The Estonian parliament has passed a bill that makes it possible for people to vote using their mobile phones. The law, which comes into force in 2011, equates national ID cards with secure, certified SIM cards.
The reason that online voting hasn't been very popular yet is that ID cards need several things to be used for the sort of authentication that the government IT network needs. You need a physical reader - which are cheap and available in any electronics store, as well as built into some new laptops - and you need certificates, which can be obtained online through a fairly quick and simple procedure. But the biggest problem is that you need to have your set of PIN numbers for the ID card. There's one short number for authentication, and a longer one used to sign documents digitally. You get these numbers in an envelope along with your ID card, just like you get your bank PIN.
The difference is that you use your bank card all the time, and with Chip&PIN authentication, you type in the number all the time, whether at a cash machine or in a shop. The ID card's PIN you don't use every day. In fact the only time you'll have to enter it, is when you are confirming your identity online. With the exception of people exchanging important, signed documents, and people regularly transferring large amounts of money (you can't send online bank transfers over 5000 EEK - a little over 300 Euro - without secure authentication), you just don't need the ID card's PIN in everyday life.
And the upshot is, interestingly, the same as what I said about SMS spam: the inconvenience is easy to eliminate, but most people aren't bothered enough to eliminate it. (You can get new PINs at any bank branch; but how often do Estonians walk into a brick & mortar bank branch these days?)
Now, with Mobile ID, that could change. I don't use Mobile ID myself (I don't think Tele2 supports it yet), but if the PIN is the same as your phone, and you don't need a separate reader - if the authentication is done purely on the handset - then we can actually expect the vast majority of eligible voters to have the ability to cast their ballots early and often.
The important thing is that the cost of running a vote is decreased significantly. It would be technologically feasible to transfer more and more decisions to a referendum. Estonia would approach that theoretical ideal of government: the direct democracy, where decisions would be made not by representatives, but by citizens themselves.
Your question for today: would that be a Good Thing?
Thursday, December 11, 2008
Subscribe to:
Post Comments (Atom)
3 comments:
Any insights on security?
Not less secure than paper ballots, essentially.
A mobiil-ID SIM card has PIN codes, too, right? You need a PIN1 to unlock the phone and some sort of PIN2 to vote, I would think.
M-voting would seem to be simpler than getting the ID card reader drivers, certificates and browsers to cooperate on your computer.
For me, direct democracy is not about increasing the number of ballot referendums, but getting voters involved in the actual voting procedure -- MPs would not be able to horse-trade or cave in to special interests or powerful lobbies. They would have to do as their constituents say.
And it is useless if the executive branch gets stronger at the same time.
Post a Comment