banning campaign contributions from foreign sources. Any effort from a foreign government, individual, or entity can be understood as an incursion into national sovereignty, and an attempt to restrict or subvert citizens’ ability to elect their own representatives.1 Some, but not all, foreign interventions can be understood to also threaten national security. National security is an elusive concept to define. Papp and Alberts (2000, 243) observe that states seek to attain four objectives in defending national security: “safety and protection from physical attack from foreign sources; economic prosperity for some or all of its citizens; protection of core national values; and the maintenance and improvement of the prevailing way of life.” While the concepts of sovereignty and national security are closely interrelated, it is possible to conceive of acts of election interference that offend national sovereignty but do not threaten the security of a nation. For instance, an influx of professional advice or volunteer labour from supporters of an ideologically similar party in another country could certainly be understood as an offence to sovereignty without threatening the physical or economic well-being of the recip-
Canada’s Response to the Cyber-Security Threats to Elections
37
ient country. In contrast, a foreign intervention sponsored by the government of a country with which the recipient country was not allied in any kind of strategic partnership would best be understood as a threat to national security, particularly if the recipient country’s objective was to elect a government favourable to the hostile power. The wave of attempted Russian interference in democratic elections in established democracies has resulted in a construction of foreign electoral intervention as a threat to national security. Notably, nato, an alliance formed for mutual defence against aggression from the former Soviet Union, now sponsors research and publications aimed at addressing the security threat presented by electoral interference (Bay and Snore 2019). It is no coincidence that nato is preoccupied with electoral interference, because it is Russia that has employed that tactic the most widely and effectively between 2016 and 2020. To label foreign interference a threat to security, both the source and the intent must be considered. Although loyalties shift and states pursue multiple objectives in their foreign policy, it is nevertheless possible to identify allied countries – those with which a country shares intelligence, makes commitments of mutual aid, and shares foundational values. The specific threats to national security through digital election interference include efforts to destabilize domestic politics by exacerbating social cleavages, efforts to engage in espionage (either information gathering or collecting incriminating information for leverage) through accessing candidates’ or parties’ electronic communications and documents, efforts to shape the outcome of the election to put a more favourable party/individual in office, and efforts to infiltrate the government by electing individuals whose allegiance is to the interfering state (whether by choice or through blackmail). In addition to threats to security and sovereignty, election interference has the potential to corrode public trust in the electoral process. To understand the potential impact of foreign intervention on confidence in American democracy, Tomz and Weeks (2020) set up a series of survey experiments presenting participants with randomized scenarios in which a foreign government intervened on behalf of a candidate in a US election, and then compared the responses. They found that “revelations of even modest forms of electoral intervention undermined confidence in American democracy while also pitting Republicans and Democrats against each other.” (11)
Harm = Loss of sovereignty; loss of public confidence in electoral process
(foreign perpetrator and beneficiary)
foreign
Harm = Loss of public confidence in electoral process; evasion of election laws by domestic actors
(domestic perpetrator and beneficiary, using foreign means)
instrumental foreign
Harm = Loss of public confidence in electoral process
(perpetrator & beneficiary)
domestic
Foreign actors intervening in elections through analogue means. Examples include: • making illegal foreign-sourced campaign contributions or third-party spending • threatening or intimidating voters directly or through family members outside the country • agents of a foreign state/entity running for office
Domestic actors intervening in election campaigns using traditional media, such as newspapers, television, or radio. Examples include: • illegal or unreported election spending • vote fraud • threats against or intimidation of voters • disinformation spread through leaflets, posters, or word of mouth
Analogue
Table 1.1 Taxonomy of threats to electoral campaigns
Foreign actors intervening in election campaigns through digital means. Examples include: • amplifying or suppressing messages on social media • spreading “high velocity” disinformation digitally • hacking party or candidate computers and distributing damaging material • delivering digital threats or intimidating voters
Domestic actors intervening in election campaigns through digital means, using foreign intermediaries or servers to avoid detection or prosecution; same examples as above
Domestic actors intervening in election campaigns through digital means. Examples include: • amplifying or suppressing messages on social media • digitally spreading “high velocity” disinformation • hacking party or candidate computers • distributing damaging material, or delivering digital threats or intimidating voters
Digital
38 Lisa Young
Canada’s Response to the Cyber-Security Threats to Elections
39
Although it is by definition foreign actors who perpetrate harms to sovereignty or national security, both foreign and domestic actors can corrode public trust through various actions that sow mistrust or disseminate misinformation. Taxonomy of Threats to Electoral Campaigns Until relatively recently, the perceived threats to the integrity of election campaigns were understood to originate domestically and to occur in an analogue environment (the top left box in table 1.1). Domestic threats to electoral integrity are those that are conducted by, and to the benefit of, domestic actors. Even before the digital age, it was possible to break into the rival party’s campaign headquarters and steal their secrets, to intimidate or bribe voters, or to find ways to evade election finance laws. The advent of the digital age has increased the scope of actions that threaten electoral integrity, and in some instances has increased their effectiveness. In the analogue era, it was possible to spread disinformation by photocopying leaflets or posters and distributing them in the dark of night; in the digital era, it is possible to spread disinformation through social media. The difference lies in the velocity of the spread. To the extent that these actions are all undertaken by domestic actors within the boundaries of the jurisdiction holding the election, they can be prosecuted under relevant laws, whether criminal or election-specific. The digital era has opened up the possibility for domestic actors to pursue activities that harm electoral integrity using foreign vehicles. In this category (termed “instrumental foreign”), the foreign actor uses offshore means to act on the instructions of a domestic client. For instance, a campaign operative who sought to hack a competitor’s computer system or place robocalls from an offshore computer could contract with a foreign actor to undertake these actions. They might also use foreign proxy servers to help to hide their identity. The domestic perpetrator would be subject to Canadian law, but the use of a foreign intermediary or routing through foreign servers might help to evade detection. It is difficult to imagine an analogue version of instrumental foreign activities. The third category of intervention is foreign. The broad category of “foreign” actors encompasses those based in allied and hostile countries. It also includes both state and non-state actors. Regardless of whether the actor is a government, a group, or an individual, friendly
40
Lisa Young
or hostile, foreign intervention in an election campaign carries with it an injury to national sovereignty. When the intervention is carried out with the intent to weaken support for democracy or undermine a regime, it also harms national security. The list of potential digital interventions in table 1.1 is the same, regardless of whether the actor is foreign or domestic. They include numerous ways of shaping the campaign: amplifying or suppressing key messages on social media (through the use of bots), spreading disinformation at a high velocity so it is difficult to limit the spread or impact, and threatening or intimidating voters through digital communications. Other digital threats are focused on the key actors in the election: parties and candidates. The threat of hacking the computer systems or other digital communications of these actors has a potential effect on the campaign through targeted leaks of damaging information, use of parties’ strategy documents to inform other campaign interventions, or blackmailing or intimidating candidates. In addition, actors can target the voting process itself, using digital means. This can include hacking the election agency to manipulate the voters’ list, distributing disinformation about the location of polling stations or other relevant information, or attacking the election administration agency through a concerted Distributed Denial of Service (or ddos) attack, which shuts down a network by overwhelming it with a flood of traffic. Even though many of the digital interventions listed in table 1.1 are associated with foreign actors trying to manipulate the outcome or the quality of the campaign in a democracy, there is nothing about the interventions that makes them unavailable to domestic actors. In some instances, the threat of detection or sanction may be greater for domestic actors, but many of the possible actions are legal. The availability of legal interventions – anonymous trolling and the use of bots and algorithms – may well impair the election campaign, but citizenship and speech protections entitle these actors to their interventions.
conceptions of threat, 2016–19 The taxonomy of threats offered above illustrates the complexity of the situation facing governments in trying to respond to this new era. To understand the perceptions of threat that informed changes to the Canada Elections Act and other government “readiness” actions, a review of relevant documents (including publications of the Com-
Canada’s Response to the Cyber-Security Threats to Elections
41
munications Security Establishment (cse, the Establishment); the House of Commons Standing Committee on Access to Information, Privacy and Ethics; Ministerial Statements; and Hansard) was conducted. Documents included in the review were publications from government agencies focused on electoral security (Communications Security Establishment (2017, 2019); House of Commons debates and committee proceedings related to the Elections Modernization Act (Zimmer 2018), and ministers’ statements related to the Critical Incident Public Protocol and the Protocol itself (Government of Canada 2019). The interpretation is based on the author’s analysis of the materials in the context of the taxonomy of threats identified in table 1.1. This analysis revealed three sets of perceived threats that correspond to different categories in the taxonomy. They are presented below with quotes to illustrate the characterization of the threat. Foreign Digital Threats The first, and most dominant, narrative was that of an imminent threat to national security, grounded in the likelihood of hostile foreign digital interventions in the 2019 campaign, with the experience of the United States and other western democracies very present in the articulation of the threat. Consequently, the idea that an ally, or a group, or individual located in a friendly country would be involved in actions such as disseminating disinformation was not present in the conception of threat. The perceived threat would fall squarely in the foreign-digital category. There was no mention of the possibility of instrumental foreign intervention (i.e., at the behest of and for the benefit of a domestic actor). An important proponent of this narrative was the Communications Security Establishment. (For a discussion of the mandate and mission of the cse, see chapter 2 in this volume). Since the 2016 US presidential election, the cse has been vocal in its warnings that Canada is vulnerable to foreign digital interference in its democratic process (Communications Security Establishment 2017). In its 2019 update on the threat, the cse stated that [W]e judge it very likely that Canadian voters will encounter some form of foreign cyber interference related to the 2019 federal election. However, at this time, it is improbable that this foreign
42
Lisa Young
cyber interference will be of the scale of Russian activity against the 2016 United States presidential election. (Communications Security Establishment 2019, 5) In its threat assessment, the cse suggests that the federal voting process itself is not vulnerable, because of the continued use of paper ballots, but that efforts targeted toward voters (exacerbating political divisions) and those targeted toward parties and candidates (hacking computer systems to gain information) are ongoing concerns. The cse’s characterization of the threat acknowledges that not all cyber-threats are foreign in origin, offering a Venn diagram with overlapping circles labelled “false and misleading information online” and “foreign cyber threat and activity,” with the overlapping portion labelled “foreign cyber interference.” Consistent with its mandate as a foreign intelligence agency, the cse’s report focuses only on foreign digital threats. The focus on perceived foreign threats was underlined by the identity of the federal ministries that collaborated on the government’s readiness plan in the event of foreign interference in the election. The ministers of Democratic Institutions, National Defence, and Public Safety and Emergency Preparedness collaborated to develop and present this plan. When introducing it publicly in 2018, the two latter ministers focused exclusively on foreign threats. In his statement, the Minister of Public Safety and Emergency Preparedness noted From time immemorial, governments worldwide have been engaged in efforts to mould public opinion and government policies in other countries to advance their own interests. As long as that is done in an open, peaceful, transparent manner within the law, it is fine … When that type of activity becomes covert or clandestine, when it consists of lies and disinformation aimed at misleading people, destabilizing the economy or society or manipulating the democratic process, a bright red line gets crossed. (Goodale 2019) In the ministers’ statements, the examples used focused on digital intervention – misinformation spread on social media platforms, hacking, and other cyber-crimes. Similarly, in government statements on the Elections Modernization Act, it was common to see cyber-threats and foreign threats men-
Canada’s Response to the Cyber-Security Threats to Elections
43
tioned in the same breath, with little recognition that not all cyberthreats were foreign. For instance, when making her introductory remarks to the Parliamentary Committee (proc) studying C-76, the Minister of Democratic Institutions stated: As Minister of Democratic Institutions, one of my top priorities is to lead the Government of Canada’s efforts to defend the Canadian electoral process from cyberthreats. Recent events on the international stage are a reminder that Canada is not immune from such threats. Bill C-76 proposes changes relating to foreign influence and online disruption that can be addressed within the Canada Elections Act. (Canada 2018a) When the acting Chief Electoral Officer spoke to the committee, he also conflated the risk of cyber-attack with foreign threats in his opening remarks: There is a proposal in the bill relating to the misuse of or interference with a computer. However, in order for an offence to be committed, there is a requirement to show that there was an intention to affect the result of the election. In some cases, a foreign state or a third party may wish to interfere simply to disrupt the election or simply to undermine trust in the election, so the requirement to prove an intent to change the result goes too far. I think it needs to be expanded to cover other intents, which I’ve just mentioned. (Canada 2018b) Discussions of the digital threat focused primarily on foreign actors – either hostile states such as Russia or groups working on its behalf, or hostile non-state actors. The possibility of domestic “hacktivists” was noted in the cse’s 2017 report, but did not resonate in subsequent discussions. The conception of the foreign threat as predominantly foreign, or driven by disaffected domestic “hacktivists” did not include a suggestion that a foreign threat might be a malicious or mischievous actor located in an allied state, such as the United States. Taken as a whole, the characterization of the threat by the cse and government effectively “securitized” various elements of election regulation. By articulating a foreign threat to national security, these actors shaped the conversation around policy responses in a way that increased the perceived importance and urgency of the reforms.
44
Lisa Young
Domestic Digital Threats The second narrative thread focused on the potential for digital campaigning to distort the conversation in the campaign. This was articulated as a concern for democracy, and focused not on foreign actors as the source of the problem, but rather on the ways in which those actors use digital technologies to disrupt the campaign. The primary articulation of this narrative came from the House of Commons Standing Committee on Access to Information, Privacy, and Ethics (scaipe), chaired by Conservative mp Bob Zimmer. The Committee’s work began as an investigation in the Cambridge Analytica revelations, but eventually produced a report in December of 2018 with a significantly expanded scope of inquiry, though too late to inform Bill C-76, which received royal assent that same month. The Committee’s report recommended imposing significant obligations on social media platforms, including requiring them to label (or identify)content produced automatically or algorithmically (i.e., by “bots”). It also recommended that social media companies be required to identify paid advertisements online, and take action to remove inauthentic and fraudulent accounts and manifestly illegal contents such as hate speech. Going beyond regulation of social media platforms, the report called for creating a regulatory body to proactively audit algorithms (Canada, Standing Committee on Access to Information, Privacy, and Ethics, December 2018). There is little evidence to suggest that the Committee’s broad analysis of these threats informed legislative efforts. However, the government’s narrative drew a distinction between foreign threat and concerns about social media; the two were often mentioned together, but with a subtle distinction drawn. For instance, speaking about the Elections Modernization Act in the House of Commons, the Minister of Democratic Institutions said, It will be one in which social media has a heavy presence and I am very proud to note that in Bill C-76 important measures have been taken to both protect us from foreign interference and also ensure there is a greater transparency in political advertising online. (Canada 2018c) Many of the mentions of social media in the House of Commons debates were vague, and in many instances focused on issues of priva-
Canada’s Response to the Cyber-Security Threats to Elections
45
cy (with Opposition members criticizing the government for failing to apply pipeda to political parties) rather than articulating a clear conception of the threats posed by social media. There was no mention in the cse documents of the possibility of using the cyber-tactics employed by foreign governments or actors domestically; given the mandate of the organization, this is both unsurprising and appropriate. Foreign Analogue A third narrative was driven by Conservative Party of Canada legislators, and focused on a perceived threat of foreign money distorting campaigns. This was grounded in an analysis (whose facts have been significantly disputed) offered by Vivian Krause, an independent researcher and blogger, who asserts that there was a significant flow of foreign money into the 2015 Canadian federal election campaign through the Tides Foundation, which offered grants to Canadian environmental organizations, some of which went on to engage in thirdparty advertising during the 2015 campaign.2 This was a frequent refrain from Conservative mps, many of whom emphasized this risk, not the foreign digital threat.
policy responses The policy responses to the emergence of digital globalization in advance of the 2019 election were captured in three separate components: amendments to the Canada Elections Act (Bill C-76, the Elections Modernization Act); the Critical Incident Response Plan announced by the government; and a small component of legislation allowing Canadian intelligence agencies to launch countermeasures against cyber-attacks, if warranted and approved. Taken as a whole, the legislative changes reflect the government’s preoccupation with the perceived external security threat. Although many of the provisions apply to domestic actors as well, the articulation of risks discussed above suggests that they were designed with foreign adversaries in mind. Responses to Foreign Threats Included in both the legislation and the contingency plan were several elements focused on responding to perceived foreign threats. The
46
Lisa Young
act prohibits foreign entities (governments, political parties, corporations, unions, or individuals) from “unduly influencing” an elector’s decision to vote or not to vote, and for whom. The act is explicit in defining undue influence as financial expenditures or transfers, or illegal activities; it does not prevent a foreign citizen or entity from expressing an opinion about their desired outcome of the election. The prohibition on undue influence would prevent any foreign individual or entity from spending money to place an advertisement encouraging Canadian voters to support a particular candidate. These provisions could apply to either analogue or digital activities. The prohibition on “undue influence” is best understood as trying to prevent a harm to sovereignty: an outsider trying to influence the outcome of the election, through any means and for any purpose. The cabinet directive setting out the contingency plan explicitly identified “foreign” interference as the threat to be addressed, and tasked intelligence agencies with bringing concerns about election interference to a group of senior civil servants, who would determine whether it was appropriate to brief registered political parties, make a public statement, or take other actions (Canada 2019). This is discussed in greater detail in chapter 2 in this volume by West. The role played by security agencies in the contingency plan corresponds to the concerns about national security expressed in the previous months. Responses to Social Media Threats The Elections Modernization Act also included several measures that addressed digital threats, regardless of whether they were domestic or foreign in origin. It banned any efforts to intercept, disrupt, or interfere with computer systems “with the intention of affecting the results of an election” (Canada 2018d). Even without this provision, unauthorized interception or interference with computer systems are prohibited under the Criminal Code, so this provision likely has limited effect. The more significant challenge was to address the broad set of concerns about the effect of social media use on the campaign. The act addressed the emerging issues by attempting to regulate social media platforms. In part, this is an extension of the earlier legislative framework which focused on both the advertisers (parties, and to a lesser extent third parties) and on the broadcasters, who were required to offer advertising time without inflating their rates during elections,
Canada’s Response to the Cyber-Security Threats to Elections
47
and whose available advertising time was evenly divided among registered political parties according to a formula. Social media platforms become analogous to broadcasters in this view. The Act defines online platforms as “an Internet site or Internet application whose owner or operator, in the course of their commercial activities, sells, directly or indirectly, advertising space on the site or application to persons or groups” and that meets certain threshold requirements for the number of Canadian visitors or users (Canada 2018d). Placing the onus on these platforms (in addition to the political actors), the legislation prohibits publishing anything impersonating an election official, party, or candidate; prohibits selling advertising to any foreign entity; and requires a digital registry of partisan advertising messages to be published. Failure to comply with these provisions could result in fines and possible imprisonment. This is discussed in greater detail in chapter 8. As a response to concerns about the protection of data held by political parties, the Act required registered political parties to post policies on their websites outlining how they would protect personal information. These policies do not need to meet any established standards, be approved by any independent agency, or meet the standards of the Personal Information Protection and Electronic Documents Act (pipeda). The provisions in the Elections Modernization Act for social media fall short of addressing many of the concerns articulated in the scaipe report. Pal argues that the legislation takes steps in the right direction for addressing the challenges posed by social media to the regulation of election campaigns, but does not go far enough in addressing several key issues, including the stringency of the regulation of advertising on platforms (Pal 2020). Responses to Concerns about Foreign Money Driven by the Conservative Party’s concern about foreign money finding its way into third party advertising, the Elections Modernization Act included substantial changes, including requiring third parties to disclose the source of funds used for their regulated expenditures, and to hold these funds in a separate account to avoid co-mingling funds from foreign sources. This tightened existing provisions intended to ensure that only domestic funds were used to pay for candidates, parties, or third parties’ election expenses.
