in

AEC confident in its security posture with external audits not welcome


Image: AEC

The Australian Electoral Commissioner Tom Rogers has dismissed the proposal to allow a non-government researcher to conduct a security audit on its systems.

The prospect of security researcher Vanessa Teague, who has experience in finding holes in electoral systems, was raised by One Nation Senator Malcolm Roberts during Senate Estimates on Tuesday night. Rogers said “frankly” that Teague would not be welcome to perform an audit on the AEC systems.

“We work with a range of partners, including the Australian Signals Directorate, the Australian Cyber Security Centre, we’ve had our internal code audited and checked,” he said.

“And not being rude, I’m sure that Dr. Teague is a wonderful person, but we’ve had sufficient checks in place to assure ourselves that that system is running smoothly.”

Roberts subsequently pushed for the commissioner to give a “resounding guarantee of the cyber integrity” of the system, to which Rogers refused.

See also: Tech-augmented democracy is about to get harder in this half-baked world

“No one would sit in this chair and give an unequivocal guarantee about that issue,” he said. “I would be cheapening the guarantee by giving it.”

Rogers repeated that the AEC and government cyber agencies were satisfied with the systems’ security and that they followed the prescribed Commonwealth guidelines, but since cybersecurity involves unknown factors, a guarantee could not be made.

“But I am very, very, very confident that we’ve got an incredibly robust system in place that’s worked well and continues to work and we continue to assess it, we continue to work with our partner agencies, we comply with all Commonwealth guidelines, cybersecurity guidelines, and I think it’s a fantastically secure system,” he said.

“I don’t think anyone would give an unequivocal guarantee about anything, there are factors that I’m not aware of.”

The AEC chief also told Estimates that it would be rolling out more electronic certified lists as a way to mark off voters at polling stations, and would push the “vanishingly small” number of people voting multiple times even lower. During the 2019 Australian election, Rogers put the number of apparent multiple voters in the entire country at around 2,000 people, or 0.01% of the voting population.

Related Coverage


Source: Information Technologies - zdnet.com

Nearly 12-months old COVIDSafe legislation cited as cause of Privacy Act review delays

Firefox 87 launch packed with private browsing 'SmartBlock'