Government moots ID card links for new UK voter database

Honey, I broke the democratic process...

Beginner's guide to SSL certificates

The Government is moving ahead with plans to establish a centralised national register of voters, together with central checking and verification of the data held on electoral registers. The system, to be implemented in the form of CORE (Co-ordinated Online Record of Elector) schemes, is intended to be brought in via the Electoral Administration Bill currently before Parliament, and is subject to a consultation process ending on 7th March.

According to the consultation document (available here), the CORE system is intended to improve the quality of electoral registers, provide more efficient access to registration data, support "modernisation of the voting process" and provide opportunities for reports and research to be produced based on a national dataset. Essentially, standardised electronic systems will be introduced in the UK's voting systems in preparation for the implementation of electronic voting in its various flavours, and the Government has opted for a sort of compromise between maintaining the current decentralised election systems and imposing a national, centrally-controlled one.

But only sort of. CORE systems will work via a "CORE keeper", probably an experienced Electoral Registration Officer in the system's initial, regional rollout, but likely to be the Electoral Commissioner once the system is live nationwide. So the Government is giving itself powers to set up CORE schemes, but ultimately only a single national scheme is envisaged. The CORE keeper(s) will perform some of the functions EROs are expected to perform under the current system, i.e. check for multiple registration of electors, for a single elector being issued with and/or casting more ballots than they are entitled to, or for suspiciously large numbers of electors being registered at a single address.

Local EROs will provide the CORE keeper with the electoral registration data (possibly as frequently as daily), while the CORE keeper will use the national dataset to spot anomalies and potential frauds, and will then forward details to all the EROs affected. Clearly an element of clunkiness intrudes here, because in principle most of the problems identified by the CORE keeper would - given sufficient resources and motivation - have been tackled directly by local EROs under the previous system. One should therefore expect that the advantages attached to the introduction of a national system should be sufficient to outweigh the disadvantages of inserting an extra tier into the process.

So, what are the problems that the new system is intended to solve? Historically, although the UK has had numbers of (relatively mildly) rotten boroughs, the incidence of fraud has been fairly low, and the checks and balances of the old-style system of paper ballots were sufficient to keep it low. The Government's massive extension of the postal ballot system in recent years however effectively short-circuited many of these checks and produced opportunities for industrial-scale ballot-rigging. This has proved difficult for EROs and the police to control, and abuses of the system in recent elections have forced the Government to put the brakes on plans for electronic voting, whether by Internet, cable TV or text message.

A centralised system with access to all electoral registers has the advantage of being able to identify people voting in more than one area, but this is a fairly unusual occurrence, to the extent that it's surely barely worth bothering about. It is not however by any means obvious how the proposed system would deal with the kinds of abuses of the postal ballot system we've recently witnessed. Large numbers of postal ballot papers in the names of genuine voters can be, and have been, diverted into the hands of crooked campaigners, while the opportunities to blur the boundaries between sharp practice and full-on ballot-rigging have increased massively. It is fraud to extract large numbers of blanks from the postman and fill them in yourself, but it is not (exactly, perhaps) fraud to 'help' people fill in their form, collect them all together and take them down to the count in a big pile. The several hundred ballot papers in the same handwriting ought to be spotted at the count (so CORE keeper not needed here), but neither EROs nor the proposed CORE keeper system have any simple and obvious ways to spot where 'helping' and/or block voting becomes fraud.

The problems produced by large-scale postal balloting are in many cases similar to those which would be produced by electronic voting, but it's pretty clear that the latter will tend to magnify them, in the sense that you don't need to disguise your handwriting in order to forge an electronic ballot. So we certainly have a verification problem to overcome if we're to introduce electronic voting; better verification might also, in principle, do something to stop the rot setting in via postal voting, and might be some help in old style conventional balloting, should we decide not to abolish it entirely (I say 'might' because the old system, although wackily using verification systems without a requirement to present ID, pretty much worked anyway).

The plans for a single national CORE keeper would effectively institute an embryonic national voter verification system, and therefore it's no great surprise that verification figures in the "Future possibilities" section of the consultation paper. Nor, indeed, that the approach taken to databases seems awfully familiar: "Accurate and effective data-matching across different datasets requires some form of personal identifier [quelle surprise...) held in common. An immediate obstacle is that no such common personal identifier currently exists within electoral registers, other than the name itself. This is of very little use unless combined with other - more unique - personal identifiers."

So... "With a CORE consolidated dataset, it should be possible to check elector records against a dataset requiring much higher levels of verification. The other dataset might also make notification of changes to personal details or addresses a requirement [heard this one before?] and discrepancies could be referred back to an ERO for investigation." So, if you have (for example) a national ID card register that requires people to notify changes in personal details and address, when you find discrepancies you can always get the local Electoral Registration Officer to do the legwork of chasing them up for you. Brilliant. "Verification services were considered in detail in the ID card register proposals. The anticipated high level of security checking and intended requirements for citizens to notify changes may make the ID card register dataset a particularly useful comparator." And as collateral damage, those of us refusing ID cards may also find ourselves being unable to vote...