48
Lisa Young
the 2019 campaign During the relatively brief period between the 2016 US presidential election and the passage of legislation and announcement of contingency plans in advance of the 2019 Canadian election, the government’s primary focus was on the threat of hostile foreign cyber-intervention in the Canadian campaign. This concern was expressed both by security agencies and by members of the government in shaping reforms to electoral law and contingency planning. Had there been an effort by a hostile foreign actor to replicate the kinds of activities that were seen in the 2016 US presidential election, Canada was reasonably well prepared to respond. These activities did not, apparently, materialize. In his Report on the 43rd General Election of October 21, 2019, the chief electoral officer reported that there were no cybersecurity threats of significance during this election on Elections Canada’s infrastructure beyond those faced daily by any federal government organization. The agency monitored the information environment for inaccurate information about the electoral process, and on some occasions contacted social media platforms or websites to bring inaccurate information or inauthentic accounts to their attention. None of these instances were concerning in terms of their scope. (Perrault 2020, 7) The absence of significant foreign interference can be understood either as a vindication of the efforts of the various intelligence and other agencies in advance of the election, or as evidence that the concerns in advance of the election were misplaced or overblown. The former interpretation is more likely to be offered by the security agencies involved, but Canadians do not have access to sufficient information to judge this for themselves. The National Security and Intelligence Committee of Parliamentarians, in its 2019 Annual Report, asserts that “foreign interference operations target the electoral process at all stages” (National Security and Intelligence Committee of Parliamentarians 2019, 64) but all the evidence supporting that contention is redacted from the public report. This points to a core dilemma for voters’ ability to understand foreign
Canada’s Response to the Cyber-Security Threats to Elections
49
intervention as a threat to national security: the voters who might be manipulated by this activity are not permitted to be informed about whether it is occurring. Events during the campaign and in the months leading up to it did suggest two possible concerns that had not been addressed by the legislative or administrative responses put in place. The first concern is that of domestic actors imitating foreign activity, with the objective of spreading disinformation or exacerbating social cleavages. The probability of this development was demonstrated during the Alberta provincial election in April of 2019. A study conducted by the Rapid Response Mechanism Canada group within Global Affairs Canada examined “inauthentic activity” during the Alberta provincial election. It found that there were social media accounts engaged in inauthentic, coordinated behaviour online in the Alberta election, but concluded that the majority were probably not foreign. Instead, “rrm Canada identified known national far-right and hate group actors who have previously disseminated material, using similar tactics as known malign foreign actors” as well as “accounts tied to lobbying groups that were unaffiliated with a political party spreading disinformation online in the run-up to the Alberta election.” The report went on to conclude that “domestic actors are also emulating the tactics used by foreign actors, within the context of provincial elections. This behaviour will make it increasingly difficult to distinguish national from foreign interference efforts in the upcoming Federal election” (Rapid Response Mechanism Canada 2019). The second concern is foreign interventions that are either instrumental (i.e., on behalf of a domestic actor) or mischievous, rather than intended to impair national security. The most notable instances of disinformation during the campaign originated in the US-based Buffalo Chronicle, and appeared intended to spread “fake news” about Liberal Party leader Justin Trudeau. While troublesome, this kind of foreign intervention does not fit into the narrative of the efforts intended to impair national security.
conclusion Noting the incidents of foreign interference into US, UK, and other election campaigns in 2016, this chapter asked how Canadian legislators conceptualized the emerging threats to election campaigns, and
50
Lisa Young
how other state actors, including the chief electoral officer and national security agencies, shape the discussion. It also asked how well this prepared Canada for the 2019 election campaign. Analysis of relevant documents and parliamentary debates found that the first, and dominant, narrative was that of an imminent threat to national security, grounded in the likelihood of hostile foreign digital interventions in the 2019 campaign, with the experience of the United States and other western democracies very present in the articulation of the threat. Policy responses that followed from this reflected the government’s preoccupation with the perceived external security threat and did not anticipate the emergence of domestic disruptions that emulated the tactics anticipated from foreign actors. This analysis is grounded in a taxonomy of threats to electoral campaigns that could help inform scholarly investigations of both campaign interventions and policy responses intended to discourage them. The coincident emergence of digital campaign communications and globalization has blurred the highly interrelated phenomena, as was illustrated in the Canadian conception of threats. As policy-makers consider the legislative and administrative changes intended to address new threats to election campaigns, it will be essential to take into consideration the rapid pace of diffusion of new techniques for electoral intervention. Domestic actors quickly adopt the repertoire demonstrated by foreign actors, and use it to render different threats. This means that the discourses of securitization – conceiving of digital threats as foreign – must be set aside to prepare for digital interventions from both domestic and foreign sources.
notes 1 A distinction can be drawn between a foreign individual or entity voicing an opinion about their desired outcome in an election and an actual effort (such as a financial contribution or other intervention) that actively promotes that outcome. The boundary here is unclear, because a foreign individual who is popular or influential might be seen to shift votes simply by voicing an opinion. 2 Krause set out her argument and evidence when she testified at the House of Commons Ethics Committee in October of 2018 (Canada 2018e). Garossino (2019) provides a critique of the analysis.
Canada’s Response to the Cyber-Security Threats to Elections
51
references Applebaum, Anne, Peter Pomerantsey, Melanie Smither, and Chloe Colliver. 2017. Make Germany Great Again: Kremlin, Alt-Right and International Influences in the 2017 German Elections. Institute for Stratetic Dialogue. London. https://www.isdglobal.org/wp-content/uploads/2017/12/MakeGermany-Great-Again-ENG-081217.pdf. Balzacq, T., S. Léonard, and J. Ruzicka. 2016. “‘Securitization’ Revisited: Theorgy and Cases.” International Relations 30, no. 4: 494–531. https://doi.org/10.1177/0047117815596590. Bay, Sebastian, and Guna Snore. 2019. Protecting Elections: A Strategic Communications Approach. nato Strategic Communications Centre of Excellence. Brussels. https://stratcomcoe.org/publications/protectingelections-a-strategic-communications-approach/100. Bennett, Colin J. 2016. “Voter Databases, Micro-Targeting, and Data Protection Law: Can Political Parties Campaign in Europe as They Do in North America?” International Data Privacy Law 6 (4): 261–75. https://doi.org/10.1093/idpl/ipw021. Buzan, Barry, Ole Wæver, and Jaap de Wilde. 1998. Security: A New Framework for Analysis. Boulder, co: Lynne Rienner Publishers. Canada. 2018. House of Commons Standing Committee on Access to Information, Privacy and Ethics. Democracy Under Threat: Risks and Solutions in the Era of Disinformation and Data Monopoly. December, 42nd Parliament, 1st session. https://www.ourcommons.ca/DocumentViewer/en/421/ethi/report-17. – 2018a. Parliament. House of Commons. Standing Committee on Procedure and House Affairs. 1st Session. 42nd Parliament. Meeting 106. https://www.ourcommons.ca/DocumentViewer/en/42-1/proc/meeting106/evidence. – 2018b. House of Commons. Standing Committee on Procedure and House Affairs. 1st Session. 42nd Parliament. Meeting 106. https://www.ourcommons.ca/DocumentViewer/en/42-1/proc/meeting106/evidence. – 2018c. House of Commons. Debates. 1st Session. 42nd Parliament. Wednesday, 24 October. https://www.ourcommons.ca/DocumentViewer /en/42-1/house/sitting-341/hansard. – 2018d. Elections Modernization Act. https://laws-lois.justice.gc.ca/PDF/2018 _31.pdf. – 2018e. Parliament. House of Commons. Standing Committee on Access to Information, Privacy and Ethics. 1st Session, 42nd Parliament. Meeting
52
Lisa Young
120. https://www.ourcommons.ca/DocumentViewer/en/42-1/ethi /meeting-120/evidence. – 2019. Cabinet Directive on the Critical Election Incident Public Protocol. https://www.canada.ca/en/democratic-institutions/services/protectingdemocracy/critical-election-incident-public-protocol/cabinet.html. Communications Security Establishment of Canada. 2017. “Foreign Intelligence Collection.” Government of Canada. https://www.csecst.gc.ca/en/inside-interieur/signals-renseignement. – 2019. 2019 Update: Cyber-Threats to Canada’s Democratic Process. Government of Canada. Ottawa. https://cyber.gc.ca/sites/default/files /publications/tdp-2019-report_e.pdf. – 2017. Cyber Threats to Canada’s Democratic Process. csec. Ottawa. https://cyber.gc.ca/en/guidance/cyber-threats-canadas-democraticprocess/page2. Davis, S. 2018. Russian Meddling in Elections and Referenda in the Alliance. nato Parliamentary Assembly. https://www.nato-pa.int/downloadfile?filename=sites/default/files/2018-11/181%20STC%2018%20E%20fin %20-%20RUSSIAN%20MEDDLING%20-%20DAVIS%20REPORT.pdf. Garossino, Sandy. 2019. “A Data-based Dismantling of Jason Kenney’s Foreign-Funding Conspiracy Theory.” National Observer, 3 October. https://www.nationalobserver.com/2019/10/03/analysis/data-baseddismantling-jason-kenneys-foreign-funding-conspiracy-theory. Goodale, Ralph. 30 January 2019. The Government of Canada’s Plan to Safeguard Canada’s 2019 Election. Democratic Institutions (National Press Theater). https://www.canada.ca/en/democratic-institutions/news/2019/03 /speech-thegovernment-of-canadas-plan-to-safeguard-canadas-2019election.html. Government of Canada. 2018. An Act to amend the Canada Elections Act and other Acts and to make certain consequential amendments. In Bill C76, edited by 42 Parliament, 1st session. – 2019. “Cabinet Directive on the Critical Incident Public Protocol.” https://www.canada.ca/en/democratic-institutions/services/protectingdemocracy/critical-election-incident-public-protocol/cabinet.html. Levin, D.H. 2016. “When the Great Power Gets a Vote: The Effects of Great Power Electoral Interventions on Election Results.” International Studies Quarterly 60 (2): 189–202. https://doi.org/10.1093/isq/sqv016. Marland, A. 2016. Brand Command: Canadian Politics and Democracy in the Age of Message Control. Vancouver: ubc Press. Mueller, Robert S. 2019. Report On The Investigation Into Russian Interference In The 2016 Presidential Election. U.S. Department of Justice, Washington dc.
Canada’s Response to the Cyber-Security Threats to Elections
53
National Security and Intelligence Committee of Parliamentarians. 2019. Annual Report. https://www.nsicop-cpsnr.ca/reports/rp-2020-03-12ar/annual_report_2019_public_en.pdf. Orr, Graeme. 2019. “Is My Foreign Yours? The Concept of Foreigness in the Regulation of Political Finance.” Journal of Representative Democracy 55 (2): 179–95. https://doi.org/DOI: 10.1080/00344893.2019.1645038. Pal, Michael. 2020. “Social Media and Democracy: Challenges for Election Law and Administration in Canada.” Election Law Journal 19 (2): 200–13. http://doi.org/10.1089/elj.2019.0557. Papp, Daniel S., and David S. Alberts. 2000. “The New Look of National Security in the Information Age.” In The New Millennium: Challenges and Strategies for a Globalizing World, edited by Sai Felicia Krishna-Hensel. New York: Routledge. Patten, S. 2017. “Databases, Microtargeting, and the Permanent Campaign: A Threat to Democracy?” In Permanent Campaigning in Canada, edited by A. Marland, T. Giasson and A.L. Esselment. Vancouver: ubc Press. Perrault, Stéphane. 2020. Report on the 43rd General Election of October 21, 2019. Office of the Chief Electoral Officer of Canada (Elections Canada). https://www.elections.ca/res/rep/off/sta_ge43/stat_ge43_e.pdf. Persily, Nathaniel. 2017. “Can Democracy Survive the Internet?” Journal of Democracy 28 (2): 63–76. Rapid Response Mechanism Canada. 2019. Alberta Election Analysis. g7 Rapid Response Mechanism, Global Affairs Canada. https://www.international.gc.ca/gac-amc/publications/rrm-mrr/alberta _elections.aspx?lang=eng. Small, T.A., T. Giasson, and A. Marland. 2014. “The Triangulation of Canadian Political Communication.” In Political Communication in Canada: Meet the Press and Tweet the Rest, edited by A. Marland, T. Giasson and T.A. Small. Vancouver: ubc Press. Tomz, Michael, and Jessica L.P. Weeks. 2020. “Public Opinion and Foreign Electoral Intervention.” American Political Science Review 114 (3): 856–73. United Kingdom House of Commons Culture, Media and Sport Committee. 2019. Disinformation and “Fake News”: Final Report. https://publications.parliament.uk/pa/cm201719/cmselect/cmcumeds/179 1/179102.htm. Woolley, Samuel C., and Philip N. Howard. 2019. “Introduction: Computational Propaganda Worldwide.” In Computational Propaganda. Political Parties, Politicians, and Political Manipulation on Social Media, edited by Samuel C. Woolley and Philip N. Howard, 4. Oxford: Oxford University Press.
54
Lisa Young
Zappone, C., and M. Sussex. 2018. Addressing Australia’s Vulnerability to Weaponised Narratives. Canberra: Australia National University Security College. Zimmer, Bob. 2018. Democracy Under Threat: Risks and Solutions in the Era of Disinformation and Data Monopoly. House of Commons Standing Committee on Access to Information, Privacy and Ethics. Ottawa.
1928
2 Defending Democracy from Foreign Cyber-Interference The Role of Canadian Intelligence Agencies in the 2019 Federal Election
Leah West
introduction After the confetti had been swept away, and the music from the parades and inaugural balls had faded, American intelligence agencies were faced with an increasingly apparent reality: agents of the Russian government were engaged in a complex and in-depth online campaign to influence and interfere with the single most symbolic representation of US democracy – the presidential election.1 As those in the intelligence and law enforcement community identified and revealed the scope of Russian interference in the 2016 campaign, democracies around the world were forced to grapple with this new security threat and the very real possibility that if this was possible in the US, it could happen anywhere.2 Two years later, in 2018, the US intelligence community would not be caught flatfooted. The security establishment in the US and around the world were now acknowledging that election interference was a legitimate threat to national security. On the day of the midterm elections, members of US Cyber Command, supported by the National Security Agency (nsa) (America’s signals intelligence agency), engaged in a major cyber-operation against Russia. Cyber Command
55
56
Leah West
leveraged a new set of authorities granted by President Trump and Congress to effectively shut down an entity known as the “Internet Research Agency” whose trolls aimed their bots and weaponized disinformation campaigns at the US electorate.3 The Pentagon and American lawmakers credited Cyber Command’s online offensive “with averting Russian interference in the midterms” (Nakashima 2019). This operation represented a shift in how state intelligence agencies, in particular members of the Five Eyes alliance (US, the United Kingdom, New Zealand, Australia, and Canada), addressed the threat of foreign interference in their democratic institutions in the cyber-domain.4 Canada’s 2019 federal election followed on the heels of this success. Nevertheless, experts warned that the most pervasive election security concern would “likely be disinformation campaigns that undermine social cohesion by amplifying extremist narratives and discrediting leaders” (Centre for International Governance Innovation 2019). This chapter focuses on the role of the Canadian Security Intelligence Service (csis or the Service), the Communications Security Establishment (cse), and to a lesser extent the new Rapid Response Mechanism Canada (rrm Canada) housed at Global Affairs Canada (gac) to identify and counter the threat of foreign cyber-influence under their statutory mandates as part of the newly formed Security and Intelligence Threats to Elections (site) Task Force. To date, there has been little public reporting about actual cyberforeign influence activities directed at Canada’s 2019 federal election, or csis and cse’s response to that threat. csis and cse are primarily intelligence collectors. cse collects signals intelligence, defined as “the interception and analysis of communications and other electronic signals” (Communications Security Establishment 2017) from the global information infrastructure,5 while csis gathers both human intelligence6 and intelligence using intrusive collection techniques. The information they collect responds to intelligence priorities established by Cabinet. That information is then analyzed and shared with intelligence customers such as gac, Elections Canada, and the Privy Council Office (pco). However, the threat from foreign influence, like that seen in the 2016 US election, means that the traditional role of Canadian intelligence agencies has evolved past merely collecting and analyzing intelligence into a more unfamiliar public-facing and offensive position. Not only that, but decisions on what and when to inform the
Defending Democracy from Foreign Cyber-Interference
57
public, and how to respond to threats to national security are not typically made by intelligence leaders but the elected government officials to whom they are responsible. Yet, in the period before an election, Canada’s caretaker convention, which demands restraint and restricts the conduct of government to matters that are noncontroversial and reversible, strains compliance with this norm (Privy Council Office 2019). Both csis and cse are, by necessity, highly secretive bodies; they do not publicize their success. They also typically refuse to reveal their tools, technical abilities, or targets of investigation because doing so would jeopardize national security. Within the intelligence community, the need to maintain trust and relationships with security partners, and the constant fear of penetration by a foreign agency or threat actor demands unrelenting vigilance and creates an obsessive need to safeguard shared information and Canada’s investigative techniques (West 2018, 70). For this reason, we do not have a complete understanding of the foreign cyber-influence detected or defended against in the 2019 election, nor can we analyze the effectiveness of the site Task Force. Instead, this chapter relies on open-source information and documents obtained via access to information requests to detail the principal legal authorities through which Canadian intelligence agencies sought to defend campaigns and voters from foreign cyber-influence, as well as critical election infrastructure from direct attacks. In doing so, this chapter raises questions about the appropriate role of intelligence officials and the ministers responsible for their agencies in safeguarding Canadian elections. It also identifies how the Government of Canada sought to ensure that decisions made in the interest of national security were free from partisan interference and suggests areas for improvement. The chapter opens with a discussion of the threat that foreign cyberinterference poses to Canada’s elections, followed by a brief overview of the site Task Force and its member agencies. The remainder of the chapter breaks down the three areas of responsibility for Canada’s intelligence agencies: investigate, inform, and interrupt. First, csis and cse, in collaboration with their Task Force partners, have an enduring mandate to investigate foreign influence activities that threaten Canadian security, and to advise the government about those threats. In addition, in 2019, rrm Canada took on the new task of monitoring open-source information to detect foreign interference. Second, csis,
58
Leah West
and especially cse, played a critical education role leading up to and during the 2019 campaign. These agencies set out to inform Elections Canada, the Critical Election Incident Public Protocol (ceipp) Panel, political campaigns, and the public about the risks posed by cyberthreats, foreign cyber-interference, and ways to reduce their effectiveness. Third, like the nsa in the US midterms in 2019, cse and csis had, for the first time, the ability to actively thwart threats to Canadian democracy by taking offensive action, either online or in the physical world, to interrupt foreign influence activities.
the threat Foreign influence in democratic processes is a threat to the security of Canada.7 The site Task Force defines foreign interference as “activity that is conducted by, or at the behest of, a foreign state/actor, is detrimental to Canadian national interests and is clandestine, deceptive or coercive.”8 Foreign interference can have multiple objectives, but this chapter focuses on efforts “designed to impact electoral outcomes and/or undermine confidence in Canadian democratic systems or processes.”9 The government assesses that Canada is a target of foreign interference because it is a “key contributor to the world economy, an important member of the global peace and security infrastructure, and a vibrant multicultural liberal democracy. Foreign adversaries and competitors are increasingly targeting Canada in order to advance their own economic and national security interests and priorities.”10 To advance their interests, foreign actors can and have leveraged the internet, online networks, and social media to influence democratic processes through numerous means. Adversaries may engage in direct attacks on election infrastructure to modify, delete, or alter election results, or weaken the population’s trust in their democratic institutions. They may engage in cyber-espionage or ransomware attacks to coerce or influence political candidates or steal voter and party information. They can also manipulate traditional and social media using disinformation to sow discord and build distrust in Canada’s democratic processes.11 Not only do these activities threaten Canada’s national security, they are also offences under the Criminal Code of Canada,12 the Canada Elections Act,13 and the Security of Information Act.14 Moreover, it is a violation of international law for states to intervene in the domestic
Defending Democracy from Foreign Cyber-Interference
59
affairs of another state.15 In the case of Nicaragua v United States, the International Court of Justice concluded that the principle of nonintervention “forbids all States or groups of States to intervene directly or indirectly in internal or external affairs of other States. A prohibited intervention must accordingly be one bearing on matters in which each State is permitted, by the principle of State sovereignty, to decide freely. One of these is the choice of a political, economic, social and cultural system, and the formulation of foreign policy.”16 In April 2019, the security services warned that Canadians would likely encounter some form of foreign cyber-interference leading up to the federal election later that year (Communications Security Establishment 2019a). In particular, cse warned that foreign actors could target voters, political parties, candidates and staff, and the elections themselves (Communications Security Establishment 2019a). Importantly, cse did not limit its threat assessment to foreign states. It also warned that foreign groups and individuals were likewise incentivized to meddle in Canadian elections (Communications Security Establishment 2019a). The author acknowledges that scholars question the effectiveness and measurable impact of the various techniques employed by Russia leading up to the 2016 US presidential election, and thus the real scope of the threat that foreign interference poses to national security (Benkler, Faris, and Roberts 2018, 43; Benkler et al. 2017). Of particular note, the research of Alexander Lanoszka suggests that despite the concerns over disinformation efforts, there is no evidence that it alters behaviour at a strategic level, nor impacts the pre-existing ideological commitments of a population (Lanoszka 2019). However, one cannot assess the existence of a threat by merely measuring “whether clandestine influence operations are successful” (Carvin 2020). What matters, writes Professor Stephanie Carvin, is the fact that these efforts exist at all. Indeed, it would be inappropriate (at best!) for national security and intelligence agencies to assess how and why voters chose one political candidate over another in their own country. But once an attempt to engage in clandestine foreign influence operations is discovered, it is the job of a state’s security services to get to the bottom of what is happening and (potentially) stop it from occurring in the first place. (Carvin 2020, emphasis added)
60
Leah West
Although little has been revealed publicly, cbc News reported that Canadian security services “did detect attempted misinformation or disinformation during the election campaign” but not at a level sufficient to compromise the election or to alert the public (Thompson 2019). As discussed further below, this assessment was the responsibility of a group of senior public servants who, under the ceipp, were tasked with consulting Canada’s security agencies and determining whether foreign interference activity threatened “Canada’s ability to have a free and fair election” (Government of Canada 2019).
