Pillars of Trust: Requirements for Accountable and Trustworthy Digital Election Systems

From the perspective of a security and data accountability auditor, information systems for general elections and regional head elections must meet several absolute requirements to be deemed accountable and trustworthy.

Here are those requirements, categorized by system component:

1. Voter:
   • Secure Authentication: Users must be verifiable with strong authentication systems, such as two-factor authentication (2FA) or biometrics.
   • Anonymity: Voter identity must be kept confidential, ensuring choices cannot be traced back to individuals.
   • Accessibility: The system must be accessible to all voters, including those with disabilities, without compromising security.
   • Vote Verification: Voters must be provided a way to verify that their choices have been correctly recorded.
2. Administrator:
   • Strict Access Control: Admin access rights must be limited only to strictly necessary tasks.
   • Audit Logs: All admin actions must be meticulously recorded to ensure transparency and accountability.
   • Segregation of Duties: No single individual should have full access to all system aspects to prevent conflicts of interest or manipulation.
3. Operator:
   • Specialized Training: Operators must understand standard operational procedures (SOPs) to avoid human error.
   • Temporary Access: Operator access to the system should only be granted when necessary and for a limited duration.
   • Active Monitoring: All operator activities must be monitored and logged in real-time.
4. Frontend (User Interface):
   • User-Friendly UI/UX: The interface must be intuitive and minimize the risk of user error.
   • Input Validation: User input data must be validated to prevent inappropriate or manipulative data.
   • Communication Security: Data transmitted via the frontend must be encrypted (e.g., using HTTPS).
5. Backend:
   • System Resilience: The backend must be designed to handle heavy loads during elections without downtime.
   • Data Integrity: The system must prevent unauthorized data modification, for example, through hashing mechanisms.
   • Data Encryption: All sensitive data must be encrypted both in transit and at rest.
6. Database:
   • Redundancy and Backup: The system must have real-time backups and disaster recovery mechanisms.
   • Data Security: Database access must be protected with layers of security, including firewalls and encryption.
   • Data Traceability: Every data change must be clearly traceable through an audit trail.
7. Network Infrastructure:
   • Attack Protection: The system must have protection against DDoS attacks, malware, or other exploits.
   • Network Segmentation: The network must be divided into separate segments to limit the impact of potential breaches.
   • Real-Time Monitoring: All network activities must be monitored to quickly detect anomalies.
8. Audit and Monitoring:
   • Periodic Audits: The system must be audited by independent parties before, during, and after elections to ensure integrity.
   • 24/7 Monitoring: The system must be monitored around the clock to detect suspicious activities.
   • Transparent Disclosure: Audit results and incident reports must be made available to the public to build trust.
9. Compliance and Regulation:
   • Standard Compliance: The system must comply with international standards, such as ISO 27001 (information security management) and OWASP (web application security).
   • Local Regulations: The system must comply with national election regulations, such as personal data protection laws and election governance.
10. Transparency and Public Verification:
    • Open Source or Code Audit: If possible, the system should be open source or allow independent code audits.
    • End-to-End Verification: Every step in the election process, from voting to results tabulation, must be verifiable by voters, operators, and third parties.

Editor’s Take from Repiw

An accountable and trustworthy election information system isn’t just about advanced technology; it’s fundamentally about trust, transparency, and adherence to security and accountability principles. Strict implementation and oversight of the components listed above are key to achieving this.

Technologies like Sirekap (Indonesia’s Vote Recapitulation Information System) act as a bridge towards more transparent and efficient elections. However, transparency alone isn’t enough; validity and public trust are the ultimate currency.

If this system can address these challenges, then the 2024 Regional Elections could become a significant milestone in the digitalization of Indonesian democracy.

Conversely, without comprehensive improvements, Sirekap will merely be another experiment that fails to meet public expectations.