UK electoral registers consist of name and address, while presence on the register indicates eligibility to vote and (at least in theory) a desire to be registered to do so. The anticipated National ID Register will include name and address, eligibility to vote (i.e. age, nationality), so the only thing the electoral register has that the NIR hasn't got is that the electoral register is 'opt-in', and if you don't want anything to do with it, then you needn't have to. One could therefore ask if the preservation of this small freedom justifies the continuing existence of lists that, come the NIR, will be otherwise redundant. Strangely enough, the Government appears not to think much of this freedom anyway ("There may indeed be an argument for a local ERO to automatically register the individual", it says here), and some Ministers have also argued for the abolition of the related refusenikism of declining to vote, by making it compulsory.

Along with the ID card tie-in we have the usual collection of 'advantages' of linking Government databases: "One simple way in which links with other databases would bring value for the electoral register is the familiar concept of the 'one stop shop' for the citizen [ever wonder how many of these shops and stops the Government proposes to build?]. When the citizen updated their personal or address details with another public sector database (e.g. the Inland Revenue or the Benefits Agency), that change of relevant elector status could be automatically notified to CORE for onward transmission to the relevant ERO." Also proposed are links to the national register of births, deaths and marriages (and, should the project every fly, through life records) while gaps in the electoral register (e.g. areas, geographical, demographic or both, where large numbers are not registered) can be identified by "linking CORE to other datasets at a national level."

Here, the consultation document points to "a new duty on EROs to maintain their registers with the aim of getting onto the register as many eligible voters as possible". this to be introduced via the Electoral Administration Bill. This, you will note, changes the role of ERO from administrator of the electoral system to one of salesperson for voting.

So shall we just summarise all that? We started with an 'old fashioned' electoral system that worked, but noting with some anxiety that people seemed less and less inclined to vote,* we started to make it less trouble for them to do so. We haven't been able to make it as easy as 'press red button on remote' yet, but we'll get there. Unfortunately, the hardships associated with old fashioned voting turn out (as the wonks running policy would have known if they'd ever done any actual work in a real-life election campaign) to have had a series of helpful safeguards against abuse built in. In addition to now having a pressing need to deal with the problems we've just created, we also need to figure out how to verify cable TV voting, and text messages that go 'press reply to vote New Labour'. The less trouble we make it to vote though, the more pressing the issue of verification becomes, so we conclude that we can't leave this in the hands of local authorities - we decide we have to handle it centrally, and use data matching with multiple other national databases as part of the verification process.

If we were actually thinking this through clearly (of course we're not), it might occur to us that, if the National Identity Register is intended to be the 'gold standard' of identification, then what we should really be doing (and will end up doing anyway) is using other databases (including the electoral registers) to maintain the accuracy of the gold standard, rather than vice versa. That, in any event, is where following the logic of the Government's approach to databases should take us - note, before you write in, that this does not necessarily make it the sensible approach. In the particular case of the electoral registers, decentralised systems which to a reasonable extent did the simple job required of them are to be replaced by a centralised system which initially will at best have the same level of accuracy (because the NIR does not yet exist, and will not be complete for many years), but which promises all sorts of benefits as the spin off of data matching, and comes complete with the security disadvantages ('challenges', in Government-speak) of a centralised system. Might it not be better to modernise the existing decentralised systems? But we presume that's what the Government is going to insist, in the face of the evidence, that it's doing anyway.

Naturally, the new centralised system will come with the potential security hole that's becoming pretty much standard issue for giant citizen databases. "Subject to appropriate security being in place, the Information Commissioner's Office has been supportive of the proposal for an individual to access the information held about them online for the purpose of checking and either confirming accuracy or requesting changes." Allowing them to do so live is also apparently under consideration, but surely will not happen. It's also envisaged that "data users" will be able to purchase registration data from CORE, and "we welcome views on what proportion of the income from such sales should go back to EROs who provided the information." That is, instead of local authorities irritating you by selling the electoral register data to private companies, central Government will be doing it instead, charging more because the national data is so much more comprehensive. Remind us - who's supposed to be benefiting from this wonderful new system? ®

* N.B., we never consider that more people might vote if we made ourselves worth voting for; we find it far less scary to keep lowering the barriers, and call the resultant increased participation 'commitment to the democratic process.'

Secure remote control for conventional and virtual desktops

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
'Internet Freedom Panel' to keep web overlord ICANN out of Russian hands – new proposal
Come back with our internet! cries Republican drawing up bill
What a Mesa: Apple vows to re-use titsup GT sapphire glass plant
Commits to American manufacturing ... of secret tech
prev story


Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.