site task force In July 2019, the ministers of Public Safety, National Defence, and Democratic Institutions unveiled Canada’s strategy to combat security threats to Canada’s election. At the centre of the plan was the establishment of the site Task Force, comprising cse, csis, gac, and the Royal Canadian Mounted Police (rcmp). The Task Force’s mission was to “prevent covert, clandestine, or criminal activities from influencing or interfering with the electoral process in Canada” (Democratic Institutions 2019a). It is important to note that although the site Task Force was established more than a year before the election to respond to the increased threat posed from foreign cyber-interference, security agencies have previously played a role in securing Canada’s federal elections (Judd 2020, 11). A copy of the “General Election 42, Interdepartmental Post Mortem” obtained by the author refers to a cse joint cyber-defence operation in support of the 2015 federal election, and the provision of support by cse directly to Elections Canada.17 However, in 2015, the single biggest risk identified by cse was that a cyberincident or telecommunication outage would affect the smooth conduct of the electoral process.18 In the month leading up to the 2015 election, the Canadian Cyber Incident Response Centre conducted daily cyber-focused situation awareness calls with Elections Canada, cse, the rcmp, Treasury Board, and Shared Services Canada. On the day of the election, the same departments and agencies, along with Industry Canada and the pco were colocated within the Public Safety Government Operations Centre. The absence of csis and gac leading up to, and on the day of, the 2015 election, shows that the cyber-
Defending Democracy from Foreign Cyber-Interference
61
threat that had been assessed was the risk to critical infrastructure, rather than the type of foreign-influenced activity evidenced in the 2016 US presidential election. csis’s inclusion and role on the site Task Force exemplifies the shifting threat landscape. csis’s tasks included the collection of information about foreign-influenced activities that are a threat to Canadian security; “countering such activities through threat reduction measures”; “providing advice, intelligence reporting and intelligence assessments to Government of Canada about foreign influenced activities”; and briefing Elections Canada, the Commissioner of Elections, and Government of Canada decision makers about hostile state activity (Democratic Institutions 2019c). For its part, cse’s role in 2019 was expanded to include not only providing “advice, guidance, and services to help ensure the protection of electronic information and of systems of importance”; but also collecting foreign intelligence on threat actors; generating “intelligence and cyber assessments on the intentions, activities, and capabilities of foreign threat actors”; and “protecting Government systems and networks related to elections through cyber defence measures” (Democratic Institutions 2019c). Where foreign interference activities constituted criminal activity, the rcmp’s “Foreign Actor Interference Investigative Team” would take the investigative lead (Goodale 2019). gac was also given a role in 2019, centred around the newly established Rapid Response Mechanism introduced following the g7 Summit in Charlevoix (Democratic Institutions 2019b). Although Canada has a national rrm, gac also serves as the host and principal coordinating agency for the g7’s rrm, which is focused more broadly on combatting foreign interference across the g7 democracies (Democratic Institutions 2019a). Investigate Each member of the Task Force had an investigatory role leading up to the election. However, it remains unknown if any election interference, foreign or domestic, gave rise to a criminal investigation by the rcmp (although early reporting suggests that is unlikely) (Rocha 2019). For that reason, the following discussion focuses on csis, cse, and the new rrm Canada.
62
Leah West
Canadian Security Intelligence Service As part of the site Task Force, and under its traditional security intelligence mandate, csis is the Canadian agency primarily responsible for investigating direct and indirect foreign influence activities, cyber or otherwise. Section 12 of the Canadian Security Intelligence Service Act (csis Act) gives csis the authority to collect, analyze, and retain, to the extent strictly necessary, information and intelligence about activities where there are reasonable grounds to believe that those activities constitute threats to the security of Canada.19 Section 12 also stipulates that csis “shall report and advise the Government of Canada” about those threats and the information collected.20 “Threats to the security of Canada” is a defined term in the csis Act and encompasses four types of threats: espionage or sabotage, foreign influence, terrorism, and subversion. Foreign influence is also defined and includes “activities within or relating to Canada that are detrimental to the interests of Canada and are clandestine or deceptive or involve a threat to any person.”21 When carrying out its section 12 mandate, csis may use intrusive investigative techniques, such as covert entries, wiretaps, and video surveillance, if there are reasonable grounds to believe they are required to investigate security threats.22 To do so, csis must first seek and obtain a warrant from a specially designated judge of the Federal Court of Canada. Under section 21 of the csis Act the Federal Court may authorize the Service to “intercept any communication or obtain any information, record, document or thing,” and for that purpose may enter or access any place or thing; search, remove, return, examine, copy any information, record, document, or thing; or install, maintain, or remove any thing.23 The passage of the National Security Act, 2017 (nsa, 2017) in 2019 introduced a new investigative tool, giving csis the authority to collect, analyze, and exploit data that are not definitively threat-related. 24 Before 2019, csis could only collect and retain information if it was strictly necessary to investigate a threat. Thus, information that was not directly threat-related could not be acquired, aggregated, and mined in search of trends using modern data analytic techniques.25 If relevant to the duties and functions of the service, the amendments now permit csis’s acquisition, retention, and use of “datasets,” defined in the legislation as “a collection of information stored as an electronic record and characterized by a common subject matter.”26
Defending Democracy from Foreign Cyber-Interference
63
To retain a Canadian dataset for longer than ninety days and ultimately use the information collected, csis must either obtain a judicial authorization from the Federal Court (for Canadian datasets)27 or an authorization from the Minister of Public Safety approved by the Intelligence Commissioner (for foreign datasets).28 csis may retain datasets comprising publicly available information indefinitely without receiving additional authorization.29 Once csis is authorized to retain a dataset, it can use the information to conduct a query, meaning a specific search relating to a person or entity within one or more datasets, or exploit the data. Data exploitation is defined in the csis Act as the computational analysis of one or more datasets to obtain intelligence that would not otherwise be apparent.30 Communications Security Establishment As noted, cse is Canada’s signals intelligence (sigint) service. cse defines sigint as “the interception and analysis of communications and other electronic signals” (Communications Security Establishment 2017). Traditionally, the predominant focus of cse is the collection of foreign sigint. The cse Act brought into force following the passage of the nsa, 2017, stipulates that this aspect of the Establishment’s mandate is to acquire, covertly or otherwise, information from or through the global information infrastructure, including by engaging or interacting with foreign entities located outside Canada or by using any other method of acquiring information, and to use, analyse and disseminate the information for the purpose of providing foreign intelligence, in accordance with the Government of Canada’s intelligence priorities.31 The global information infrastructure “includes electromagnetic emissions, any equipment producing such emissions, communications systems, information technology systems and networks, and any data or technical information carried on, contained in, or relating to those emissions, that equipment, those systems or those networks.”32 Section 26(2) of the cse Act sets out a closed but expansive list of activities that cse may undertake to fulfill its foreign intelligence mandate, including intercepting, copying, or modifying anything that it accesses on the global information infrastructure.
64
Leah West
cse may not direct its foreign sigint collection activities at Canadians or any person in Canada, and its collection must not infringe the Canadian Charter of Rights and Freedoms.33 However, under the cse Act, the Minister of National Defence may grant cse the authority to violate Canadian law or interfere with the reasonable expectation of privacy of Canadians or persons within Canada to fulfill its foreign intelligence mandate.34 What this means in practice is that cse’s collection efforts must point outward from Canada rather than inward, but in carrying out its foreign investigations, the incidental collection of Canadian information is permissible. That said, the cse Act authorizes the cse to provide technical and operations assistance to csis.35 In doing so, cse is not limited to looking outward but instead operates under the same legal authorities and constraints as csis when investigating a threat like foreign influence. Working together, cse and csis are a powerful investigative team. Consider, for example, the spread of disinformation about a political candidate. Using its section 12 mandate, csis could monitor media sources, whether they are mainstream or fringe outlets, for stories that appear to be false. Using open-source information and data analytics, csis could validate whether the subjects and sources in a story are real or falsified. If they identify a story as false, csis could monitor if and how the story is disseminated online. A common tactic used by Russia in the 2016 campaign was the use of automated “bots” or fake online personas to circulate and amplify disinformation.36 With the assistance of cse, csis could identify and trace the digital footprints associated with these accounts to locate their geographic origin and the source of the foreign influence. Once identified, csis and cse were required, under the ceipp, to share that information with the other members of the site Task Force and inform relevant parties, as described below. Global Affairs Canada – Rapid Response Mechanism As noted above, the g7 rrm was established following the g7 Summit in Charlevoix, Quebec, “to strengthen coordination to identify and respond to diverse and evolving threats” to g7 democracies (Goodale 2019). Specifically, it was designed to detect efforts to undermine democratic institutions and processes through “coercive, corrupt, covert or malicious means” (rrm Canada 2019). To that end, rrm Canada works with its domestic partners and a network of agencies
Defending Democracy from Foreign Cyber-Interference
65
across the g7 to “share information, analysis and best practices for analyzing foreign interference and threats to democracy” (Global Affairs Canada 2019).37 Within Canada’s rrm, the Coordination Unit is responsible for gathering information from Canadian stakeholder departments and g7 focal points. Similar to the classic collect, analyze, and disseminate intelligence cycle, the unit describes its key function as “gather,” “triage,” and “share and respond.” Triage includes the validation or “diagnoses” of information collected, the identification of information to “refer” onwards for action, and the recommendation of opportunities for diplomatic action (Global Affairs Canada 2019). According to documents obtained from gac, the rrm Coordination Unit is the only body within the Government of Canada that conducts open-source analysis of social media “to monitor and better understand disinformation as a tool of foreign interference.”38 These open-source data activities were carried out to support the rrm mandate to defend democracies across the g7, and to “help safeguard Canada’s 2019 general elections, by better understanding foreign threats in the digital context, shining light on them, and recommending effective response options.”39 Under its mandate, the rrm must focus “on foreign threats, noting tactics and trends; use openly available information; take care to avoid focusing on individuals (except in the case of public figures); and avoid the use of personal information [ ] for any purpose unless it meets a national security threshold.”40 During the writ period, the rrm was to provide daily reporting to the site Task Force on “any potential foreign interference within the social media landscape.”41 Predating the site Task Force, the Canadian rrm’s first test was the provincial election in Alberta in April 2019. Following the election, the rrm analyzed and sought to identify “emerging tactics in foreign interference” and “draw lessons learned for the Canadian general elections” (Rapid Response Mechanism Canada 2019). The rrm published an open-source data analytics report in which it concluded that there was “very likely no significant foreign interference campaigns targeting the Alberta election in the online space in April 2019. However, coordinated inauthentic activity was detected” (Rapid Response Mechanism Canada 2019). Notably, the rrm assessed that domestic actors, namely far-right and hate groups, adopted the tactics of malign foreign actors (Rapid Response Mechanism Canada 2019), adding a new dimension to the threat posed by foreign influence activities.
66
Leah West
At the time of writing, the rrm had not published an open-source data analytics report on the 2019 federal election. Inform It is clear from government documents that csis and cse played an essential role in informing government officials, and a novel role in educating political parties, candidates, and the public about the potential and real threat of foreign influence before the 2019 federal election. The first significant step in this education campaign started well before the 2019 writ dropped, with the June 2017 publication of cse’s report, Cyber Threats to Canada’s Democratic Process.42 The aim of this unclassified document was to broadly inform the general public about the leading threats to Canadian political and electoral activities. The report also offered a series of practical recommendations to mitigate those threats through cyber-security, physical security, and business best practices. Subsequently, in April 2019, the Canadian Centre for Cyber Security (Cyber Centre) published an updated threat assessment. The Cyber Centre is a new organization established within cse in 2018 to protect and defend Canada’s public and private cyber-assets (Communications Security Establishment 2019b). The updated report warned that foreign adversaries were increasingly targeting voters as a means of influencing election outcomes rather than directing their activities at parties, candidates, and elections (Communications Security Establishment 2019a). The report also assessed that while it was improbable that Canada’s federal election would attract a level of interference equivalent to the scale of Russian activity in the 2016 US election, an increasing number of foreign adversaries had the tools and capacity needed to target Canada, and it was very likely that Canadian voters would encounter some form of cyber-interference (Communications Security Establishment 2019a). Leading up to the election, cse also widely promoted its existing “Get Cyber Safe” program, which provides tips and measures to enhance the average Canadian’s awareness and implementation of good cybersecurity practices. Following the election, a csis briefing touted the production of these and other base-line threat assessments, and noted that the “yearlong effort ahead of a known event allowed for site agencies to brief and educate [Government of Canada] clients, the p5 and political par-
Defending Democracy from Foreign Cyber-Interference
67
ties on foreign interference.”43 The p5 is a panel of senior civil servants comprising the Clerk of the Privy Council, the National Security and Intelligence Advisor to the prime minister, and the deputy ministers of Justice, Public Safety, and Foreign Affairs. Documents also suggest that pre-writ, csis coordinated monthly threat briefings with the other site members for the Minister of Democratic Institutions Karina Gould, and the political parties, and the p5 as required.44 A hotline between cse and the chief electoral officer’s office was also established to assist with evolving cyber-security issues (Judd 2020, 9). Once campaigning was underway, the Cyber Centre continued to provide technical advice and guidance to political parties (Scheel and Tunney 2019). Implementing cyber- and data security best practices is critical for campaign staff and parties because of the trove of personal information they collect about party members and voters, which can be used by adversaries who seek to influence Canada’s democratic process. Polling data can also reveal the deeply personal beliefs and preferences of those canvassed. What’s more, election campaigns employ thousands of volunteers across the country, each one a potential point of access into party databases. Despite these risks, political parties are private entities and, as Canada’s chief electoral officer Stéphane Perrault noted, “[t]hey don’t have access to the resources we have access to … Even the larger parties have nowhere near our resources and you’ve got much smaller parties with very little resources” (Bryden 2019). In light of this vulnerability, the leader of each major political party and three members of their staff were granted security clearance so that they could receive classified briefings about potential threats from Scott Jones, the head of the Cyber Centre (Bryden 2019). The parties were also given a direct line to the cse to deal with cyber-security issues as they arose (Judd 2020, 9). Minister Gould explained that these briefings aimed to “promote situational awareness and help them strengthen internal security practices and behaviours” (Gould 2019). csis and cse are also responsible for informing the government of potential foreign influence under their governing legislation, as part of the site Task Force, and under the Cabinet Directive on the ceipp. As noted briefly above, the ceipp set out a formal process for ensuring that the prime minister, Elections Canada, party leadership, and, where necessary, the Canadian public, were informed of influence activities that pose a significant threat to the election. The p5 administered the Protocol.
68
Leah West
The ceipp stipulated that the leaders of the site Task Force were to brief the p5 regularly on “emerging national security developments and potential threats to the integrity of the election” (Government of Canada 2019). In practice, the Task Force provided daily multi-source intelligence briefings on the p5’s mandate and insight into “baseline or ongoing interference” in Canada, which helped the p5 to assess the threat (Judd 2020, 19). Also, in advance of the writ period, the Task Force, the p5, Elections Canada, and the political parties participated in tabletop exercises to work through scenarios and develop response mechanisms to possible threats, such as cyber-attacks, espionage, and disinformation efforts.45 If, at any time, the head of any Task Force agency became aware of interference in the election, the ceipp directed them to consult with each other, consider all options to address the threat, inform the p5, and notify the affected parties (unless there was some overriding national security reason not to). The Protocol does not specify what level of interference or how effective the interference must be for the agencies to notify the p5 and affected parties; the language simply says “interference.” Regrettably, the ceipp is not explicit, but the absence of qualifying language should be interpreted to mean any interference, which would have the positive effect of eliminating any discretion the security agencies have in deciding whether notification is necessary. Once informed of the interference, if the p5 reached a consensus that a particular incident or an accumulation of incidents threatened “Canada’s ability to have a free and fair election,” they were to ask the head of the relevant national security agency to issue a public statement to Canadians. This process, therefore, took the decision to inform the public away from the heads of Canada’s security and intelligence agencies, who are ultimately responsible to their elected ministers, and placed it with five unelected senior civil servants who could consider not just the security risk of influence, but the broader impact of a public statement on Canada’s democratic processes. Although “interference” of any sort is a low threshold for informing the p5 and affected parties, interference threatening “Canada’s ability to have a free and fair election” is an incredibly high bar. Minister Gould explained that the reason the public notification threshold was set so high was because such an announcement could affect how Canadians interpret the election (Gould 2019). A mandated independent report assessing the implementation of the ceipp fur-
Defending Democracy from Foreign Cyber-Interference
69
ther found that this threshold “did not easily lend itself to the application of quantifiable metrics upon which to arrive at any decision” (Judd 2020, 16). Instead, it required “judgment, knowledge, and context” (Judd 2020, 21). It thus remained the p5’s focus of ongoing debate and discussion throughout its mandate (Judd 2020, 18). In deciding whether an incident met the threshold for notifying the public, the p5 was to consider “the degree to which the incident(s) undermine(s) Canadians’ ability to have a free and fair election; the potential of the incident(s) to undermine the credibility of the election; and the degree of confidence officials have in the intelligence or information” (Government of Canada 2019). A decision to notify required consensus among the p5 (Judd 2020, 14). Ultimately, the p5 made no public statements during the 2019 campaign period, meaning it did not conclude that any interference activity met the ceipp threshold, although, in his report on the ceipp process, James Judd noted that “it had been ready to do so if warranted” (Judd 2020, 20). In future, the government should periodically reassess whether the established threshold and relevant criteria are suitable for meeting the threat posed by foreign interference and other emerging cyber-enabled threats to Canadian elections. First, because of the short duration of Canadian elections (37 to 51 days), the time to measure the impact of interference efforts on the election is extremely limited and may be insufficient to evaluate the threat with the requisite certainty needed to meet this threshold. 46 The independent ceipp report noted that “[a]ny potential intervention – based on a consensus judgement – by the Panel had to be exercised quickly in the rapidly evolving circumstances of political campaigning and the 24/7 world of news and social media” (Judd 2020, 16). Second, considerations may need to be amended to reflect developing research and improved knowledge about the effectiveness of cyber-foreign interference efforts. Third, depending on the time between elections, the following factors could significantly change: the population’s susceptibility or resilience to false information or emerging forms of influence, the capacity of Canada’s intelligence agencies to detect and counter interference, and public confidence in state security agencies. As one government document noted, “the Canadian democratic ecosystem has so far shown itself able to selfcorrect … [A] more fractured and divided Canada could make countering misinformation and disinformation more difficult.”47
70
Leah West
Interrupt Of course, the fact that intelligence agencies did not warn the Canadian public of any particular incident or general efforts by foreign adversaries to influence the election does not mean that they did not detect, disrupt, or counter such activities. The 43rd federal election was the first major security event following the passage of the nsa, 2017, which bestowed on cse and csis new and reformed ways of directly responding to foreign influence activities. Whether either agency leveraged its new powers to defend the integrity of Canada’s democratic process remains classified at the time of writing. Thus, the next section will simply detail the scope of cse and csis’s defensive and offensive authorities, offer some insight into how they may have been used to counter foreign cyber-interference, and highlight how leveraging these powers could raise some concerns about political partisanship.
