Hacking, persuasion and the local elections

One month to local elections and we’re still unpicking details of the Cambridge Analytica scandal. Under the haze of many emerging scandals over outside influence on votes such as the 2016 US Presidential election and the EU Referendum, it’s still unclear how concerned we should be about cyber-manipulation and local elections.

There are three ways that the Western electoral system has been attacked, and different ways this can impact on local authorities.

  1. Direct attacks on electronic voting.

Electronic voting machines are hackable. While there’s no evidence that this has affected election outcomes yet, there is still reason to be concerned. Election officials can be vulnerable to targeted attacks, especially as they’re keen to help prospective candidates and voters in the run up to election. Disruptive agents were able to scan parts of the electronic voting system in the US using these kind of phishing attacks. Even in paper-based England voter registrations are electronic. Accidental voter-roll errors in Barnet a few years ago caused disruption; more could happen with deliberate intent. And there is speculation that the crash of the national voter registration system before the EU referendum may have been due to cyber attack.

Whether or not an attack on the electoral register could sway outcomes, it could impact confidence and trust in the system. As local authorities are responsible for maintaining rolls and for polling itself, this represents a serious risk.

  1. Hacking candidates:

Political dirty tricks are nothing new. One or more political parties in the US had their email systems hacked before the election. Stealing data electronically is equivalent to breaking into offices to steal paper files – as in the Watergate scandal. Candidates for national and local office have also been threatened with revealing personal information (including sexual orientation) by political foes and ‘friends’ alike. One of the best loan words of 2016 was ‘kompromat’. While there is begrudging acknowledgement that these things happen, when combined with newer disruption-techniques and the speed at which rumours can now spread, they erode trust and feed the perception that ‘they’re all as bad as each other’. This drives populism.

Councils can and should play a role in addressing intimidation online. There is a recent LGiU members-only briefing on this topic.

  1. Swaying voter opinion

The whole purpose of a campaign is to sway voter opinion and action, but there is something newer and darker afoot now that we have billion-user social media platforms.

There are two fundamental and uncomfortable truths behind the scandals surrounding social media and elections.

  1. We are not as unique as we think. We can be classified into types – complex types to be sure, but we are classifiable and predictable.
  2. We are more susceptible to persuasion than we would like to think.

We have always known that we are persuaded by messaging, and by opinions of our social network. Easily shareable and persuasive messaging on that network can sway voting patterns, particularly when messages are targeted.

The Cambridge Analytica affair highlighted the vast amounts of data about ourselves that we share through platforms like Facebook. What we ‘like’ and what we share, even under the most open and public settings, reveals much about us. For example, correlations can be made between liking a particular brand of confectionary and perhaps a sporting team, and support for one side of a contentious political issue. Innocuous ‘likes’ can be turned into educated guesses of your voting intent or susceptibility to populist propaganda. Information or disinformation can be spread in a very targeted way, shared by your friends without their realising the impact or the source, and ‘hidden’ in private groups. As this information is shared by individuals through ‘free’ media, campaign-financing laws are tricky to apply. Profiling and targeting based on vast data sets is still an emerging undertaking, not yet fully understood, but certainly presents danger in the wrong hands. The focus has been on national elections, but local elections could certainly be targeted too.

Individual local authorities may not stop this, but should certainly seek to make official information as transparent and accessible as possible. Our guide to election communications sets out some easy ways to do this. Fair elections are under threat and the councils that run elections should do all they can to maintain the integrity of local democracy.

Read our free guides to better election communications and Ones to Watch and LGiU coverage of the local elections.

Photo Credit: sbszine via Compfight cc

  1. Leave a Reply

    Your email address will not be published. Required fields are marked *

    1. Mark Heath says:

      I think that an attack on every separate EMS system to produce partial registers is a low risk not least as the system isn’t centralised national or accessible in a straightforward way, being fragmented and held individually on each councils IT system. Right to login and keep an eye on it but perhaps a good outcome of not having a national system linked together

      1. Ingrid Koehler says:

        Sure, lower risk, but what has happened elsewhere is that there were phishing attacks on electoral officers who were in charge of distributed systems. If you are targeting particular councils or MPs, it’s not a bad way to go. In a parliament as finely balanced as this one is, you don’t have to target too many to get a change.