Imagine voting through Google, Apple
Spanish-based SCYTL may raise national security concerns
The company previously has faced questions about the security of its electronic voting technologies, which are now set to be deployed in 900 U.S. jurisdictions via its U.S. subsidiary.
Concerns have also been raised about SCYTL’s ties to the Spanish government and to international venture capital firms.
Now SCYTL has unveiled a platform that it says encrypts each individual ballot on a voter’s Google or Apple mobile device before the ballot is then transmitted to an electronic voting system.
Using this technology “Scytl is now able to guarantee end-to-end security – from the voter to the final tally – not only for computer-based online voting but also for mobile voting,” stated a press release by the company.
“By leveraging its pioneering security technology with Google and Apple’s mobile device platforms, Scytl has become the premier election technology provider to offer an online voting system that guarantees the highest standards in terms of both voter privacy and ballot integrity both on personal computers and mobile devices,” said Gabriel Dos Santos, Scytl’s vice president of software engineering.
The U.S. currently does not utilize voting platforms using mobile devices. SCYTL sees such methods as the future of electronic voting.
It is unclear what role SCYTL’s U.S. subsidiary, SOE Software, will take during this year’s presidential election.
This past January, SCYTL, based in Barcelona, acquired 100 percent of SOE Software, the leading software provider of election management solutions in the United States.
The press release announcing the acquisition noted that SCYTL is a portfolio company of leading international venture capital funds Nauta Capital, Balderton Capital and Spinnaker.
National security concerns
With the purchase of SOE Software, SCYTL has increased its involvement in the U.S. elections process. SOE Software boasts a strong U.S. presence, providing results in over 900 jurisdictions.
In 2009, SCYTL formally registered with the U.S. Election Assistance Commission (AEC) as the first Internet voting manufacturer in the U.S. under the EAC Voting System Testing and Certification Program.
Also that year, SCYTL entered into an agreement with another firm, Hart InterCivic, to jointly market a flexible and secure electronic pollbook purportedly to allow U.S. election officials and poll workers to easily manage the electoral roll on Election Day in an efficient and convenient manner.
SCYTL’s ePollBookTM already replaced the paper precinct roster in Washington, D.C.
During the midterm elections in November 2010, SCYTL successfully carried out electoral modernization projects in 14 states. The company boasted that a “great variety” of SCYTL’s technologies were involved in the projects, including an online platform for the delivery of blank ballots to overseas voters, an Internet voting platform and e-pollbook software to manage the electoral roll at the polling stations.
The states that used SCYTL’s technologies during the midterms were New York, Texas, Washington, California, Florida, Alabama, Missouri, Indiana, Kansas, Mississippi, New Mexico, Nebraska, West Virginia and Washington, D.C.
Just prior to the midterms, however, the new electronic voting system in Washington, D.C., was hacked.
As a program security trial, the D.C. Board of Elections and Ethics reportedly encouraged outside parties to hack and find flaws in its new online balloting system. A group of University of Michigan students then hacked into the site and commanded it to play the school’s fight song upon casting a vote.
This is not the first time SCYTL’s systems have been called into question.
Voter Action, an advocacy group that seeks elections integrity in the U.S., sent a lengthy complaint to the U.S. Election Assistance Commission in April 2010 charging the integration of SCYTL systems “raises national security concerns.”
“Foreign governments may also seek to undermine the national security interests of the United States, either directly or through other organizations,” Voter Action charged.
The document notes that SCYTL was founded in 2001 as a spinoff from a research group at the Universitat Autonoma de Barcelona, which was partially funded by the Spanish government’s Ministry of Science and Technology.
SCYTL’s headquarters are in Barcelona with offices in Washington, D.C., Singapore, Bratislava and Athens.
Project Vote noted that in 2008, the Florida Department of State commissioned a review of SCYTL’s remote voting software and concluded, in part, that:
- The system is vulnerable to attack from insiders.
- In a worst case scenario, the software could lead to (1) voters being unable to cast votes; (2) an election that does not accurately reflect the will of the voters; and (3) possible disclosure of confidential information, such as the votes cast by individual voters.
- The system may be subject to attacks that could compromise the integrity of the votes cast.