canadian security intelligence service For the first time since its inception in 1984, the passage of the Antiterrorism Act, 2015 gave csis a mandate to directly intervene and take action to reduce threats to the security of Canada. At that time, significant controversy surrounded the introduction of these new offensive powers, often referred to as “threat reduction measures” or “trms.” This was especially true of elements of the legislation that allowed for the use of trms that constitute a violation of Canadian law or the Charter of Rights and Freedoms.48 Critics argued that the scope of the threat disruption activities csis could engage in was largely unconstrained. They also argued that the government’s messaging explaining the need for such powers, and the examples offered by lawmakers to demonstrate how and when csis might leverage trms, did not align with the breadth of what the law authorized.49 Ultimately, the constitutionality of the law was so questionable that csis never employed threat reduction powers that would violate the Charter or Canadian law (Nesbitt and West 2019, 169). Subsequently, the nsa, 2017, amended the csis Act to place tighter constraints on the use of trms, setting the law governing their use on sounder constitutional footing (Nesbitt 2019a). Under the amended legislation, where csis has reasonable grounds to believe a particular activity constitutes a threat to the security of
Defending Democracy from Foreign Cyber-Interference
71
Canada – including foreign influence – the Service may take measures, within or outside Canada, to reduce that threat.50 That is, if csis reasonably believes that a foreign state, organization, or person is attempting to influence the federal election, it may act directly to reduce that threat as long as its actions are reasonable and proportionate, given: (1) the nature of the threat, (2) the proposed measure, (3) the reasonable availability of other means of threat reduction, and (4) the reasonably foreseeable effects on third parties, including their right to privacy.51 Regardless of the severity of the threat, csis is prohibited at all times from deploying a trm that could lead, intentionally or by criminal negligence, to death or bodily harm; violate an individual’s sexual integrity; subject anyone to torture or cruel, inhumane, or degrading treatment or punishment; detain someone; or cause property damage if so doing would endanger the safety of an individual.52 The Service is also prohibited from using a trm to willfully attempt in any manner to obstruct, pervert, or defeat the course of justice.53 A threat disruption measure may, however, violate Canadian law or the Charter if csis obtains prior authorization from the Federal Court. This includes trms that would violate Canada’s international legal obligations (Forcese 2015, 49).54 Moreover, csis can leverage its threat disruption powers inside or outside Canada, and the csis Act does not specify, limit, or prevent csis from carrying out threat disruption measures “on or through the global information infrastructure.” This phrase, as described above, is used to distinguish online conduct from actions carried out in the physical world.55 In practice, the procedure for obtaining a threat reduction authorization would mirror the process for obtaining a warrant to conduct intrusive intelligence collection. The csis Act makes clear that a designated judge may authorize a trm “despite any other law,” meaning Parliament has given csis, with prior judicial authorization, the express authority to conduct threat disruption activities that violate Canadian, foreign, and international law. csis can thus employ both physical and online threat disruption measures to reduce foreign cyber-influence, regardless of where the effect of the Service’s actions is felt, be it online or anywhere in the physical world. A rather benign example of how csis could use this power is notifying service providers of accounts it has identified as belonging to fake social media personas or bots spreading disinformation, or flagging accounts whose conduct violates a platform’s terms of service
72
Leah West
so that providers suspend their accounts. An example of a more aggressive online trm would be “doxing” (revealing someone’s true identity) or releasing the hacked personal information of a foreign adversary to force them underground so that they no longer pose a threat. Importantly, before applying for a threat reduction warrant, the director of csis or their delegate must obtain the approval of the Minister of Public Safety. This requirement means that an elected official could influence whether or not csis takes action to defend a rival political party or campaign from foreign influence. The opportunity for partisan politics, or even the perception of partisanship, to influence Canada’s response to foreign interference is precisely the type of situation the government sought to avoid by establishing the ceipp. Unfortunately, it is not known whether csis or Public Safety Canada implemented any measures to mitigate bias. To avoid any future concerns of partisanship, the ceipp should be amended to mandate the establishment of a record of any decisions made by the minister on measures taken or not taken by csis to reduce cyber-enabled threats during the writ period. Following an election, that record should be subject to review by either nsicop (National Security and Intelligence Committee of Parliamentarians) or the National Security Intelligence and Review Agency (nsira).
communications security establishment csis is not the only agency with the power to disrupt threats to Canadian security. The nsa, 2017 expanded cse’s cyber-security mandate and gave the Establishment the power to conduct both “active” and “defensive” cyber-operations.56 These broad powers were intended to give cse the authority to engage with and respond to individual criminals, terrorist organizations, and state actors who threaten Canadian security, infrastructure, prosperity, and economic interests (Communications Security Establishment 2019c). With these new powers, cse positioned itself to match its Five Eyes partners who, since 2016, have jointly committed to taking a more aggressive cyberposture to defend and deter malicious cyber-actors, including foreign states who seek to interfere in their democratic processes (Public Safety Canada 2018).57 Before the passage of the nsa, 2017, cse could only assist the federal government in protecting its cyber-networks but did not have the authority to act outside government networks to defend or deter
Defending Democracy from Foreign Cyber-Interference
73
cyber-attacks against other Canadian interests. Under the cse Act, the Establishment can now extend its cyber-security and information assurance efforts and provide advice, guidance, and services to private networks designated by the Minister of National Defence as being of importance to the Government of Canada.58 Such networks could hypothetically include platforms or networks operated by Canadian political parties. Going a step further, cse’s new defensive cyber-mandate gives the Establishment the power “to carry out activities on or through the global information infrastructure to help protect (a) federal institutions’ electronic information and information infrastructures, and (b) electronic information and information infrastructures” that are designated as being of importance to the Government of Canada.59 cse’s new “active cyber” mandate is the most aggressive tool in the Establishment’s tool box. It authorizes cse to “carry out activities on or through the global information infrastructure to degrade, disrupt, influence, respond to or interfere with the capabilities, intentions or activities of a foreign individual, state, organization or terrorist group as they relate to international affairs, defence or security.”60 There are, however, several limitations on cse’s use of these new powers. As with cse’s foreign intelligence collection mandate, cse must not direct its cyber-operations at any portion of the global information infrastructure that is in Canada61 or at a Canadian or any person in Canada, and the operations must not infringe on the Canadian Charter of Rights and Freedoms.62 Also, cse must not “cause, intentionally or by criminal negligence, death or bodily harm to an individual” or “willfully attempt in any manner to obstruct, pervert or defeat the course of justice or democracy.”63 Finally, before conducting a cyber-operation, cse must obtain the authorization of the Minister of National Defence.64 Applications must be made in writing by the chief of cse and set out the facts necessary for the minister to conclude that there are reasonable grounds to believe an authorization is necessary, and that any activity authorized is reasonable and proportionate in light of the nature of the operation’s objectives.65 Moreover, the chief must convince the minister that the cyber-operation’s objectives could not reasonably be achieved by other means and that no unauthorized information will be acquired.66 In the case of a defensive operation, the Minister of National Defence must consult with the Minister of Foreign Affairs before approving the
74
Leah West
authorization.67 For an active cyber-operation, the Minister of National Defence may only grant an authorization if the Minister of Foreign Affairs requests or consents to the authorization.68 cse is limited to a list of permitted activities set out in the cse Act.69 In reality, however, the enumerated activities are very broadly defined, and it is not clear that they serve as much of a constraint. Once again, in the context of defending Canadian democracy from foreign influence, this puts tremendous power into the hands of elected officials. It is conceivable that the Minister of Defence (and in the case of active measures, the Minister of Foreign Affairs) could have the final say on whether cse acts to defend a rival political party or campaign from foreign influence. It is unknown if cse or the relevant ministers took measures to avoid such a circumstance in the 2019 election. However, unlike threat reduction measures under the csis Act, possibilities exist to mitigate bias in advance of the election. This is because ministerial authorizations permitting cyber-operations are valid for up to one year, and the types of activities that may be authorized are broader and less particularized than what must be specified in a csis Act warrant.70 Thus, leading into the election, cse could seek a blanket authorization to defend or counter classes of threats from listed actors against any political party or various types of election infrastructure.71 Taking this step would alleviate a situation where the minister, standing for re-election, is in a position to affect the Establishment’s decision to leverage its capabilities to the benefit or detriment of any candidate or party. Even so, the ceipp should be amended to require that any decision taken by a minister regarding cyber-operations to counter foreign influence or other cyber-enabled threats during the writ period be recorded and reviewed by either nsira or nsicop. A review of this kind would help to ensure that partisanship does not influence national security decision making. There is another noteworthy limitation on the use of cse’s active and defensive cyber-operations; the minister may only authorize an active or defensive cyber-activity despite “any other Act of Parliament or of any foreign state.”72 This clause means that cse may carry out a cyber-operation if doing so violates Canadian and foreign law. However, the cse Act does not give the minister the authority to permit violations of international law.73 In effect, this means that cse may only engage in active cyber-operations in response to internationally wrongful acts attributable to a state.74 Actions against Canada, like
Defending Democracy from Foreign Cyber-Interference
75
those undertaken by Russia in the US 2016 election, would certainly trigger Canada’s right to use countermeasures under the law of state responsibility.75 The conduct of the Internet Research Agency, a body attributed to the Russian state, was a clear violation of the prohibition against intervention in the internal affairs of the United States.76 But what if the foreign actor seeking to influence voters on election day is not a state? Under the doctrine of state responsibility, Canada can use countermeasures to induce another state to comply with its international responsibilities.77 Countermeasures are actions, otherwise unlawful, that can be justified as a means of inducing a state to start complying with its legal obligations –- such as not interfering in a Canadian election.78 There is, however, a crucial caveat: Canada can only target its countermeasures at a state or an organization whose actions are attributable to a state.79 As noted, active cyber-measures must target non-Canadians outside Canada. This means that even the most benign offensive cyber-operation will violate the sovereignty of the target/host state, and thus international law, unless that foreign state consents to Canada’s actions or satisfies the criteria for lawful countermeasures. Because cse cannot violate international law when deploying an active cyberoperation, this means that it cannot direct its operations at non-state actors engaged in foreign cyber-interference (unless, of course, they obtain the consent of a foreign state first). From the perspective of international law, this restriction may be welcome. However, from the standpoint of election security, it is a significant shortcoming and may be cause to revisit this statutory limitation should the threat from non-state actors to Canada’s democratic institutions intensify.
conclusion At the time of writing, it is unknown whether any of the aforementioned efforts by csis, cse, or the rrm to investigate, inform, and interrupt cyber-interference prevented foreign adversaries from influencing Canada’s 2019 federal election. The extent to which Canada’s intelligence agencies’ actions disrupted foreign activities remains unknown; the public report assessing the implementation of the ceipp provided no insight on this question. As for the success of csis and cse’s information awareness campaign, it may be impossible to know with any certainty the extent to which their efforts made Cana-
76
Leah West
dian systems, political parties, candidates, media, and voters more resilient and less susceptible to disinformation; however, this presents opportunities for future research. What we do know is that Canada learned from its partners and the lessons of the 2016 US election, and enabled and empowered its intelligence agencies to defend against impending threats to national security. As one former US official explained: “The way the Canadians have responded to the problem of technology and democracy is much more impressive than what we’ve seen in Washington ... Pound for pound, Canada is way ahead of the US in terms of policy development on these issues” (Panetta and Scott 2019). Nevertheless, it is clear that more can be done. In his assessment, James Judd recommends extending the operation timeframe of the ceipp to include the pre-writ period to reflect that cyber-threats to Canadian democracy are not confined to the writ period. Judd suggests that having the protocol in place earlier “would allow the revelation of any foreign interference to be made by a non-partisan body thereby diminishing the possibility that the Government might be accused of using national security for partisan advantage” (Judd 2020, 22). In addition, Parliament should consider amendments to the cse Act to ensure that cse has the legal authority to act against nonstate foreign adversaries. The ceipp should also be refined to ensure that decisions taken by elected officials to approve or reject efforts by csis and cse to interrupt threats to Canadian elections are recorded and reviewed by nsira or nsicop. Finally, it is essential that one, or both, of Canada’s national security review bodies conduct a thorough assessment of cse and csis’s use of their new investigative, disruptive, and cyber-security powers, as well as the overall effectiveness and efficiency of the site Task Force to ensure that the advice provided to the p5 was non-partisan. These recommendations apply not only to foreign interference, but other cyberenabled threats to Canada’s democratic process that may emerge in subsequent years. These efforts should begin immediately. Although the 2019 election may not have been the target of significant figure foreign interference, it did produce a minority government. Unlike 2019, Canadian security and intelligence agencies are unlikely to have another four years to prepare their defences for what comes next.
Defending Democracy from Foreign Cyber-Interference
77
notes 1
2
3
4
5
6
7 8
The details of Russia’s attempts to influence the 2016 US election is available in the “Report on the Investigation into Russian Interference in the 2016 Presidential Election.” The version used for this chapter is The Mueller Report: Presented with Related Materials by the Washington Post (New York: Scribner, 2019) [Mueller Report]. See also the US Senate Select Committee on Intelligence’s Report 116-XX on Russian Active Measures Campaigns and Interference in the 2016 US Election (2016). “‘[I]f even the United States is vulnerable, everyone is,’ said Jean-Baptiste Jeangène Vilmer, a French government official who advised Canada on its election strategy” (Panetta and Scott 2019). Two new authorities were reportedly relied upon to conduct this operation: a presidential executive order and the 2018 National Defence Authorization Act (ndaa), which changed the status of clandestine cyber operations as traditional military activities rather than covert activities, which require additional clearance and oversight from lawmakers. For an overview of the ndaa changes, see Chesney (2018b, 2018a). This evolving cyber doctrine is referred to in the US Cyber Strategy as “defending forward.” Unlike the US, where this task falls to the Department of Defence and the Armed Forces, in Canada Canadian intelligence agencies, rather than the Canadian Armed Forces, are responsible for this mission as it relates to foreign interference. For more on the US strategy see US Department of Defense (2018); The US White House (2018); Kosseff (2019). Defined in s.2 of the Communications Security Establishment Act, S.C. 2019, c. 13, s. 76 [cse Act] as “electromagnetic emissions, any equipment producing such emissions, communications systems, information technology systems and networks, and any data or technical information carried on, contained in or relating to those emissions, that equipment, those systems or those networks.” humint is information derived from people. It includes anything from a Crimestoppers’ tip to information gathered through casual contacts with people in the community, formal interviews, and information collected through clandestine operations or covert interactions with people connected to an investigation. As defined by the Canadian Security Intelligence Service Act, rsc, 1985, c. C23, s.2 (csis Act). 4 June 2019 “site tf Bulletin: Understanding Foreign Interference,” obtained via ati request no. A-2019-01541/NK.
78
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
27 28 29 30 31 32 33
Leah West
Ibid. Obtained via ati request no. A-2019-00326. Ibid. rsc, 1985, c C-46 (for example, s. 342.1(1) – unauthorized use of a computer and s. 430(1.1) – mischief in relation to computer data). SC 2000, c.9 (for example s. 482 – unauthorized use of a computer and s. 282.4 undue influence by foreigners). rsc 1985, c. O-5 (for example, s. 20 – foreign-influenced of terrorist-influenced threats of violence). Charter of the United Nations, 26 June 1945, Can T 1945 No 7, art 2(7). Military and Paramilitary Activities in and against Nicaragua (Nicaragua v United States of America), Merits, Judgment, [1986] ICJ Rep 106 at para 202. Obtained via access to information request from cse: A-2017-00098-00015. Ibid. csis Act, supra note 7, s. 12 Ibid. Ibid., s.2. Ibid., s. 21(1). Ibid., s. 21(3). SC 2019, c. 13, s. 111 [nsa, 2017]. For more on the legal impetus behind the dataset regime and some of the implications of this new collection mandate, see West and Forcese (2019). csis Act, supra note 7, s. 2 (the new regime governs dataset collection if a dataset contains personal information – defined in section 3 of the Privacy Act, as information about an identifiable individual –and does not directly and immediately relate to activities that represent a threat to the security of Canada. Depending on the circumstances, personally identifying information can be anything from your ethnicity to your telephone number or what college you attended. Information that does relate to threats to the security of Canada need not meet the standards in the dataset regime – that information is retained under the terms of section 12, allowing retention of information strictly necessary to the security of Canada.) Ibid., s. 11.13. Ibid., s. 11.17, s. 11.18. Ibid., s. 11.11(1). Ibid., s.11.2 (querying or exploiting a Canadian or foreign dataset must be strictly necessary to csis’s security intelligence and threat reduction mandates). Communications Security Establishment Act, S.C. 2019, c. 13, s. 76, s 16. Ibid., s. 2. Ibid., s 22(1)
Defending Democracy from Foreign Cyber-Interference
79
34 Ibid., s 22(3) (the minister’s authorization is subject to the approval of the Intelligence Commissioner (a newly established quasi-judicial officer. Under s. 34, to grant an authorization, the minister must have reasonable grounds to believe that the authorization is necessary; that the specified activity is reasonable and proportionate to cse’s objective; that the information sought could not be reasonably acquired by other means; and any information acquired under the authorization that relates to Canadians or persons in Canada will only be used, analyzed or retained if it is essential to international affairs, defence or security.) 35 Ibid., s. 20. 36 According to the Mueller Report (Mueller 2019, 25–9), Facebook identified 470 Facebook accounts connected to the Russian-based “Internet Research Agency” that, collectively, made 80,000 posts between January 2015 and August 2017 and may have reached up to 126 million persons. Likewise, in 2018, Twitter announced that it had discovered 3,814 controlled Twitter accounts connected to the ira that had posted approximately 175,993 tweets, reaching 1.4 million people. These Twitter accounts often pretended to be associated with real US organizations or American citizens, often succeeding in getting thousands of followers, and in a few cases would be quoted by major news publications. 37 Obtained via ati request no. A-2019-01724. 38 “tps for uss- Meeting at cse” obtained via ati request no. A-2019-01541. 39 Ibid. 40 “rrm Canada Protocol for Monitoring and Analyzing Foreign Interference (Fl) Activities against October 2019 Election” obtained via ati request to no. A-2019-01541. 41 Ibid. 42 https://www.cse-cst.gc.ca/sites/default/files/cse-cyber-threat-assessment-e.pdf. 43 Obtained via ati request no. 117-2019-655. 44 “rrm Canada Protocol for Monitoring and Analyzing Foreign Interference (Fl) Activities against October 2019 Election” obtained via ati request no. A-2019-01541. 45 Obtained via ati request no. 117-2019-635; see also Panetta and Scott (2019). 46 Canada Elections Act, SC 2000, c. 9, s. 57. 47 “Protecting Canada’s Democracy” obtained via ati request no. A-201900326 48 Anti-Terrorism Act, 2015, SC 2015, c 20, s. 42. 49 See e.g., Forcese and Roach (2015b, 2015a); Nesbitt (2019b). 50 csis Act, supra note 7, s.12.1(1).
80
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73
74
75
76 77 78 79
Leah West
Ibid., s.12.1(2). Ibid., s.12.2 Ibid.. See also R v Hape, 2007 scc 26 at para 53. See e.g. National Defence Act, rsc 1985, c. N-5, s. 273.64. cse Act, supra note 31, s. 16. At the time of writing, New Zealand’s signals intelligence agency did not have the authority to engage in offensive or defensive cyber operations. cse Act, supra note 31 s. 18(a)(ii). Ibid., s. 21(2). Ibid., s 19. Ibid., s. 22(2). Ibid., s. 22(1). Ibid., s. 32 Ibid., s. 29(1), 30(1) Ibid., s. 33, 34. Ibid., s.34(4). Ibid., s. 29(2). Ibid., s. 30(2) Ibid., s. 32. Ibid, s. 36–7 vs. csis Act, s. 21.1(2). cse Act, supra note 5, s. 36. Ibid., s. 29(1), s. 30(1). See supra note 5. Parliament can use legislation to authorize the violation of Canada’s international legal obligations (even though doing so would not absolve Canada of state responsibility) but it must do so explicitly. The cse Act does not explicitly authorize the agency to violate international law. International Law Commission, Responsibility of States for Internationally Wrongful Acts, 2001, 56th Sess, Supp No 10, unts Doc A/56/10, art 2, (“There is an internationally wrongful act of a State when conduct consisting of an action or omission: (a) is attributable to the State under international law; and (b) constitutes a breach of an international obligation of the State.”) [ilc Draft Articles]. Ibid., art. 49 (countermeasures are non-forcible measures taken by an injured State in response to an internationally wrongful act, and only against the State responsible for that act. If countermeasures fall outside these parameters, they themselves constitute an internationally wrongful act). See text accompanying note 15. ilc Draft Articles, supra note 74. Ibid. Ibid., arts 4–11.
