Cybersecurity for Elections

A Commonwealth Guide on Best Practice

Since the 1990s, Internet-connected devices have become an integral part of day-to-day life for many in the Commonwealth, including for election-related activities. However, during each phase of contemporary elections, the direct and indirect use of computers and other technology introduces a range of risks to electoral integrity.

This guide explains how cybersecurity issues can compromise traditional aspects of elections, such as verifying voters, counting and casting votes, and announcing results. It also explores how cybersecurity interacts with the broader electoral environment, including data management by candidates and parties, online campaigns, social media, false or divisive information, and e-voting. Unless carefully managed, all of these cybersecurity issues can present a critical threat to public confidence in election outcomes–a cornerstone of democracy.

To help Electoral Management Bodies (EMBs) manage cybersecurity risks, this guide describes principles for electoral cybersecurity as well as specific organisational recommendations that can be adapted as required. It additionally signposts an array of more detailed materials that can help with specific technical, social, or regulatory challenges.

English