Dutch choose late election result to avoid hacking risk
-
A polling station in Amsterdam (Photo: Sebastiaan ter Burg)
By Peter Teffer
The fear of elections being the target of hackers is not new in the Netherlands.
More than a decade ago a citizens' group, called 'We don't trust voting computers', showed how easily the Dutch voting computers, in use since 1991, could be compromised.
Join EUobserver today
Become an expert on Europe
Get instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Already a member?
Their campaign eventually led to the decision to ban the voting computer. Since 2009, Dutch voters have used red pencils to vote.
An attempt to reintroduce voting computers last year failed when the centre-left Labour party teamed up with opposition parties.
Still, the Dutch government is vigilant when it comes to possible foreign attempts to influence the elections.
“I don't have concrete evidence, but I am not naive about it,” said Dutch foreign minister Bert Koenders in January.
His colleague at the security and justice ministry - before he stepped down over an unrelated scandal - Ard van der Steur said in a parliamentary debate last month that it is “dangerous” to underestimate the risk of foreign hacking during the election campaign.
“We are very, very alert,” he said in a parliamentary debate with MP Kees Verhoeven, who has deep suspicions Russia will try to influence the Dutch elections.
“The Netherlands is because of the Ukraine referendum and the MH17 a potentially very interesting target,” said the MP of the pro-EU centrist D66 party.
He referred to a citizens-enforced referendum last year, in which voters rejected an EU-Ukraine political and trade deal, and the attack on passenger flight MH17, which Russia-controlled forces are assumed to be responsible for.
“I would even say that it is obvious the Russians will try to influence the Dutch elections on 15 March,” added Verhoeven.
Votes on a USB stick
So when Dutch broadcaster RTL Nieuws reported this week that computers used to register the votes are vulnerable to tampering, the Dutch government reacted swiftly.
While voting and counting at the polling stations are done by hand, the results are then put into a software programme and loaded onto a USB stick which is then delivered to one of twenty central locations for electoral districts.
RTL Nieuws had found that the software was vulnerable because it did not contain any security requirements for computers it is used on. It can be installed on a Windows XP computer, for which security updates ceased in April 2014, the report said.
Hacking now 'excluded'
Interior minister Ronald Plasterk decided on Wednesday (1 February) that these last steps will now be done by hand.
“I want everyone to be sure that the results are really the results,” said Plasterk, adding that hacking of the results is now “excluded”.
But some criticised the decision, saying risks were being exaggerated.
The Dutch Association for Citizens' Affairs, involved in the counting the votes, said on Wednesday the decision was probably unnecessary and “driven by media coverage”.
It said that the electoral process, as a result, will cost more and take more time.
Human mistakes
The Dutch Electoral Council added that without the digital aid, there is a higher chance that people will make counting mistakes.
It said it cannot guarantee it can announce the preliminary election results on the evening of the vote, as it traditionally has been able to do. The final tally will also be delayed.
Meanwhile, other types of digital vulnerabilities are also being scrutinised.
Dutch newspaper NRC Handelsblad reported this week that many political parties have websites that are not properly secured.
The daily quoted an ethical hacker who said the websites of four major parties were vulnerable to hacking.
The report followed a successful attempt by RTL Nieuws to break into the Twitter account of one MP, and the LinkedIn account of another.
The chairwoman of the Lower House, in response, has organised special training from security experts for MPs.