Defending Democracy from Foreign Cyber-Interference
81
references Benkler, Yochai, Robert Faris, and Hal Roberts. 2018. Network Propaganda: Manipulation, Disinformation, and Radicalization in American Politics. Oxford: Oxford University Press. Benkler, Yochai, Robert Faris, Hal Roberts, and Ethan Zuckerman. 2017. “Study: Breitbart-Led Right-Wing Media Ecosystem Altered Broader Media Agenda.” Columbia Journalism Review. Bryden, Joan. 2019. “Chief Electoral Officer Worries Parties are Weak Link in Cybersecurity Chain.” ctv, 4 February. https://www.ctvnews.ca/politics /chief-electoral-officer-worries-parties-are-weak-link-in-cybersecuritychain-1.4282247. Carvin, Stephanie. 2020. Stand on Guard: Reassessing National Security Threats to Canada. Toronto: University of Toronto Press. Centre for International Governance Innovation. 2019. Election Risk Monitor Canada. https://www.cigionline.org/sites/default/files/documents /Election%20Risk%20Monitor%20Canada_0.pdf. Chesney, Robert. 2018a. “The 2018 dod Cyber Strategy: Understanding ‘Defense Forward’ in Light of the ndaa and ppd-20 Changes.” Lawfare (blog). 25 October. https://www.lawfareblog.com/2018-dod-cyberstrategy-understanding-defense-forward-light-ndaa-and-ppd-20changes. – 2018b. “The Law of Military Cyber Operations and the New ndaa.” Lawfare (blog). 26 July. https://www.lawfareblog.com/law-military-cyberoperations-and-new-ndaa. Communications Security Establishment. 2017. “Foreign Intelligence Collection.” Government of Canada. https://web.archive.org/web/2017 0612233354/https://www.cse-cst.gc.ca/en/inside-interieur/signalsrenseignement. – 2019a. 2019 Update: Cyber Threats to Canada’s Democratic Process. Government of Canada. Ottawa. https://cyber.gc.ca/sites/default/files/publications/tdp-2019-report_e.pdf. – 2019b. “About the Cyber Centre.” cse. https://cyber.gc.ca/en/about-cybercentre. – 2019c. “Foreign Cyber Operations.” Government of Canada. https://www.cse-cst.gc.ca/en/cse-act-loi-cst/cyberop. Democratic Institutions. 2019a. “Combatting Foreign Interference.” Government of Canada. https://www.canada.ca/en/democraticinstitutions/news/2019/01/combatting-foreign-interference.html. – 2019b. “g7 Rapid Response Mechanism.” Government of Canada. https://www.canada.ca/en/democratic-institutions/news/2019/03/speech-
82
Leah West
thegovernment-of-canadas-plan-to-safeguard-canadas-2019-election .html. – 2019c. “Security and Intelligence Threats to Elections (site) Task Force.” https://www.canada.ca/en/democratic-institutions/services/protectingdemocracy/security-task-force.html. Forcese, Craig. 2015. “One Warrant to Rule Them All: Re-Conceiving the Judicialization of Extraterritorial Intelligence Collection.” Ottawa Faculty of Law Working Paper 41. https://papers.ssrn.com/sol3/papers.cfm?abstract _id=2622606. Forcese, Craig, and Kent Roach. 2015a. “Bill C-51 Backgrounder #2: The Canadian Security Intelligence Service’s Proposed Power to ‘Reduce’ Security Threats Through Conduct that May Violate the Law and Charter.” ssrn. https://ssrn.com/abstract=2564272 or http://dx.doi.org /10.2139/ssrn.2564272. – 2015b. False Security: The Radicalization of Canadian Anti-terrorism. Irwin Law. Global Affairs Canada. 22 October – 15 November 2019. “Centre for International Digital Policy“ Powerpoint Presentation. Goodale, Ralph. 30 January 2019. The Government of Canada’s Plan to Safeguard Canada’s 2019 Election. Democratic Institutions (National Press Theatre). https://www.canada.ca/en/democratic-institutions/news/2019 /03/speech-thegovernment-of-canadas-plan-to-safeguard-canadas-2019election.html. Gould, Karina. 2019. “It’s Important That This is Above Partisanship’: Interview with Karina Gould. In Power and Politics. Online: cbc. Government of Canada. 2019. “Cabinet Directive on the Critical Incident Public Protocol.” https://www.canada.ca/en/democratic-institutions /services/protecting-democracy/critical-election-incident-public-protocol /cabinet.html. Judd, James. 2020. Report on the Assessment of the Critical Election Incident Public Protocol. (Democratic Institutions). https://www.canada.ca/en /democratic-institutions/services/reports/report-assessment-criticalelection-incident-public-protocol.html. Kosseff, Jeff. 2019. “The Contours of ‘Defend Forward’ Under International Law.” In Silent Battle, edited by T. Minárik, S. Alatalu, S. Biondi, M. Signoretti, Tolga and G. Visky. Tallinn: ccd coe Publications. Lanoszka, Alexander. 2019. “Disinformation in International Politics.” European Journal of International Security 4 (2): 227–48. Mueller, Robert S. 2019. Report On The Investigation Into Russian Interference In The 2016 Presidential Election. US Department of Justice. Washington dc.
Defending Democracy from Foreign Cyber-Interference
83
Nakashima, Ellen. 2019. “U.S. Cyber Command Operation Disrupted Internet access of Russian Troll Factory on day of 2018 midterms.” The Washington Post, 27 February. National Security Act, 2017, S.C. 2019, c. 13. Nesbitt, Michael. 2019a. “Bill C-59 and csis’s ‘New’ Powers to Disrupt Terrorist Threats: Holding the Charter-Limiting Regime to (Constitutional) Account.” Alberta Law Review 57 (1): 233–66. – 2019b. “csis’s New Distributive Powers, Grey Holes, and the Rule of Law in Canada.” Alberta Law Review 57 (1): 233–65. Nesbitt, Michael, and Leah West. 2019. “Bill C-59, an Act Respecting National Security Matters: What It Does and Why It Matters.” Alberta Law Review 57 (1): 165–74. Panetta, Alexander, and Mark Scott. 2019. “Unlike U.S., Canada Plans Coordinated Attack on Foreign Election Interference.” Politico, 4 September. https://www.politico.com/story/2019/09/04/canada-foreignelection-meddling-1698209. Privy Council Office. 2019. “Guidelines on the Conduct of Ministers, Ministers of State, Exempt Staff and Public Servants During an Election.” pco. https://www.canada.ca/en/privy-council/services/publications /guidelines-conduct-ministers-state-exempt-staff-public-servantselection.html. Public Safety Canada. 2018. “Five Country Ministerial Meeting and Quintet of Attorneys General Concludes.” Government of Canada. https://www .canada.ca/en/public-safety-canada/news/2018/08/five-country-ministerialmeeting-and-quintet-of-attorneys-general-concludes.html. Rapid Response Mechanism Canada. 2019. Alberta Election Analysis. G7 Rapid Response Mechanism, Global Affairs Canada. https://www.international.gc.ca/gac-amc/publications/rrmmrr/alberta_elections.aspx?lang=eng. Rocha, Roberto. 2019. “Fears of Election Meddling on Social Media Were Overblown, Say Researchers.” cbc. https://www.cbc.ca/news/canada/socialmedia-bots-trolls-canadian-election-2019-1.5343210. rrm Canada. 2019. “Ethical and Methodological Framework for Open Source Data Monitoring and Analysis.” Government of Canada. Scheel, Elise von, and Catharine Tunney. 2019. “Cyber Security Expert Briefs Parties on Protecting Themselves during Election Campaign.” cbc, 8 February. https://www.cbc.ca/news/politics/canadasecurity-cyber-threat1.5010372. Thompson, Elizabeth. 2019. “‘More Needs to be Done,’ Gould Says After Some Online Meddling Detected.” cbc, 28 October.
84
Leah West
https://www.cbc.ca/news/politics/election-misinformation-disinformationinterference-1.5336662. TheTrump White House Archives. 2018. National Cyber Strategy of the United States of America. (online). https://trumpwhitehouse.archives.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf. US Department of Defense. 2018. 2018 Department of Defence Cyber Strategy. (online). https://media.defense.gov/2018/Sep/18/2002041658/-1/1/1/CYBER_STRATEGY_SUMMARY_FINAL.PDF. US Senate Select Committee on Intelligence. 2016. Report 116-XX on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election. West, Leah. 2018. “The Problem of Relevance: Intelligence to Evidence Lessons from UK Terrorism Prosecutions.” Manitoba Law Journal 41 (4): 57–112. West, Leah, and Craig Forcese. 2019. “Building New Haystacks: Information Retention and Data Exploitation by the Canadian Security Intelligence Service.” Alberta Law Review 57 (1): 175–202.
Introduction
PA RT T WO
Digital Technology and the Voting Process
85
86
Free Women in the Pampas
1928
3 A Cyber-Threat Analysis of Online Voting in Canada
Aleksander Essex and Nicole Goodman
introduction With the rapid growth of technology, political institutions and processes are becoming more digital. Although, given their importance for the democratic system, elections are often one of the last institutions to embrace change (Katz 1997; Goodman 2017), many countries are either experimenting with or fully implementing technology in aspects of elections. Adoption of technology in the election process can range from digital poll worker training to online voter registration (Garnett et al. 2019), electronic poll books, electronic tabulation of paper ballots, and electronic or online voting. Election technologies are often introduced to create efficiencies for administrators (Goodman and Spicer 2019) or voters (Hall 2015), to simplify election processes, and to lower the costs of voting in hopes of improving voter participation (Goodman and Stokes 2020). Of these potential ways to digitize the election process, electronic or online voting is perhaps the most controversial given that it offers the greatest potential benefits, yet also presents the greatest challenges (Goodman, Pammett, and DeBardeleben 2010). The term electronic voting can encompass a spectrum of technologies, best defined by the Council of Europe as including, “Direct Recording Electronic (dre) voting machines, ballot scanners, digital pens, and internet voting systems” (Council of Europe 2017). Electronic voting is used in a number of countries worldwide,
87
88
Essex and Goodman
including Australia, Canada, Estonia, India, Switzerland, and the United States. Often, its introduction is accompanied by some type of regulation or standards, which can be mandatory or voluntary, with the goal of mitigating technical risks and upholding electoral integrity. The United States, for example, has very prescriptive guidelines for the use of voting machine performance, testing, and certification via the Voluntary Voting System Guidelines, and many European countries subscribe to the voluntary e-voting standards Rec(2017)5 developed by the Council of Europe. In addition, some European countries such as Switzerland have gone further to establish their own standards, which are mandatory (Essex and Goodman 2020). Canada stands out as an exception, however. Despite being one of the biggest users of electronic voting, notably online voting, Canada has no regulations in place, either nationally, or at the provincial, territorial, and municipal levels. The absence of standards or a regulatory framework has raised questions about the cyber-security risks as well as potential implications should an incident occur. Most of the scholarly work addressing electronic voting in Canada focuses on its effects on voters (Goodman et al. 2018; Goodman and Stokes 2020), administrators (Goodman and Spicer 2019), or the legal framework (Essex and Goodman 2020). However, few contributions address the subject of cyber-threats to Canadian elections (see Garnett et al. (2019) as one exception) and how we can combat them. To shed light on these issues, this chapter explores the state of electronic voting in Canada by paying attention to the challenges it poses for electoral security, legitimacy, and democracy. In particular, the chapter focuses on remote online voting given its prevalence in Canada and the fact that, of potential types of electronic voting, it presents the greatest trade-off between accessibility and security. That is, it offers the greatest potential increases in voter access while also providing election officials with the least control and presenting greater cyber-security threats (Goodman, Pammett, and DeBardeleben 2010; Hall 2015). Specifically, this chapter addresses the following questions: • What cyber-threats does online voting pose for elections in
Canada? • To what extent have cyber-threats been realized in elections and
voting in Canada, and what can be done to mitigate or address them?
A Cyber-Threat Analysis of Online Voting in Canada
89
• What are the implications of these threats for democracy in
Canada? To highlight incidents and potential security vulnerabilities, we draw upon concrete cases of online voting use in provincial and municipal elections and political party votes in Canada over the past two decades. Our analysis points to thirteen instances of technical incidents and vulnerabilities in online elections in Canada, illustrating not only that some risks have been realized already, but also that sizeable risk exposure remains. On this basis, we argue that Canada has a unique and timely opportunity to create and implement a regulatory framework that applies to electronic and online voting and could serve to prevent or mitigate future incidents from occurring. In particular, the onset of the covid-19 pandemic and pressure on governments and election agencies to offer remote voting options to maintain social distancing emphasizes the importance of this research and the necessity of such a framework to uphold electoral integrity while promoting voter engagement. The chapter includes four sections. We begin by providing a brief summary of the types of electronic voting offered in Canada followed by a summary of the literature. The second section outlines the approach and collection of information used to inform the chapter. Third, drawing on the United States National Institute of Standards and Technology’s (nist) review of possible threats to the uniformed and overseas voting program, we outline 17 cyber-threats to elections in Canada. Citing concrete examples where possible, we take into consideration the level of effort required to orchestrate an attack, the potential for detection, and the extent to which such a threat could adversely affect election outcomes. We conclude by discussing the democratic implications and emphasizing the importance of a regulatory framework.
background on the types of electronic voting used in canada Current Experimentation with, and Use of, Electronic Voting Presently, electronic tabulators, telephone and online voting are used in elections in Canada.1 Electronic voting has been adopted most often in lower-level elections and votes (e.g., municipal), whereas
90
Essex and Goodman
higher levels of government (e.g., federal, provincial, and territorial) have been slower to embrace digital changes to voting processes. Tabulators, for example, have been widely used in local elections since the early 2000s and are increasingly being adopted in provincial and territorial elections to deliver administrative efficiencies (Elections Ontario 2019; Essex and Goodman 2020). These counting devices are also used by political parties and unions for various types of votes (Goodman and Pruysers 2019). Of the possible types of electronic voting, provincial and territorial election agencies have been more willing to trial and deploy tabulators given that they are used in a supervised voting environment. Some provinces have expressed concern over remote online voting and its ability to address a range of cyber-issues, including ballot secrecy, vote manipulation, voter identification, device cyber-security, hacking, interruptions, and conducting meaningful recounts (New Brunswick Commission on Electoral Reform 2017). In the Canadian context, online voting is often adopted to improve voter access and convenience or to encourage turnout (Goodman and Pyman 2016; Goodman and Pruysers 2019). It is also typically used remotely, meaning that it is unsupervised, although sometimes online voting stations are set up in central locations to enhance voter access and minimize effects of the digital divide (Goodman and Spicer 2019). Online and telephone voting have been used by local governments in the provinces of Ontario and Nova Scotia since 2003 and uptake has grown steadily with each election cycle, albeit more so for online voting (Goodman, Pammett, and DeBardeleben 2010). The 2018 Ontario municipal elections, for example, saw a total of 177 municipalities offer the voting method, and upwards of one million voters cast a ballot online (Cardillo, Akinyokun, and Essex 2019). Indigenous communities, particularly First Nations, across the country, are also adopting online voting to improve voter participation, enhance community capacity, and ratify their own laws (Gabel and Goodman 2021; Gabel et al. 2016). The vast uptake of online voting municipally and in First Nations makes Canada one of the largest global users of this voting technology. In addition, many communities are eliminating paper voting and running fully electronic elections with online ballots only, or a combination of online and telephone voting. These developments make Canada the only country in the world where elections are completely electronic and unsupervised (Essex and Goodman 2020; Goodman et al. 2018).
A Cyber-Threat Analysis of Online Voting in Canada
91
At the subnational level, provincial and territorial election agencies have begun to trial online voting, or consider its introduction. In 2016, Elections pei first used online voting as part of its plebiscite on electoral reform, although this vote was non-binding. The election agency has suggested an amendment to the Election Act to one day use the technology. Likewise, in October 2019, Elections nwt offered online voting to absentee voters as part of a general election (Essex and Goodman 2020) and continues to consider more permanent adoption through its Standing Committee on Rules and Procedures. Elections Quebec also held a public consultation online, carried out a phone survey, and had a fourteen-member citizens’ panel deliberate and give their opinion on the topic in 2019. A report was filed in June 2020 requesting a new mandate to continue with the work, which would include potential testing of the technology. Provincial and territorial election agencies are likely looking at online voting more seriously in light of the covid-19 pandemic. We may see greater uptake in the coming years as a result, especially if physical distancing is required for a prolonged period of time. As an example of this broader trend, the House of Commons Standing Committee on Procedure and House Affairs (proc) recommended a remote voting solution for legislative votes in 2020, and in early 2021 they passed all of the motions to bring it into effect and launched the system. Finally, online voting is prevalent in union and in federal and provincial political party votes. It has been used by parties of all political stripes for a range of votes including leadership races, internal organization, and policy votes (Goodman and Pruysers 2019). For the most part, agencies and governments have been pleased with the effects of tabulators and online voting – despite any technical issues that have occurred – and their use continues to grow (Goodman and Spicer 2019). Electronic Voting Research Debates about electronic voting have tended to focus on the supposed benefits for voters and administrators, notably accessibility on the one hand, and security risks on the other (Goodman, Pammett, and DeBardeleben 2010; Hall 2015). The majority of assessments of electronic or online voting use in Canada have examined how online voting deployment affects voters and participation. Studies have
92
Essex and Goodman
found strong user satisfaction (Goodman and Pyman 2016), an increase in the participation of less frequent voters (Couture, Breux, and Goodman 2017), and a positive effect on voter turnout in municipal elections (Goodman and Stokes 2020). On the flip side, however, examinations of voters have also found that offering only electronic voting may disenfranchise some voters on the basis of digital literacy (Goodman et al. 2018). In addition to assessments of the effects on voters, evaluations of administrators have also been largely positive, finding that online voting makes administration efficient, and supports increased access and convenience for stakeholders beyond voters (Goodman and Pruysers 2019; Goodman and Spicer 2019). Looking outside of Canada, studies have similarly focused on the effects of online voting on voter participation (Germann and Serdült 2017; Solvak and Vassil 2018), albeit finding no effect. Contributions also find that online voting does not make voting less social (Unt, Solvak, and Vassil 2017) and that older voters are more likely to become habitual online voters than younger “digital natives” (Mendez and Serült 2017). Other studies have addressed the administrative side, finding that alternate forms of voting, including voting online, can ease election management issues (Alvarez and Hall 2006). Finally, there is a group of internationally focused studies that address the issue of electronic voting regulation, mostly in European countries (see, for example, Maurer 2019). Examinations of cyber-threats, however, are mostly relegated to the analyses of computer scientists and software engineers (see, for example, Cardillo, Akinyokun, and Essex 2019). While recent technical reports (Garnett et al. 2019; Goodman 2017) have outlined some cyber-security challenges, social science assessments have not discussed individual incidents in detail nor have they explored the specific and potential consequences of these vulnerabilities. Part of the reason for these lacunae likely has to do with the fact that social scientists tend to examine how changes affect behaviour or policy, but are not trained, nor expected, to look at the technical aspects of the adoption of technology in political institutions. This chapter brings together a software engineer and a political scientist to probe some of these cyber-threats more deeply by outlining concrete examples to contribute in a new capacity to the debate about electronic and online voting and cyber-threats.
A Cyber-Threat Analysis of Online Voting in Canada
93
approach To assess potential cyber-threats to elections using remote online voting in Canada, we draw upon the United States’ National Institute of Standards and Technology’s (nist)’s analysis of perceived threats for the uniformed and overseas voting program,2 and include Canadian examples of incidents and vulnerabilities. The examples presented in this chapter come from news stories, interviews, and extensive discussions with online voting stakeholders, including local governments, national and subnational election agencies, vendors, professional associations, former elected officials and candidates, and community members. We collected these cases from our own research and data collection as part of projects studying online voting. They also reflect our following of the online voting climate closely over the past decade. Specifically, we draw upon semi-structured interviews that we carried out for two other projects – one addressing how to regulate voting technologies in Canada and another that explores the state of online voting in Canada (Essex and Goodman 2020; Goodman 2017). In the former project, we conducted twenty-three interviews with a range of professionals, including government employees, security experts, technology vendors, scholars, and other representatives from relevant election management bodies and organizations in January 2019. The goal of the study was to develop a framework to regulate digital voting in Canada. Interviewees were asked a series of questions about the scope of regulation most appropriate for Canada, recommendations pertaining to technical, legal, and operational guidelines, and input on necessary changes to legislation. The latter study included thirty-two interviews (sixteen with Canadian officials and sixteen with international experts) carried out between July and October 2016 as part of a project with the federal government. The study goal was to propose a plan for online voting in federal elections, which was published in a report authored by one of the contributors, entitled Online Voting: A Path Forward for Federal Elections. Interviewees included a diverse group of lawyers, scholars, government representatives, and practitioners. They were asked questions pertaining to the benefits and risks of online voting; the development of electronic voting programs in other jurisdictions; legal, technical, and operational considerations; and recommendations for potential use at the national level in Canada.
94
Essex and Goodman
In both instances, we followed a standard questionnaire and asked interviewees clarifying questions if needed. The interviews lasted about an hour and we informed all participants about the nature of the research before they took part. Through these interviews, and other discussions with key officials, we either identified the cybersecurity incidents we review in this chapter or better understood the circumstances around their occurence. This chapter differs from earlier contributions developed from these interviews given its specific focus on cyber-threats. Although the studies that inform this chapter address online voting security in part, they do not explore specific Canadian incidents in detail or delve deeply into potential technical mishaps and their possible effects.
cyber-threats to elections in canada As noted, there are currently no regulations for electronic voting in Canada. Although Elections Ontario has been among the first agencies to call for the establishment of common evaluative standards and a certification process for election technology “to ensure we maintain public trust in our electoral system as we adopt technology,” this process is in its early stages. The agency recently established an Advisory Committee on Standards for Voting Technologies to examine possible regulation voting equipment and vote counting equipment (Elections Ontario 2021). The authors of this chapter have also initiated a regulatory process with an accredited standards body to write regulations for online voting specifically. Realizing regulation of election technologies on a national level, however, will likely take some time given the absence of political will federally. The cyber-security requirements of an online election are unique, stemming from a need to convince voters and candidates of the correctness of the sum total of many individual secret ballots. In this regard, online voting is a fundamentally different cyber-security challenge than online banking or shopping (Jefferson 2011). Without a formal, quantitative, and systematic method of evaluating online voting systems, legislators and policy-makers in Canada have over-relied on the cyber-security claims of for-profit online voting service providers.
