CAN/DGSI 111-1:2024

Scope This standard specifies (1) technical design requirements for online voting services and (2) best practices for election administrators who are implementing online voting in Canadian municipal elections. These are separated into two sections in the standard. While there are types of telephone voting that use an internet connection, any type or form of telephone voting would be subject to a different standard given unique difference in design and implementation. Considerations are given to: 1. Thresholds to measure the security of online voting services, including the security and privacy of voting data both in transit and in storage across the devices and entities involved in the election (including voters, online voting providers, independent 3rd parties, scrutineers, election administrators and staff). 2. Documentation and processes for voter identity and authentication. 3. Documentation and processes for formal verification requirements, including evidence of correctness (e.g., independently verifiable evidence supporting the outcome of the election). 4. Minimum requirements for personnel (e.g., staffing) and the provisioning of network and computational resources and capacity. 5. Logic and accuracy testing, discovery, documentation and processes of the testing and auditability of systems, including clear parameters regarding when they shall be audited and by whom, and how much detail of the system should be made public. 6. Documentation and processes regarding access to the online voting service, voter information/data and election information. This includes parameters that define who has administrator/privileged access to different parts of the system (e.g., election administrators, election officials, and the online voting provider) and control over making system changes as well as defining the role of the online voting provider and their level of access to voter information/data and vote information. 7. Protocols and processes to protect the secrecy of the vote to ensure that no one (including system operators and election officials) can trace vote choices back to identifiable individual voters, defining who has privileged access to what information and what technical privacy guarantees are required. 8. Documentation and processes surrounding ballot design, including measures for ensuring that ballots display consistently across operating systems, devices, browsers, and the ballot displays all required options, including all qualified candidate names and options (e.g., spoiling, declining, none of the above) as required by law. 9. Documentation, protocols, and processes for observing and auditing the electoral process implemented through the online voting service. 10. Clear and defined documentation of accessibility requirements to ensure that all voters can successfully cast a ballot on the online voting service. 11. Establishing procedures to clarify the role of candidates and scrutineers, including when and how the online voting service is demonstrated to them and their role in the tabulation and verification of results. As part of the online voting service, the practice of scrutineering shall have meaning and soundness. 12. Technical design and documentation requirements so that online voting providers are transparent and clear about their product design and whether their product conforms to the relevant and applicable provisions within this Standard. Online voting providers should disclose their compliance or identify areas of non-compliance when bidding on contracts to provide online voting services for municipal elections.