Strengthening election cybersecurity in the Commonwealth

A project to enhance Commonwealth countries’ capacity in election cybersecurity is underway.

A Commonwealth Guide on Election Cybersecurity is being developed to support Election Management Bodies (EMBs) to manage risks associated with the use of technologies in elections.

This project is part of a wider programme of work aimed at supporting Commonwealth member countries to implement the Commonwealth Cyber Declaration adopted by Commonwealth Heads of Government in April 2018, and to adhere to the values stipulated in the  Commonwealth Charter.

Although there is significant variation, the majority of EMBs are now using some form of Information and Communications Technology in their electoral processes, meaning there is an appetite for guidance and training material on managing associated cybersecurity risks.

A draft Guide has been developed based on a survey of existing Commonwealth systems and processes, as well as in-depth studies of Ghana, Pakistan and the UK.

This week, a two-day expert review meeting was held to strengthen the draft Guide via the exchange of country experiences and discussion of recommendations and good practice.

Image

In her opening remarks, Commonwealth Governance and Peace Director, Katalaina Sapolu, said: “With around 15 Commonwealth countries having parliamentary or presidential elections in the next year and a half, the outputs of our work will have a real, tangible, impact on the security and integrity of Commonwealth democratic processes on the ground.”

The event at the Commonwealth’s headquarters in Marlborough House, London, was attended by delegates from 16 Commonwealth EMBs, and included representation from every Commonwealth region. Representatives from a number of international organisations working in the area also attended.

Solomon Islands Electoral Commission Operational Manager, Fredrick Bosoboe, said: “Having a guide in place will definitely help the Solomon Islands Electoral Commission venture into using technology more.”

The integration and use of technology has helped EMBs to manage electoral processes more effectively and transparently. However, it introduces new vulnerabilities which must be managed to maintain election integrity and voter trust.

Dr Kushal Pathak, Chief Information Security Officer and Director of Information and Communications Technology at the Electoral Commission of India said: “This guide will be a stepping stone for all EMBs…to share best practices and what we have gone through in these elections.”

In the last few years, the Commonwealth has launched the Compendium of Commonwealth Good Practice on Election Management and the Commonwealth electoral good practice guides on voter registration, EMB independence, managing the power of incumbency and new media and the conduct of elections to assist member countries in delivering fair, credible and inclusive elections.

Image

In addition, it provides technical assistance to EMBs in response to requests from member states, focusing on a range of issues, from voter education, electoral reform and strategic communication and outreach.

Once published, it is hoped the guide will be a useful resource for election management bodies in integrating cybersecurity as a cross-cutting theme across their different work areas.

Libisi Maphanga, Chief Information Officer at the Electoral Commission of South Africa said: “It’s a learning cycle, we share experiences and when we get back home we will see whether we can make some improvements on our processes. I think the guide will build a framework we can use.”

The final document will be used as the basis for regional trainings for Commonwealth elections management officials on strengthening cybersecurity in election processes. These will be held in South Africa in September and Australia in November.

Learn more about our democracy and elections work