A Cyber-Threat Analysis of Online Voting in Canada
95
Identifying Cyber-Threats to Elections in Canada As governments weigh the risks and benefits of adopting types of electronic voting, notably online ballots, it is vital that they have access to an account of potential cyber-threats. One such accounting is a document provided by Canada’s Communications Security Establishment (cse) (2017). This document has been influential, especially among Ontario municipalities, who point to its assessment that the risk of cyber-threats to provincial and municipal elections is “likely to remain at their current low level.” This document categorizes cyber-threats to Canada’s elections as existing in three distinct tiers: against the media (i.e., fake news, disinformation, trolling); against political parties and politicians (i.e., cyber-espionage, discrediting/embarrassing candidates/ campaigns); and against election technology (i.e., vote-casting and counting systems). This analysis represents a starting point, but it has some important limitations. First, it places a greater emphasis on the threats to the media and parties than the voting technology, and does not identify key context-specific threats such as the loss in confidence due to nontransparent election results, or privileged access to ballot data. It also predominantly focuses on outsider threat-actors, such as nation-states, hacktivists, cyber-criminals, terrorist groups, and thrill-seeking individuals, and it mostly overlooks insider threat-actors, such as legitimate voters, election officials, voting system operators, manufacturers, and support staff. A more comprehensive assessment comes from the nist’s analysis of online voting in the context of their uniformed and overseas absentee balloting program (nist 2009). This framework currently represents one of the only frameworks to systematically consider cyber-threats in the context of online ballot returns. Each threat is categorized by the relevant threat-actors, the degree of effort required for exploitation and required resources, the difficulty of detection, the potential severity of impact, and possible cyber-security controls. Required resources include items such as computing or network equipment and specialized hardware or electronics, and could encompass larger numbers of human resources or human resources with specialized knowledge.
96
Essex and Goodman
In terms of attack effort: • Low means an attack would require few resources or little
knowledge of the system. • Moderate would require significant resources or knowledge (such
as that available to an insider), and a low number of coconspirators. • High would require extraordinary resources and knowledge, with a large number of co-conspirators. In terms of attack detection: • Low means an attack is unlikely to be detected without
extraordinary resources. • Moderate means the attack is detectable but could require large resources. • High means an attack would likely be detected if proper monitoring was in place. In terms of potential impact, nist associates each threat with standard attack goals aiming to undermine either confidentiality, integrity, or availability. Each threat is categorized in terms of the potential severity of adverse impacts on organizational operations, organizational assets, or individuals: • Low means an attack could have a limited adverse effect. • Moderate means an attack could have a serious adverse effect. • High means an attack could have a severe or catastrophic effect.
Assessment of Cyber-Security Threats to Online Voting in Canada To answer the first guiding question of this chapter and understand the possible threats that online voting poses to elections in Canada, we draw on nist’s threat matrix for web-based ballot return (nist 2009) to categorize the cyber-incidents and vulnerabilities that have been observed to date. For each threat identified in the nist threat matrix, cases are categorized under three types. To address our second research question, we use the term incident to denote threats for which the case concretely demonstrates that the threat was realized or
A Cyber-Threat Analysis of Online Voting in Canada
97
exploited in Canada. We use the term vulnerability to denote threats for which there is a concrete case demonstrating that an online voting deployment or system was found to be vulnerable to the threat. If we are not currently aware of the existence of a case, we list it as currently unobserved. We highlight the democratic implications of our third research question where relevant and expand on this discussion in the conclusion. As shown in table 3.1, of the 17 identified cyber-threats, 13 have been observed in Canada, of which 7 involve an identified vulnerability, and 6 involve an actual incident. The presence of these examples, and the fact that there is no regulation in Canada, presents an opportunity for policy-makers to be proactive and regulate digital elections instead of responding reactively when a future incident occurs. Threat 1: Voter Impersonation / Weak Authentication This threat identifies the possibility of a registered voter being impersonated by another, hostile, individual. nist expects a successful attack would have a moderate effect on election integrity, require moderate effort to exploit, and be moderately detectable. Several incidents involving this threat are alleged to have occurred in the leadership election of Alberta’s United Conservative Party (ucp) in 2017, which is currently the subject of a criminal investigation. The credential needed to cast an online vote consisted of a pin sent by the party to a member’s email address. This form of weak authentication means there was no way for the system to identify who cast a vote using a particular pin, only that the pin was used to cast a vote. If a malicious actor could intercept the member’s application form and substitute the legitimate email address for an attacker-controlled address, they could cast a fraudulent vote on the voter’s behalf (Culnane et al. 2019). A cbc News investigation spoke with several dozen voters, who confirmed that they did not vote in the leadership race despite the voter rolls indicating otherwise. Several other voters confirmed they did not recognize the email address listed in their membership record, suggesting that the login credentials were sent to attacker-controlled addresses (Anderson 2019). As a more technical example, Estonia recently experienced a cryptographic vulnerability in its national public key infrastructure
Vulnerability Currently unobserved Incident Vulnerability
Server-side software logic/accuracy errors Voter-targeted phishing Improper server-side network security configuration
Server-side exfiltration of voter data by malware Client-side exfiltration of voter data by malware
Incident Vulnerability
Server-side voter data modification by malware
Vulnerability Currently unobserved
Currently unobserved
Server penetration and exfiltration of voter data by remote hackers Server penetration and modification of voter data by external hackers
Vulnerability
Server-side voter data eavesdropping by system administrators Server-side voter data modification by privileged administrators
Vulnerability Currently unobserved
Client-side denial-of-service attacks by malware
Network-based voter data eavesdropping Client-side voter data modification
Incident Vulnerability
Insufficient it resources
Incident Incident
Network-based denial-of-service attacks
Incident
Voter impersonation / weak authentication Voter coercion and vote taking
Observed case type
Threat summary
Table 3.1 Current status of observed cyber-threats to online voting in Canada
High High
High
Moderate
High
High
High
High
High
High
Moderate
Moderate
High
High
High
Moderate
Moderate
Potential impact
98 Essex and Goodman
A Cyber-Threat Analysis of Online Voting in Canada
99
(Information System Authority 2018). Estonian citizens use government-issued smart cards to digitally sign their interactions with government services to prove their identity. Similarly, ballots cast in Estonia’s online voting system are digitally signed by voters. This particular cryptographic vulnerability would have allowed an attacker to digitally forge a voter’s signature. An attacker with this capability would have been able to create and cast a cryptographically valid ballot on the voter’s behalf without their knowledge or consent. Threat 2: Voter Coercion and Vote Taking This threat identifies the possibility that a voter could be coerced into voting a particular way by a hostile individual or organization. nist expects that a successful attack would have a moderate effect on election confidentiality and integrity, require low effort to exploit, and be moderately detectable. A second possible scenario we have added to the nist framework includes taking the vote of an individual. This could occur in situations where someone possesses a voter’s municipal voter information notice and their birthdate, allowing them to cast a ballot without the voter’s knowledge. We heard several accounts of incidents directly from candidates and reported by the media during the 2018 Ontario municipal election (Cardillo, Akinyokun, and Essex 2019). Incidents ranged from parents casting ballots on behalf of adult children away at university to one spouse voting on behalf of the other, sometimes without their knowledge. Similar to the weak pin-only authentication used in the Alberta ucp election, the municipal elections in Ontario required only a pin and a date of birth to vote. We also heard several accounts of a lesser version of this threat where voters without a particular voting preference gifted their login credentials to friends or neighbours. Another threat that was put forward was the possibility of intercepting a voter’s information notice and retrieving their birthdate from Facebook or other social media site. As an unsupervised voting method, voter coercion can be quite difficult to prevent and detect, especially amid inter-family power dynamics. Vote taking also poses a problem, especially when the process of authentication is weak, such as in cases where only date of birth is required. In one case where one of the authors was observing a municipal voter call centre, a spouse phoned in because they were
100
Essex and Goodman
having difficulty accessing their online ballot, only to come to the realization that their vote had already been cast. We spoke to one candidate who told us they were contacted by one voter whose spouse cast their ballot while they were out of the house. When the candidate asked the voter if they would report the matter to the authorities, the voter declined because they did not want their spouse to get into legal trouble. Though on a small scale, voter coercion and the taking of individual votes is problematic for democracy and is against voting laws in the country. It infringes on one’s right to cast one’s vote. Threat 3: Network-based Denial-of-Service Attacks This threat considers the possibility that a denial-of-service attack by a hostile organization against the election web servers prevents transmission of voted ballots. nist expects that a successful attack would have a high impact on election availability, require low effort to exploit, and be highly detectable. An incident involving this threat has been observed in Canada. The New Democratic Party’s 2012 leadership vote was disrupted by a deliberate, large-scale distributed denial-of-service (ddos) attack involving more than 10,000 malicious computers that slowed the voting process by several hours, preventing thousands of party members from casting ballots and forcing the party to delay voting for several hours (National Post Staff 2012). Scytl, the company running the online vote, acknowledged in a press release that highprofile political or organizational websites are common targets of denial-of-service attacks, “often launched as protests by the organization’s political or economic opponents” (Payton 2012). Threat 4: Insufficient IT Resources This threat considers the possibility that election officials and network operators have insufficient resources (e.g., bandwidth, servers) to handle legitimate traffic. nist expects that this threat would have a high impact on election availability, require low effort to exploit, and be highly detectable. An incident involving this threat occurred in the 2018 Ontario municipal elections, wherein the election websites of forty-three
A Cyber-Threat Analysis of Online Voting in Canada
101
municipalities experienced a slowdown on election night, preventing ballots from being cast, which affected a combined one million eligible voters (Cardillo, Akinyokun, and Essex 2019). The cause of the issue was determined to be a miscommunication between the online voting service vendor and its it infrastructure (i.e., colocation) provider over the amount of allocated bandwidth. During the slowdown, the bandwidth was set to only one-tenth of what had been intended (Sudbury 2014). To ensure electors were not disenfranchised, thirty-five municipalities declared a state of emergency and extended voting by a full day, and eight communities extended voting by one to two hours (Cardillo, Akinyokun, and Essex 2019; Goodman and Spicer 2019). In many instances, the extension of voting was particularly crucial given that the municipality had eliminated paper ballots. The fact that city officials had to declare a state of emergency raised questions about the technology and the legitimacy of the election results. Threat 5: Network-based Voter Data Eavesdropping This threat considers the possibility of personal information being intercepted between the voter and election official by a hostile organization or network operator. nist expects that a successful attack would have a high impact on election confidentiality, require a high effort to exploit, and be unlikely to be detectable. A vulnerability involving this threat was observed in the Northwest Territories (nwt) 2019 general election. Our analysis of the online voting site found nwt voter data being routed through Cloudflare servers in Toronto. Cloudflare is a large US-based multinational cloud service providing elections with denial-of-service protection. Although cloud services like this are a common it solution, they offer two potential avenues for network-based eavesdropping. First, they have direct, privileged access to voter login credentials and ballot information, and must be trusted to not view and modify voting selections. The second is that the private signing keys used to authenticate the server to the voter are often present on servers in data centres all around the world. This can create geopolitical concerns by more easily exposing these secrets to the reach of other nation-states (Culnane et al. 2017). For example, the public key certificate used to authenticate the nwt voting website to voters was issued by Cloudflare. Our examination suggested that the private
102
Essex and Goodman
signing key used to authenticate an nwt voter’s internet connection in the 2019 election was present in Cloudflare’s data centres in Hong Kong, Japan, and others around the world.3 We shared these findings with the nwt Legislative Assembly Standing Committee on Rules and Procedures, and recommended that, for future elections, the cloud provider restrict private signing keys to Canadian data centres. Threat 6: Client-Side Voter Data Modification This threat considers the possibility that code implanted on a voter’s computer by a malicious individual or organization modifies a voter’s ballot on the way to the election server. nist expects that a successful attack would have a moderate impact on election integrity, require high effort to exploit, and be moderately detectable. Although we have not observed a direct case of client-side data modification in Canada, voters have very limited ability to detect this threat. Unlike a hand-marked paper ballot, a voter cannot directly see what their device sends to the election server. Verifying that their device has correctly posted their ballot selections would require a voter to set up a transport layer security (tls) tunnelling web proxy and reverse-engineer the web app’s protocol and data formats, which is beyond the technical ability of almost all voters. At the same time, the ability to verify a device’s trustworthiness is essential. In most cases, the device a voter uses to cast a ballot is a dayto-day device containing numerous other potentially malicious apps. Furthermore, we have observed some cloud providers injecting code into web connections, ostensibly for the purpose of denial-of-service prevention (Culnane et al. 2017). This is a concern because no online voting deployment in Canada (that we are aware of) offers explicit protection against client-side vote tampering.4 Threat 7: Client-Side Denial-of-Service Attacks by Malware This threat considers the possibility that code implanted on a voter’s computer by a malicious individual or organization disrupts communication with the election web server, preventing the voter from casting a ballot. nist expects that a successful attack would have
A Cyber-Threat Analysis of Online Voting in Canada
103
a moderate impact on election availability, require high effort to exploit, and be moderately detectable. We have not observed a case of a client-side denial-of-service attack in Canada to date. One possible variation of this attack, however, involves a malicious voter crafting a malformed ballot payload that would prevent the entire election from being tallied. This kind of attack was used against the Helios online voting service (Chang-Fong and Essex 2016). In this attack, a special maliciously formatted ballot was constructed that passed initial inspection and was accepted by the server. However, when the voter’s selections were summed with the others, the vote total had an invalid format, generating an error that prevented the results from being reported. Threat 8: Server-Side Voter Data Eavesdropping by System Administrators This threat considers the possibility that a voter’s individual ballot selections are being accessed by authorized individuals5 (i.e., system operators, election officials), resulting in a loss of voter privacy. nist expects that a successful attack would have a high impact on election confidentiality, require moderate effort to exploit, and be unlikely to be detectable. The 2018 Ontario municipal elections were vulnerable to this threat. A risk analysis showed that using dates of birth as a login credential was sufficient to uniquely identify 49.9 per cent of the 2.74 million Ontario voters eligible to cast an online ballot. The vast majority of eligible voters (89.3 per cent) were re-identifiable to within five individuals (i.e., five or fewer individuals in a community with the same birthdate) (Cardillo, Akinyokun, and Essex 2019). Threat 9: Server Penetration and Exfiltration of Voter Data by Remote Hackers This threat considers the possibility that a voter’s individual ballot selections are being accessed by unauthorized individuals, resulting in a loss of voter privacy. nist expects that a successful attack would have a high impact on election availability, require high effort to exploit, and be unlikely to be detectable.
104
Essex and Goodman
To date, we have not observed a case of voter data exfiltration in Canada. As a comparison, however, researchers in the US exploited a simple remote command-line injection vulnerability in the Washington dc mock election, and were able to take complete control of the online voting system (Wolchok et al. 2012). The researchers were able to modify not only the election results, but the entire appearance of the voting website. For example, they changed candidates’ names to those of evil robots from sci-fi literature. As a result, Washington, dc ultimately abandoned the project. Threat 10: Server-Side Voter Data Modification by Privileged Administrators This threat considers the possibility that individuals with physical access to election information systems delete or modify ballots. The relevant threat-actors include unauthorized/hostile individuals, system operators, or election officials. nist expects a successful attack would have a high impact on election integrity, require high effort to exploit, and be unlikely to be detectable. The 2018 Ontario municipal elections were vulnerable to this threat insofar as no system provided objective and public evidence supporting a particular election outcome (Cardillo, Akinyokun, and Essex 2019). Unlike hand-counted ballots, scrutineers of an online vote cannot directly observe counting. We heard from several candidates and residents across several cities who described being unable to get meaningful information about the counting process. Notably, residents of Wasaga Beach approached the vendor to determine if any ip addresses were responsible for casting an unduly large number of ballots. The vendor referred them to the municipal clerk. Residents filed a Freedom of Information request and were told that the City could not respond to the request because it did not have access to that data. Online voting as currently practised in Canada is vulnerable to the threat of insider interference. If wrongdoing ever occurred, the system would not produce public evidence. If the evidence existed internally, it is not clear whether it would be within legal reach of the public, anyway.
A Cyber-Threat Analysis of Online Voting in Canada
105
Threat 11: Server Penetration and Modification of Voter Data by External Hackers This threat considers the possibility that unauthorized individuals or organizations can remotely access election information systems and view, modify, or delete ballots stored on these systems. nist expects that a successful attack would have a high impact on election integrity and confidentiality, require high effort to exploit, and be moderately detectable. To date, we have not observed a case of server penetration and voter data modification in Canada. The hack of the Washington dc mock election (Wolchok et al. 2012), mentioned earlier, however, was a concrete example of server penetration and data modification wherein the researchers changed the ballot selections to the names of famous evil robots. The Washington dc administrators did not detect the intrusion for nearly two business days. Threat 12: Server-Side Voter Data Modification by Malware This threat considers the possibility that code implanted on the election web server by hostile individuals or organizations can delete or modify voted ballots. nist expects that a successful attack would have a high impact on election integrity, require high effort to exploit, and be moderately detectable. Several incidents involving this threat have occurred in the form of municipal ransomware. At least five Ontario municipalities recently fell victim to ransomware in the six-figure range (Coop 2019), of which three (Wasaga Beach, Stratford, and The Nation) used online voting in 2018. While these incidents were financially motivated and did not target the election system itself, they demonstrate the vulnerability of municipal it infrastructure to advanced persistent cyber-threats. More direct manifestations of this threat were observed in the Swiss (SwissPost) and Australian (iVote) online systems (Haines et al. 2020). Unlike the online voting systems that have been deployed in Canada to date, these systems offer a mathematical (cryptographic) proof of the election result. The idea is to provide voters and candidates with
106
Essex and Goodman
objective and public evidence that an election result is correct. The particular implementation in both cases, however, contained a subtle mathematical vulnerability that could have allowed an insider the ability to create a valid-looking (“accepting”) proof of a false election result. This was because New South Wales (Australia) decided to use the same system as the Swiss. Threat 13: Server-Side Exfiltration of Voter Data by Malware This threat considers the possibility that code implanted on the election web server by hostile individuals or organizations can transmit voter ballot selections to a third party. nist expects that a successful attack would have a high impact on election confidentiality, require low effort to exploit, and be moderately detectable. Of all the online elections run in Canada since 2003, we are not aware of any in which the server-side software was made publicly available for inspection, making cases of vulnerable server-side software difficult to identify. However, the City of Toronto conducted an online voting Request for Proposal (rfp) in 2014, in which an independent expert determined the cyber-security of vendor proposals. In one instance, the vendor documentation instructed the City to download and install a version of the Java Runtime Environment “known for at least 6 months to be vulnerable to an exploit that would ‘allow remote attackers to affect confidentiality, integrity, and availability’” (Clark and Essex 2014). Threat 14: Client-Side Exfiltration of Voter Data by Malware This threat considers the possibility that code implanted on a voter’s computer by hostile individuals or organizations can transmit a voter’s ballot selections to a third party. nist expects that a successful attack would have a moderate impact on election confidentiality, require high effort to exploit, and be moderately detectable. Several cases of this vulnerability have been observed in Canada. Before the 2018 Ontario municipal elections, the City of Cambridge fell victim to a cryptojacking attack in which malicious cryptomining Javascript was loaded onto the computers of people visiting the City’s website (Lupton 2018). While not the fault of Cambridge’s
A Cyber-Threat Analysis of Online Voting in Canada
107
it security, it highlights the threat of loading third party web resources for delivering vote-stealing malware. One security mechanism for preventing web-based malware is the inclusion of security headers, special information transmitted by a server at the beginning of a web session indicating its policies for certain security-critical situations. Our examination of the vendors in the 2018 Ontario municipal elections found that none were following best practices for web security headers. For example, none were using appropriate http headers to protect against cross-site scripting.6 Threat 15: Server-Side Software Logic/Accuracy Errors This threat considers the possibility that manufacturer/developer defects in the voting system server software can cause votes to be recorded incorrectly. nist expects that such an incident would have a high impact on election integrity, require moderate effort to exploit, and be unlikely to be detectable. We have not directly observed a case of server-side logic and accuracy errors. Unlike the US, which has standardized testing and a federal system certification program, Canada has no systematic approach to the use of online voting technologies at any stage in the election life cycle. For example, any source-code reviews that do happen are generally not made public. Logic and accuracy testing in online elections has largely occurred on an ad hoc basis, with auditors granted access to cast and count dummy ballots. Threat 16: Voter-Targeted Phishing This threat considers the possibility that voters are tricked by hostile organizations into returning voted ballots via a phishing website, resulting in them being disenfranched. nist expects that a successful attack would have a high impact on election integrity and confidentiality, require low effort to exploit, and be highly detectable. An incident involving this threat occurred in the 2014 Ontario municipal elections. One of the challenges of online voting involves securely communicating the valid url of the voting website to the voter. Not only is there no standardized convention for election website urls, but we have also observed the same vendors using
108
Essex and Goodman
different conventions across different election years. For example, in 2018 the online voting url for Greater Sudbury was intvoting.com /greatersudbury2018. In 2014, it was greatersudburyvotes.ca. In 2014, a local amateur cyber-security enthusiast caused controversy after they purchased the dotcom version of a url and put up an identical-looking copy of the voting website to raise awareness of this issue (Sudbury 2014). In 2018, 98 cities used the domain evote2018.ca. At the time of writing, we noticed that the equivalent domain for the next election, evote2022.ca, was still available for purchase. Threat 17: Improper Server-Side Network Security Configuration This threat considers the possibility that “an attack on the dns system forwards voters to an incorrect website, resulting in the disenfranchisement and the loss of personal information.” This includes all improper network security configurations. nist expects that a successful attack would have a high impact on election availability, although it would likely require high effort and be detectable. Proper tls encryption is necessary for an online voting system. In most cases, tls is the only protection against network-based man-inthe-middle attacks. As an example, the iVote system in Australia was found to have a tls vulnerability in the 2015 New South Wales state election, which researchers demonstrated could be exploited to inject vote-stealing malware (Halderman and Teague 2015). Numerous vulnerabilities indirectly involving this threat have been observed in Canada. As of 2018, it was reported that most election agencies had no support for tls encryption on their webpages, or had vulnerabilities (Cardillo and Essex 2018). While in most cases this is not a direct threat to election integrity (since these agencies were not conducting online elections at that time), it exposes agencies’ lack of basic cyber-maturity.7
cyber-threat summary and democratic implications In total, we found that 13 instances of the 17 potential cyber-threats outlined by nist have occured in elections and votes in Canada where online voting technology has been used. Of these 13 threats, 9 were classified as having a potentially high impact on integrity, privacy, or
A Cyber-Threat Analysis of Online Voting in Canada
109
availability of an election, which could lead to an adverse election outcome. This could include compromising the availability of ballots, their confidentiality, or the integrity of the election by influencing a single vote or many ballots. The realization of these incidents and the presence of vulnerabilities in elections in Canada raises questions about the ability of voting technology both to adhere to election principles and to compromise the integrity of the vote. It also raises issues about the potential effects on stakeholders’ attitudes to and perceived confidence in the election process. Although often the intention of deploying electronic voting is to improve the voter experience and make it more convenient and accessible to encourage participation, it is possible that a technical issue or threat could have the opposite effect, not only discouraging voters from using voting technology in the future, but also affecting their opinions toward political instutions and actors, possibly influencing their orientations toward political engagement and their likelihood to take part.
conclusion The 17 cyber-threats highlighted in this chapter illustrate the considerable amount of risk exposure the use of online voting presents and the extent to which some of this risk has been realized. These examples emphasize that the discussion about how we go about safeguarding electoral integrity in an era of digital elections is an essential one. The importance of this conversation is compounded not only because many elections are fully electronic in Canada, without the option of paper ballots as an alternative, but also given the physical distancing requirements imposed by the covid-19 pandemic and possible lingering effects even after a vaccine is deployed. Creating standards to regulate electronic and online vote use in Canada is one way to start broaching these issues (Essex and Goodman 2020). For example, had there been technical standards and operational protocols in place in Ontario in 2018, the bandwidth issue may not have had the effect it did. Also, had legislation governing municipal elections been updated to better navigate the challenges of extending the election without having to declare a state of emergency, the optics of the postponement in voting hours might have been received less harshly by candidates, the public, and the media. It is important to point out that this technical issue played out mildly compared with
110
Essex and Goodman
the other potential scenarios we have outlined above, which could have a more detrimental impact on voter attitudes and the integrity of the election results. In addition to creating standards, ensuring that the public is educated about possible technical risks and how to protect their vote might be an important future outreach campaign as elections become more digital. Finally, while it was not possible to more fully explore the cyber-threats posed by all types of electronic voting in this chapter, an overarching regulatory framework would, ideally, address a range of technologies because they all expose elections to risk. Some scholars have begun to address how an electronic voting regulation might develop in Canada, which is unique given the high use of online voting, absence of standards, and multi-level governance structure (Essex and Goodman 2020), but political will at subnational and national levels is required to see such a model realized. In particular, the authors of this chapter have been working with an organization accredited by the Standards Council of Canada to develop standards for digital voting in Canada. At the time of writing, this process was beginning early calls for stakeholders to get involved. This development process will also require the participation of scholars across a range of disciplines. In addition to work on standards, scholars should continue to outline possible cyber-threats because they represent the flipside to the numerous benefits of electronic voting that have been well established in social science studies. Scholars studying these topics are also encouraged to work across disciplines to broach these issues from both technical and policy perspectives. When policy-makers and the public decide whether electronic voting brings promise or peril to voting in Canada, it is crucial that evidence of the effects on stakeholders be accompanied by analyses of the technical risks and their potential impacts. The primary policy recommendation from this chapter is, as earlier contributions have emphasized (Essex and Goodman 2020), to develop some type of regulatory framework for digital voting in Canada. Such a framework is essential for preserving democratic health in an era of digital voting and elections. Without a framework, it will be difficult to maintain the benefits realized by voters and administrators when electronic voting is introduced. Other recommendations include: carrying out continued research into cyberthreats; pooling resources of such knowledge and sharing this information both horizontally across governments but also vertically
A Cyber-Threat Analysis of Online Voting in Canada
111
between them; investing in the development of technology so that governments are not always dependent on private-sector solutions that may not work well in all cases; and fostering deep and longstanding partnerships with academics and organizations with expertise in this space. Such knowledge, investments, and relationships will put Canada in a better place to host digital elections in the future.
notes 1
2
3
4
5 6
7
Telephone voting is offered as a partial option in some local elections and First Nations votes. We do not explore the voting mode in more detail here given that it does not neatly fit under the umbrella of electronic voting as the others do. Uptake of and interest in adoption is also lower than the other voting technologies. It should be noted that this US program is actually different variations of email voting and not online voting, although it is conducted online with an internet connection (Thompson 2018). We used traceroute timing analysis from numerous virtual private network (vpn) exit points to examine how visitors from around the world connected to the nwt online voting login page (https://nwt.simplyvoting.com). Although Cloudflare offers the option to restrict keys to a single geographic region, it does not appear the vendor configured it to do so. As a demonstration, we wrote a vote-swapping browser extension in Google Chrome, and developed a special usb device to quickly and automatically deliver the payload onto a computer (Bird 2019). This threat vector becomes more realistic as the vote margins decrease. The Northwest Territories, for example, had several ridings with single-digit margins in 2019. In contrast to unauthorized individuals (i.e., remote hackers). For comparison, a cross-site scripting attack exploit was used against the Helios server, allowing a malicious party to hijack a voter’s web session and cast a ballot on their behalf (Chang-Fong and Essex 2016). In late 2018, Google Chrome began labeling websites not using encryption as “Not Secure.” Despite this, and despite our direct and prolonged efforts to raise awareness of this issue, many election agencies in Canada and several political parties continue to serve webpages insecurely (von Scheel 2019). At the time of writing, and after almost a year of direct contact, Elections Yukon still lacks this basic data protection on their website.
112
Essex and Goodman
references Alvarez, R.M., and T.E. Hall. 2006. “Controlling Democracy: The PrincipalAgent Problems in Election Administration.” Policy Studies Journal 34 (4): 491–510. Anderson, Bruce. 2019. “Think Canada’s Politics are as Polarized as Trump’s America? Think Again.” National Observer. https://www.national observer.com/2019/06/18/opinion/think-canadas-politics-are-polarizedtrumps-america-think-again. Bird, H. 2019. “‘Terrible Idea’: Online Security Experts Warn Against Online Voting in N. W. T. Elections.” cbc News, 11 July. https://www.cbc.ca /news/canada/north/online-voting-northwest-territories-election1.5207356. Cardillo, A., N. Akinyokun, and A. Essex. 2019. “Online Voting in Ontario Municipal Elections: A Conflict of Legal Principles and Technology?” International Joint Conference on Electronic Voting (E-Vote-id) 2019. Lecture Notes in Computer Science, vol. 11759. Cardillo, A., and A. Essex. 2018. “The Threat of ssl/tls Stripping to Online Elections.” International Joint Conference on Electronic Voting (E-Voteid). Lecture Notes in Computer Science, vol. 11143. Chang-Fong, N., and A. Essex. 2016. “The Cloudier Side of Cryptographic End-to-end Verifiable Voting: A Security Analysis of Helios.” 32nd Annual Conference on Security Apllications Conference. Clark, J., and A. Essex. 2014. Internet Voting for Persons with Disabilities – Security Assessment of Vendor Proposals, Final Report. City of Toronto. https://www.verifiedvoting.org/wp-content/uploads/2014/09/Canada2014-01543-security-report.pdf. Communications Security Establishment of Canada. 2017. Cyber Threats to Canada’s Democratic Process. csec (Ottawa). https://cyber.gc.ca/en /guidance/cyber-threats-canadas-democratic-process/page2. Coop, Alex. 2019. “Canadian Municipalities Are On an Island Fighting Ransomware, and Hackers are Barely Trying.” it World Canada, 30 October. https://www.itworldcanada.com/article/canadian-municipalitiesare-on-an-island-fighting-ransomware-and-hackers-are-barely-trying /423387. Council of Europe. 2017. “Council of Europe Adopts New Recommendation on Standards for E-Voting.” Council of Europe. https://www.coe.int /en/web/electoral-assistance/-/council-of-europe-adopts-newrecommendation-on-standards-for-e-voting.
A Cyber-Threat Analysis of Online Voting in Canada
113
Couture, Jérôme, Sandra Breux, and Nicole Goodman. 2017. “La vote par internet augmente-t-il la participation électorale?” In Cyberespace et science politique: De la méthode au terrain, du virtuel au réel, edited by Hugo Loiseau and Elena Waldispuehl, 123–147. puq. Culnane, C., M. Eldridge, A. Essex, and V. Teague. 2017. “Trust Implications of DDoS Protection in Online Elections.” International Joint Conference on Electronic Voting (E-Vote-id), lncs 10615: 125–45. Culnane, C., A. Essex, S. Lewis, O. Pereira, and V. Teague. 2019. “Knights and Knaves Run Elections: Internet Voting and Undetectable Electoral Fraud.” ieee Security & Privacy 17 (4): 62–70. Elections Ontario. 2019. Modernizing Ontario’s Electoral Process: Report on Ontario’s 42nd General Election. Elections Ontario. https://www.elections .on.ca/content/dam/NGW/sitecontent/2019/Reports/2018%20General%2 0Election%20-%20Post-Event%20Report.pdf. – 2021. Advisory Committee for Voting Technology Standards. https://www .elections.on.ca/en/about-us/advisory-committee-for-voting-technologystandards.html#accordionmembers. Essex, Aleksander, and Nicole Goodman. 2020. “Protecting Electoral Integrity in the Digital Age: Developing E-Voting Regulations in Canada.” Election Law Journal 19 (2): 162–79. https://www.liebertpub.com/doi /10.1089/elj.2019.0568. Gabel, C., and N. Goodman. 2021. Indigenous Experiences with Online Voting. Crown-Indigenous Relations and Nothern Affairs Canada. Ottawa. Gabel, C., N. Goodman, K. Bird, and B. Budd. 2016. “Indigenous Adoption of Internet Voting: A Case Study of Whitefish River First Nation.” International Indigenous Policy Journal 7 (3). Garnett, H.A., M. Pal, C. Leuprecht, and E.F. Judge. 2019. Defending Democracy: Confronting Cyber-Threats to Canadian Elections. cda Institute (Online). Germann, M., and U. Serdült. 2017. “Internet Voting and Turnout: Evidence from Switzerland.” Electoral Studies 47: 1–12. Goodman, Nicole. 2017. Online Voting: A Path Forward for Federal Elections. Democratic Institutions (Ottawa). https://www.canada.ca/en/democraticinstitutions/services/reports/online-voting-path-forward-federal-elections .html#toc21. Goodman, Nicole, M. McGregor, J. Couture, and S. Breux. 2018. “Another Digital Divide? Evidence that Elimination of Paper Voting Could Lead to Digital Disenfranchisement.” Policy & Internet 10 (2): 164–84. Goodman, Nicole, J.H. Pammett, and J. DeBardeleben. 2010. A Comparative Assessment of Electronic Voting. Canada-Europe Transatlantic Dialogue.
114
Essex and Goodman
Elections Canada. https://www.elections.ca/res/rec/tech/ivote/comp /ivote_e.pdf. Goodman, Nicole, and S. Pruysers. 2019. “Political Parties and Online Voting in Canada.” In La digitalización de los partidos políticos y el uso del voto electrónico, edited by Thomson Reuters Aranzadi, 263–94. Goodman, Nicole, and H. Pyman. 2016. Internet Voting Project Report: Results from the 2014 Ontario Municipal Elections. Toronto: Centre for eDemocracy. Goodman, Nicole, and Z. Spicer. 2019. “Administering Elections in a Digital Age: Online Voting in Ontario Municipalitites.” Canadian Public Administration 62 (3): 369–92. Goodman, Nicole, and L. C. Stokes. 2020. “Reducing the Cost of Voting: An Evaluation of Internet Voting’s Effect on Turnout.” British Journal of Political Science 50 (3): 1155–167. Haines, T., S. Lewis, O. Pereira, and V. Teague. 2020. “How to Prove Your Election Outcome.” 2020 ieee Symposium on Security and Privacy (sp): 784–800. Halderman, J.A., and V. Teague. 2015. “The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election.” EVoting and Identity (Vote-id), lncs 9269. Hall, T. 2015. “Internet Voting: the State of the Debate.” In Handbook of Digital Politics, edited by Stephen Coleman and Deen Freelon. Cheltenham: Edward Elgar Publishing. Information System Authority. 2018. roca Vulnerability and eid: Lessons Learned. (Republic of Estonia). https://www.ria.ee/sites/default/files/content-editors/kuberturve/rocavulnerability-and-eid-lessons-learned.pdf. Jefferson, David. 2011. “If I Can Shop and Bank Online, Why Can’t I Vote Online?” Election Law Blog (blog). https://electionlawblog.org/wpcontent/uploads/jefferson-onlinevoting.pdf. Katz, R.S. 1997. Democracy and Elections. Oxford: Oxford University Press. Lupton, A. 2018. “‘Taking your cpu for a Joyride’: Why This Week’s Cyberjacking Raises Online Voting Concerns.” cbc News, 15 February. https://www.cbc.ca/news/canada/london/cyberjacking-voting-essex-cyber1.4537818. Maurer, A.D. 2019. “The Swiss Post/Scytl Transparency Exercise and Its Possible Impact on Internet Voting Regulation.” International Joint Conference on Electronic Voting (E-Vote-id).
A Cyber-Threat Analysis of Online Voting in Canada
115
Mendez, F., and U. Serült. 2017. “What Drives Fidelity to Internet Voting Evidence from the Roll-out of internet voting in Switzerland.” Government Information Quarterly 34 (3): 511–23. National Post Staff. 2012. “Cyber Attack on ndp Leadership Vote Involved More Than 10,000 Computers.” National Post, 27 March. https://nationalpost.com/news/canada/ndp-leadership-vote-cyber-attackinvolved-more-than-10000-computers. New Brunswick Commission on Electoral Reform. 2017. A Pathway to an Inclusive Democracy. New Brunswick. https://www.gnb.ca/legis /publications/Electoral%20ReformPathwayToInclusiveDemocracy.pdf. nist. 2009. A Threat Analysis on uocava Voting Systems. US Department of Commerce. https://www.nist.gov/system/files/documents/itl/vote/uocavathreatanalysis-final.pdf. Payton, Laura. 2012. “ndp Voting Disruption Deliberate, Hard to Track.” cbc News, 27 March. https://www.cbc.ca/news/politics/ndp-votingdisruption-deliberate-hard-to-track-1.1204246. Solvak, M., and K. Vassil. 2018. “Could Internet Voting Halt Declining Electoral Turnout? New Evidence That E-Voting is Habit Forming.” Policy & Internet 10 (1): 4–21. Sudbury, cbc News. 2014. “Creator of Greater Sudbury Fake Voting Website ‘Shocked’ by Oversight.” cbc News, 23 October. https://www.cbc.ca/news /canada/sudbury/creator-of-greater-sudbury-fake-voting-website-shockedby-oversight-1.2810069. Thompson, J. R. 2018. “Email Voting in Indiana Elections.” E-Vote-id. Unt, T., M. Solvak, and K. Vassil. 2017. “Does Internet Voting Make Elections Less Social? Group Voting Patterns in Estonian E-Voting Log Files (2013–2015).” PloS One 12 (5). Von Scheel, E. 2019. “Several Webpages from Elections Canada and mps Lack Basic Data Protections.” cbc News, 25 March. https://www.cbc.ca /news/politics/elections-canada-parties-cyber-security-websites-von-scheel1.5069530. Wolchok, S., E. Wustrow, D. Isabel, and J. A. Halderman. 2012. “Attacking the Washington, D. C. Internet Voting System.” Proc. 16th Conference on Financial Cryptography & Data Security.
116
Leah West
4 Public Opinion on the Use of Technology in the Electoral Process in Canada
Holly Ann Garnett and Laura B. Stephenson
introduction The use of technology in elections, from voter registration to casting a ballot, is commonplace around the world, but quite new in Canadian federal elections. Online voter registration was introduced before the 2015 general election, but Canada has not implemented any technology for the voting process itself, because votes are still cast and counted by hand in federal elections. The provinces have been more progressive. New Brunswick used tabulation machines as early as 2014, Ontario did so in 2018, and the Northwest Territories used online voting in their 2019 elections. When considering whether and how to incorporate further technology into the federal voting process, public opinion should be considered. Experts in the use of technology may weigh in with technical opinions about security, utility, and cost, but it makes little sense for the Canadian government or Elections Canada to invest considerable time and money in changing their operations if there is opposition from the voters. After all, maintaining trust in the electoral process is a cornerstone of Canadian democracy, and Election Canada’s mandate; unless voters can be convinced otherwise, considering the potential for detrimental effects on public engagement is paramount. Therefore, this chapter tackles two important questions about public sentiment in election technology. First, how trusting are Canadians of the use of technology in elections? The answer to this question is
Public Opinion on Use of Technology in Electoral Process in Canada 117
key to determining whether Canadians would even be willing to use online technologies for registration and voting, given the contemporary climate of widespread concern about cyber-security and elections. On the one hand, as the use of sophisticated technologies becomes more commonplace, especially since the covid-19 pandemic has moved so much of our lives online, one could imagine voters becoming increasingly comfortable using technology for registration and voting. However, news stories of hacking and cyber-security breaches, particularly about their US neighbours, may instead discourage Canadians from feeling that election technology is trustworthy. Second, it is important to consider whether election technologies may unevenly affect the electorate. Are socio-demographic variables, such as age and level of education, related to trust in, and potential use of, election technologies? Research has demonstrated that participation gaps exist between groups of voters. Could expanding the use of technology for registration and voting potentially reduce the participation gaps, especially for younger voters? Or could it further contribute to the “digital divide” and gaps in participation by socioeconomic status? Understanding variations in the correlates of trust and willingness to use election technologies can provide a first step in this avenue of research. This chapter will employ data from various nationally representative Canadian Election Study surveys (2008–2019) to address these questions. The chapter proceeds as follows: the next section considers the various technologies that can be used in the electoral process, with a focus on online registration and voting. It considers the benefits and drawbacks of these procedures, especially as they pertain to trust. Next, we present the research questions, including hypotheses regarding the potential predictors of support for online registration and voting. We then present the empirical results, first considering the overall trends in support for these technologies, and, second, considering the correlates of support. The final section concludes with reflections on implementing technology into the electoral process, and public trust in elections more generally.
technology and the voting process Although we primarily think of technology in the voting process in terms of casting ballots, such as electronic voting machines, electronic tabulators, and online voting, technology is actually used through-
118
Garnett and Stephenson
out the electoral cycle.1 From databases of registered voters to websites used to announce election results, turnout statistics, or even campaign donation records, technology can be used at any stage of the electoral cycle by a variety of actors, including electronic management bodies, candidates, and citizens. This chapter focuses on citizens’ use of technology throughout their voting process, from registering to vote to casting their ballot and its tabulation. Before a voter casts their ballot, they must first register. In Canada, voters have the opportunity to use online technology in the registration process (Garnett 2019b). Leading up to the 2015 federal election, Elections Canada provided voters with the option of adding or amending registration information through a special electronic voter registration website. Voters could enter their information into the online system to look up whether they were registered and, if so, check whether their information was correct. If they were not already registered, they could submit a request to have their name and information added to the electoral roll. Similar systems are used around the world to check or amend registration information; a recent study of a sample of countries showed that about 30 per cent of those studied used some form of online registration (Garnett 2019a). The Canadian federal government has yet to adopt electronic voting machines, electronic tabulators, or online voting for federal elections. However, since 2003, many municipalities have incorporated them into their elections. Cardillo, Akinyokun, & Essex (2019) report that 45 per cent of Ontario municipal elections in 2018 used some form of online voting, and that 131 municipalities (representing 16 per cent of the eligible voting population)2 did not allow for a paper ballot option. Online voting is also used in some Indigenous communities and was used in the 2016 pei plebiscite on electoral reform (Ministry of Democratic Institutions 2017). Outside of Canada, perhaps the most visible use of online voting is in national parliamentary elections in Estonia (since 2007), in New South Wales state elections in Australia (through its iVote system), and in some areas of Switzerland (Goodman, Pammett, and DeBardeleben 2010). As mentioned earlier, technology also enters the voting process through the use of electronic voting machines and tabulators at polling locations. Electronic voting machines, used in many areas of the United States, come in a variety of types. Commonly used directrecording machines (dres) allow voters to cast their ballots in a polling station directly on a machine that records and tabulates the
Public Opinion on Use of Technology in Electoral Process in Canada 119
results. For an extra measure of security, and to promote public trust, a paper receipt can also be printed and placed in a physical ballot box. Tabulating machines integrate technology into the voting process at the vote counting stage, because ballots can be tallied by the machines. Ontario recently adopted this technology for the 2018 provincial election. There are some who advocate adopting online voting at the federal level in Canada. They note that the costs of voting for voters, minimal though they might be, would be further lowered if individuals did not have to physically travel to a voting booth. This would be particularly helpful for those with mobility concerns, because they would not have to worry about the accessibility of polling stations. The convenience of voting online whenever one had time would also eliminate any of the constraints posed by polling station hours. Further, and perhaps even more important, being able to vote online would eliminate the need for voters to gather information about their polling station to be able to cast a ballot. This technological innovation could therefore reduce inequalities in access to voting and simplify the process for new voters. From the perspective of electoral officials, adopting technology into the election process can be advantageous for streamlining the administrative process of elections. Centralized electronic voter registration records, for example, allow election administrators to easily access and manage registration files, as well as back them up in various places (Shaw, Ansolabehere, and Stewart 2015). Similarly, electronic voting mechanisms with paper trails allow for multiple copies of the voting results to be stored. Also, online registration platforms can reduce instances of misreading handwritten paper files, and enable checks on a voter’s information for accuracy and completeness before a form is submitted (Shaw, Ansolabehere, and Stewart 2015). Finally, electronic voting machines can help prevent incorrectly marked ballots by giving voters a chance to confirm their choices, and reduce tabulation errors when counting ballots by hand. However, adopting new technologies for registration and voting also brings several new challenges, especially concerning cyber-security and privacy. First, several security concerns are associated with the use of technology in the voting process (Buchanan and Sulmeyer 2016), as Essex and Goodman discuss in this volume. The most obvious challenges, often at the forefront when electronic technologies or internet voting are discussed, are the threats of unlawful access (hacking) and the manipulation of election systems or information. To
120
Garnett and Stephenson
interfere with stand-alone electronic technology, such as tabulators, the machinery would need to be tampered with before being sent to polling locations. Such tampering could affect how votes are recorded and stored. Any technology connected to the internet, however, including online voting, also leaves open the possibility that a hacker could gain access to the online system and amend, hold ransom, or even delete voting information, potentially upsetting the entire electoral process (Gritzalis 2003). Another concern is a loss of voters’ privacy. Online registration requires that the voter input potentially sensitive information (in some jurisdictions, this even includes a driver’s licence or passport number) on a website. These privacy concerns could affect a voter’s willingness to register if they are unsure whether their information will be stored securely and not shared or used for other purposes (Barreto et al. 2010). Online voting also opens up the possibility of someone infringing on the voter’s right to a secret ballot, whether by watching individual voters during the online voting process or by viewing voting records if they are improperly stored or leaked. Regarding this potential loss of voters’ privacy in online voting, we cannot ignore the fact that millions of Canadians already use online technology for extremely personal information through online banking. That people are willing to trust their money to an internet connection suggests that they might feel the same about their vote. However, there are two fundamental differences that we must recognize. First, people do not expect secrecy when they use online technology for banking, as they do when they vote. There should be no way to identify one’s vote choice (indeed, paper ballots have no markings that would enable that) while the electronic trail of activities online for most other transactions is an important check against error. Second, online banking is optional and therefore only used by an individual who chooses that option, whereas the electoral process produces a collective outcome that constitutes the cornerstone of democratic government for all voters, whether they choose to use the technology or not. If privacy is not guaranteed other concerns arise, for example, the possibility that people may be coerced into voting a specific way. The privacy provided by physical voting stations ensures that no one else sees the ballot, so coercive attempts are removed from the actual act. If someone was voting online, another person could be watching over their shoulder (or in fact filling in the ballot for them). There is also
Public Opinion on Use of Technology in Electoral Process in Canada 121
no guaranteed way to enforce an effective identity check over the internet. This opens up the possibility that someone could sell their vote to the highest bidder. The democratic consequences of these possibilities are extreme because the integrity of the vote outcome (and the idea of “one person, one vote”) would be jeopardized. Not only can a voter’s individual vote be compromised, but websites used for voter registration and information can be manipulated. For example, hackers could access the election website and send voters to a false registration or voting link, or provide false information about the voting process. Alternatively, they could use bots to flood a website with illegitimate requests that prevent real users from accessing the service (Ministry of Democratic Institutions 2017). Given the well-known benefits and problems with using voting technology, it is important to understand how voters understand and feel about the issues. A first step in this regard is to take stock of what we already know about public opinion about these technologies. Existing literature on online registration shows conflicting responses to the question of whether these processes are trusted. Research done on online registration in some American states, for example, shows that a majority of voters worried about their registration information being hacked (Barreto et al. 2010). However, research from the 2015 Canadian federal election shows that nearly 80 per cent of respondents were very or somewhat confident in providing their personal registration information online to Elections Canada (Garnett 2019b). This compares favourably with the report that 88 per cent of taxes in Canada were filed online in the 2019 tax season.3 Turning to electronic tabulators, electronic voting machines and online voting, some research suggests that voters are less confident in elections when they use technology to cast their ballot (Delis et al. 2014; Pomares, Levin, and Alvarez 2014; Alvarez et al. 2013; Alvarez, Katz, and Pomares 2011). For example, one study in the United States conducted a survey following the 2004 American election, which asked respondents whether they believed their vote was counted as intended (Alvarez, Hall, and Llewellyn 2008). Voters who had used electronic voting technology were less likely to answer in the affirmative. The authors suggest that, while this finding may be related to voters having less experience with electronic voting in the 2004 election, it could also mean that voters didn’t trust electronic voting machines or the highly publicized security issues that surrounded the use of these technologies.
122
Garnett and Stephenson
In some cases, voters can choose whether to opt in to a new voting technology, for example online registration or online voting in municipalities, where options for paper-based participation remain in the Canadian context. In other situations, such as the use of ballot tabulators, there is no opportunity to avoid technology. However, regardless of the specific situation, if technology is involved it is fundamentally important that the public trust that the electoral process and election outcome is a fair and legitimate representation of the will of the people. In this chapter, we are interested in the perceptions of both users and non-users, since even non-users will know when these technologies are in use and may affect the election. Thus, this chapter seeks to understand whether Canadians have faith in the idea of online voting and registration. As noted above, in many ways public opinion should be a precondition for moving forward with more technology in Canadian federal elections.
research questions and hypotheses Based on the existing (and somewhat sparse) literature on public opinion about the use of technology in elections in a variety of contexts, this chapter responds to two major research questions. First, what do Canadians think about the adoption of technology for the electoral process? Do they trust it and would they be willing to use it? Second, what are the correlates of those opinions? We are also interested in how these attitudes have changed over time. On the one hand, there is reason to expect that trust in electoral technologies would increase over time, as voters become more familiar with using the internet for a variety of daily tasks. However, another possibility is that there may have been a decrease in trust in the wake of the 2016 American presidential election (i.e., in the time period leading up to the 2019 Canadian election), since accusations about Russian interference were frequently in the news (Ackerman and Thielman 2016). If Canadians have become more worried about election interference, then support for technologies that are vulnerable to such interference may be affected. We are also interested in the individual-level predictors of trust and potential use of online registration and online voting. This is a key consideration given the importance of electoral engagement for all Canadians. Earlier work using data from 2015 demonstrates that Canadians tended to be highly trusting of online registration, espe-
Public Opinion on Use of Technology in Electoral Process in Canada 123
cially young voters and those with higher levels of education and political knowledge (Garnett 2019b). In this chapter, we expand on that study to consider online voting as well as different election years. Each of the correlates we investigate measure familiarity with online technology in some manner. Building on Garnett (2019b), we expect that trust and willingness to use online election technology will be negatively related to age and positively related to education, income, and experience with online technology. Younger voters should be more trusting of these technologies since they regularly use similar processes in other aspects of their life, and we expect that more educated and wealthier Canadians will have higher rates of use and access to more sophisticated technology, which will lead to familiarity and trust. We also test the familiarity argument in two other ways. First, we test directly whether familiarity with online voting at a different level of government can lead to greater trust in the technology at the federal level by considering whether province of residence is related to trust in election technology. Specifically, Ontario and Nova Scotia have internet voting at the municipal level, so will this contribute to greater familiarity and therefore greater trust? Second, we look at the effect of other forms of internet use on trust in election technology. This may capture the mechanism of familiarity leading to trust better than socio-demographics. While these are only indirect means of testing whether familiarity leads to trust, they are nonetheless helpful to consider, at least preliminarily, to answer this question. Finally, we consider whether overall trust in Elections Canada influences the relationship between voters’ trust in and willingness to use election technology. If a voter has high confidence in the electoral management body, they should be more willing to trust it to implement a system of online registration and voting that will keep their private information secure.
data and methods As noted earlier, this chapter is designed to address two aspects of the debate about technology and Canadian elections: Canadians’ level of trust in the use of technology in elections, and the demographic, attitudinal, and over time correlates of opinions about electoral technology. We make use of Canadian Election Study data from 2008, 2011, 2015, and 2019. As early as 2000, the survey asked questions about
124
Garnett and Stephenson
confidence in the use of technology in the electoral process. More recently, the range of questions has expanded to include comfort with online registration, electronic tabulators, and online voting, as well as direct questions about whether someone would use the technology themselves. These data allow us to track the evolution of opinions over time. For online registration, two sets of questions were asked, one before online registration was possible at the federal level, and another regarding trust once the technology was adopted (first appearing in the 2015 Canadian Election Study). The question asked before it became available was “If you could register for the election online / register to vote over the Internet, would you be very likely, somewhat likely, not very likely, or not at all likely to do so?” (2008, 2011). In 2015 and 2019, when online registration was available, two questions regarding trust in the system were asked: “To complete voter registration online, electors must provide their date of birth, home address, and driver’s license number on Elections Canada’s website. Are you comfortable with providing this information to Elections Canada?” and “Which statement comes closest to your own view? Registering to vote on the Internet is risky; Registering to vote on the Internet is safe.” Since online voting is not currently available in Canadian federal elections, similar questions have been asked about that issue since 2008. The first, asked continuously, is: “If you could vote online / over the Internet, would you be very likely, somewhat likely, not very likely, or not at all likely to do so?” This is a good indicator of a voter’s willingness to use online voting were it to be made available. Another question regarding trust in online voting (“Which statement comes closest to your own view? Voting on the Internet / online is risky; Voting on the Internet / online is safe”) was asked in 2008, 2015 and 2019. Finally, in both 2011 and 2019, voters were asked whether “Canadians should have the option to vote over the Internet / online in federal elections.” Taken together, these questions allow us to paint a broad picture of Canadians’ public opinions on adopting technology into the registration and voting process.
results Below, we present two sets of results.4 The first provides the summary statistics for each of the questions asked about the adoption of technology into the voting process in Canada. The second addresses
Public Opinion on Use of Technology in Electoral Process in Canada 125
Figure 4.1 Likelihood of using online registration Question: “If you could register for the election online / register to vote over the Internet, would you be very likely, somewhat likely, not very likely, or not at all likely to do so?” Responses excluded from calculations: No access to internet, don’t know, refused, not sure, depends.
the question of what predicts levels of trust and willingness to use these technologies. What Are Canadians’ Opinions on the Use of Technology in the Electoral Process? In order to understand what Canadians think about electoral technologies, it is useful to consider the overall levels of trust in and willingness to adopt or use various technologies in the voting process. Turning first to online registration, we see an increase between 2008 and 2011 in voters’ hypothetical willingness to register online, which was not available until 2015. In 2008, over half of respondents (57 per cent) were somewhat or very likely to say that they would use the technology if it were made available (figure 4.1). By 2011, this number had jumped to 70 per cent. Respondents were asked two different questions regarding trust in online registration in both 2015 and 2019. The first question asked whether they considered registering to vote over the internet “risky”
126
Garnett and Stephenson
Figure 4.2 Is online registration risky or safe? Question: “Which statement comes closest to your own view? Registering to vote on the internet is risky; Registering to vote on the internet is safe; Not sure.”
or “safe.” Here, we see that in 2015, 41 per cent of voters indicated “risky,” whereas 37 per cent of voters thought it was “safe.” Another large proportion (23 per cent) were unsure (figure 4.2). By 2019 however, the proportion of respondents who viewed online registration as risky had increased to 55 per cent, those who saw it as safe had decreased, and fewer people were unsure of their opinion. Respondents were also asked whether they felt comfortable providing sensitive personal information to Elections Canada online. Here we see that in 2015, 79 per cent of respondents were somewhat or very comfortable doing so (figure 4.3). This seems to contradict the previous data somewhat, but there are two factors that might be important. First, people often accept a level of risk in their choices (think of flying in airplanes, for example). Second, it is also possible that high trust in Elections Canada may help to mitigate concerns about the safety of online registration. While there might be an acknowledged level of inherent risk in providing personal information, the convenience of online activity and trust in the institution administering the website may counter that. However, the number of respondents who indicated comfort did decrease slightly in 2019 to 73 per cent.
Public Opinion on Use of Technology in Electoral Process in Canada 127
Figure 4.3 Level of comfort in providing information online to Elections Canada for registration Question: “To complete voter registration online, electors must provide their date of birth, home address, and driver’s license number on Elections Canada’s website. Are you comfortable with providing this information to Elections Canada?” Responses excluded from calculations: Don’t know, refuse to answer, seen but not answered.
In 2015, respondents were also asked whether they were comfortable with the use of electronic equipment to count votes at the federal level. Similar to previous questions, a majority (69 per cent) were somewhat or very comfortable with this prospect (figure 4.4). Turning now to online voting, survey data can give us some points of reference about Canadians’ opinions on whether it should be adopted, how risky they think it is, and whether they would be willing to use it. Figure 4.5 depicts respondents’ overall willingness to vote online if it were made available. This is the only question that has been asked consistently since 2008. Between 2008 and 2011, there is a jump in hypothetical willingness to vote online. In 2008, only 47 per cent of respondents were very or somewhat likely to use online voting, but by 2011 this had increased to a majority of respondents, at 61 per cent. While the percentage of respondents who were very likely to use online voting dropped slightly in 2015, overall the percentage of respondents who were somewhat or very likely to take advantage of this opportunity was similar. In 2019, we see another increase,
128
Garnett and Stephenson
Figure 4.4 Comfort with online tabulation (2015) Question: “In Canadian federal elections, each vote is counted by hand. In other countries, they sometimes use electronic equipment to count the votes. Would you be comfortable with the use of electronic equipment to count the votes in Canadian federal elections?” Responses excluded from calculations: Don’t know, refuse to answer, seen but not answered.
Figure 4.5 Likelihood of using online voting Question: “If you could vote online [over the Internet (2011–2015)], would you be very likely, somewhat likely, not very likely, or not at all likely to do so?” Responses excluded from calculations: No access to internet, don’t know, refused, not sure, depends.
Public Opinion on Use of Technology in Electoral Process in Canada 129
Figure 4.6 Online voting is “just too risky” (2008) Question: “Do you strongly agree, somewhat agree, somewhat disagree, or strongly disagree? voting online is just too risky.”
with 65 per cent of respondents indicating they were somewhat or very likely to use online voting if available. Despite the media coverage of cyber-security issues since 2016, it appears that voters are increasingly likely to vote online. We expect that voters’ willingness to use online voting may be related to levels of trust in the particular use of that technology. In 2008, a question was asked about whether “Voting online is just too risky.” The results show that 59 per cent of respondents somewhat or strongly agreed with the statement (figure 4.6). A similar question, albeit worded slightly differently, was asked in 2015 and 2019. In both years, the percentage of respondents who saw online voting as risky was the same (41 per cent), however those who viewed it as safe increased in 2019, from 37 per cent to 46 per cent (figure 4.7). Notably, the percentage of respondents who were unsure decreased dramatically, suggesting that voters have firmer opinions about online voting since technology has become nearly ubiquitous in everyday life. In 2011 and 2019, ces respondents were asked whether online voting should exist (albeit with slightly different response options). Figures 4.8 and 4.9 demonstrate that in 2011, 56 per cent of respondents somewhat or strongly agreed it should exist while in 2019 this figure
130
Garnett and Stephenson
Figure 4.7 Is online voting risky or safe? Question: “Which statement comes closest to your own view? Voting on the Internet is risky; Voting on the Internet is safe; Not sure.”
Figure 4.8 Should online voting exist? (2011) Question: “For each statement below, please indicate if you strongly agree, agree, disagree, or strongly disagree. Please write the number that best reflects your opinion in the space at the right of each statement. Canadians should have the option to vote over the Internet in federal elections.” Responses excluded from calculations: Not sure, left blank.
Public Opinion on Use of Technology in Electoral Process in Canada 131
Figure 4.9 Should online voting exist? (2019) Question: “Canadians should have the option to vote over the Internet in federal elections.” Responses excluded from calculations: left blank, not sure.
was 46 per cent, likely affected by the addition of a “neither agree nor disagree” response option. What Can Predict Canadians’ Trust in Electoral Technology? We now turn to consider the predictors of trust and potential usage of online registration and online voting. Tables 4.1 to 4.4 show the potential correlates of the various survey questions. First, we note that as age increases, there is a statistically significant negative relationship with the likelihood of using, and levels of trust in, both online voting and online registration. This finding is nearly consistent across all questions and years. It demonstrates that, as predicted, younger voters are more likely to trust, and say that they would use, online voting technologies. This is likely related to their familiarity with the new technologies they use in their everyday life. We see similar patterns in the relationships between education and income, and indicators of trust and usage of online technologies. For both income and education, we note that there is generally an increase in trust as education and income increase. However, it is important to
-0.03*** 0.00 0.09 0.18 0.71*** 0.20 0.86*** 0.20 0.34 0.23 0.82*** 0.23 1.27*** 0.22 -0.23* 0.12 0.05* 0.02 0.11 0.41 -0.08 0.43 0.18 0.44
Age Between $30 & $60k Between $60 & $90k More than $90k Completed high school Some or completed college Some or completed university Female Political interest pe ns nb
(1) Would use online registration 2008
-0.06 0.56
0.71 0.55
0.02 0.48
0.04 0.03
0.22 0.14
1.13*** 0.26
0.83*** 0.28
0.89*** 0.27
1.00*** 0.27
0.68*** 0.26
0.13 0.23
-0.02*** 0.01
(2) Would use online registration 2011
Table 4.1 Predictors of trust and potential use of online registration
-0.11 0.61
0.70 0.60
-0.17 0.61
0.10** 0.04
-0.03 0.16
1.44*** 0.47
1.13** 0.48
0.72 0.50
0.74* 0.41
0.42 0.42
0.37 0.42
-0.02*** 0.01
-0.22 0.34
0.01 0.32
0.10 0.64
-0.06*** 0.02
-0.18** 0.08
0.01 0.20
-0.21 0.20
-0.17 0.21
0.42*** 0.13
0.18 0.14
0.09 0.14
-0.01*** 0.00
(3) (4) Online registration Online registration safe (vs. risky) 2015 safe (vs. risky) 2019
-0.97*** 0.37
-0.64* 0.37
0.01 0.47
0.09*** 0.01
-0.12* 0.07
0.52*** 0.13
0.42*** 0.14
0.27* 0.14
0.26** 0.10
0.04 0.10
-0.04 0.09
-0.01*** 0.00
(5) Trust in online registration 2015
-0.22 0.29
0.14 0.29
-0.09 0.52
0.05*** 0.01
-0.10 0.07
.36** 0.16
-0.05 0.16
-0.08 0.17
0.47*** 0.11
0.26** 0.12
0.21* 0.12
-0.01*** 0.00
(6) Trust in online registration 2019
132 Garnett and Stephenson
-0.13 0.41 0.34 0.41 0.97** 0.40 0.46 0.35
mb sk ab bc
1307
1.12** 0.45
-0.05 0.45
937
0.87 0.53
-0.10 0.53
-0.84 0.53
0.52 0.35
-0.18 0.41
-0.08 0.44
-0.13 0.39
0.28 0.31
0.18 0.33
894
-1.37 0.91
-0.14 0.51
-1.27** 0.60
0.00 0.54
-1.06* 0.58
0.12 0.49
-0.20 0.49
3921
0.83** 0.37
-0.58** 0.28
-0.99*** 0.28
-0.71** 0.33
-0.70** 0.31
-0.40 0.26
-0.44 0.27
3721
0.18 0.37
-1.39*** 0.37
-2.46*** 0.37
-0.48 0.33
-0.41 0.34
-0.53 0.38
-0.97*** 0.35
-0.66** 0.32
-0.80** 0.32
Standard errors in second row: * p