Tēnā koe,

Thank you for your Official Information Act request.

We will endeavour to respond to your request as soon as possible and, in any event, no later than 20 working days after the day that your request was received. If we are unable to respond to your request by then, we will notify you of an extension of that timeframe.

If you have any queries, please feel free to contact [GCSB request email].

Ngā mihi,
GCSB

-----Original Message-----
From: William Foster <[FOI #29245 email]>
Sent: Tuesday, 19 November 2024 10:15 AM
To: Information (GCSB) <[GCSB request email]>
Subject: Official Information request - Security risk for online voting

[You don't often get email from [FOI #29245 email]. Learn why this is important at https://aka.ms/LearnAboutSenderIdentific... ]

Dear Government Communications Security Bureau,

In 2019, during the Government discussions on proposals to introduce online voting for local and national elections in NZ, you advised that risks of hacking were high and that the Government should not proceed with the option. e.g. https://www.newshub.co.nz/home/politics/...

Online voting systems have improved security substantially since then and have been reliably used in Estonia and Switzerland. The Swiss Open Source system in particular appears sufficiently robust. https://evoting-community.post.ch/en/abo...

With the decline of letter post, online voting options will need to be reviewed again at least for 2028/2029 local and national elections.

Please provide any advice you have given since 2019 to the public or local or national agencies on the security implications or risks of online voting.

Do you have any current assessment of those security risks and, if so, can you provide it to assist current discussions?

This query relates only to the integrity and security of systems to provide online voting capability. It does request documents or assessments related to the obvious, growing, and likely more extensive risks of election outcome influencing through distribution of misinformation, disinformation and propaganda, or bribery or political funding.

Yours faithfully,

William Foster

-------------------------------------------------------------------

This is an Official Information request made via the FYI website.

Please use this email address for all replies to this request:
[FOI #29245 email]

Is [GCSB request email] the wrong address for Official Information requests to Government Communications Security Bureau? If so, please contact us using this form:
https://fyi.org.nz/change_request/new?bo...

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

This electronic message, together with any attachments, contains information that is provided in confidence and may be subject to legal privilege.
Any classification markings must be adhered to. If you are not the intended recipient, you must not peruse, disclose, disseminate, copy or use the message in
any way. If you have received this message in error, please notify us immediately by return email and then destroy the original message.
The New Zealand Intelligence Community (NZIC) and the departments comprising the NZIC accepts no responsibility for changes to this e-mail, or to any attachments, after its transmission
from NZIC. This communication may be accessed or retained for information assurance purposes. Thank you.

hide quoted sections

Tēnā koe,

Thank you for your Official Information Act request.

We will endeavour to respond to your request as soon as possible and, in any event, no later than 20 working days after the day that your request was received. If we are unable to respond to your request by then, we will notify you of an extension of that timeframe.

If you have any queries, please feel free to contact [GCSB request email].

Ngā mihi,
GCSB

-----Original Message-----
From: William Foster <[FOI #29245 email]>
Sent: Tuesday, 19 November 2024 10:15 AM
To: Information (GCSB) <[GCSB request email]>
Subject: Official Information request - Security risk for online voting

[You don't often get email from [FOI #29245 email]. Learn why this is important at https://aka.ms/LearnAboutSenderIdentific... ]

Dear Government Communications Security Bureau,

In 2019, during the Government discussions on proposals to introduce online voting for local and national elections in NZ, you advised that risks of hacking were high and that the Government should not proceed with the option. e.g. https://www.newshub.co.nz/home/politics/...

Online voting systems have improved security substantially since then and have been reliably used in Estonia and Switzerland. The Swiss Open Source system in particular appears sufficiently robust. https://evoting-community.post.ch/en/abo...

With the decline of letter post, online voting options will need to be reviewed again at least for 2028/2029 local and national elections.

Please provide any advice you have given since 2019 to the public or local or national agencies on the security implications or risks of online voting.

Do you have any current assessment of those security risks and, if so, can you provide it to assist current discussions?

This query relates only to the integrity and security of systems to provide online voting capability. It does request documents or assessments related to the obvious, growing, and likely more extensive risks of election outcome influencing through distribution of misinformation, disinformation and propaganda, or bribery or political funding.

Yours faithfully,

William Foster

-------------------------------------------------------------------

This is an Official Information request made via the FYI website.

Please use this email address for all replies to this request:
[FOI #29245 email]

Is [GCSB request email] the wrong address for Official Information requests to Government Communications Security Bureau? If so, please contact us using this form:
https://fyi.org.nz/change_request/new?bo...

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

This electronic message, together with any attachments, contains information that is provided in confidence and may be subject to legal privilege.
Any classification markings must be adhered to. If you are not the intended recipient, you must not peruse, disclose, disseminate, copy or use the message in
any way. If you have received this message in error, please notify us immediately by return email and then destroy the original message.
The New Zealand Intelligence Community (NZIC) and the departments comprising the NZIC accepts no responsibility for changes to this e-mail, or to any attachments, after its transmission
from NZIC. This communication may be accessed or retained for information assurance purposes. Thank you.

hide quoted sections

Hi William

 

Can you please advise if the second sentence of the below paragraph is
meant to say: "It does not request documents or assessments…”?

 

This query relates only to the integrity and security of systems to
provide online voting capability. It does request documents or assessments
related to the obvious, growing, and likely more extensive risks of
election outcome influencing through distribution of misinformation,
disinformation and propaganda, or bribery or political funding.

 

Thanks

GCSB

 

-----Original Message-----
From: William Foster <[FOI #29245 email]>
Sent: Tuesday, 19 November 2024 10:15 AM
To: Information (GCSB) <[GCSB request email]>
Subject: Official Information request - Security risk for online voting

 

[You don't often get email from
[1][FOI #29245 email]. Learn why this is
important at [2]https://aka.ms/LearnAboutSenderIdentific... ]

 

Dear Government Communications Security Bureau,

 

In 2019, during the Government discussions on proposals to introduce
online voting for local and national elections in NZ, you advised that
risks of hacking were high and that the Government should not proceed with
the option. e.g.
[3]https://aus01.safelinks.protection.outlo...

 

Online voting systems have improved security substantially since then and
have been reliably used in Estonia and Switzerland. The Swiss Open Source
system in particular appears sufficiently robust.
[4]https://aus01.safelinks.protection.outlo...

 

With the decline of letter post, online voting options will need to be
reviewed again at least for 2028/2029 local and national elections.

 

Please provide any advice you have given since 2019 to the public or local
or national agencies on the security implications or risks of online
voting.

 

Do you have any current assessment of those security risks and, if so, can
you provide it to assist current discussions?

 

This query relates only to the integrity and security of systems to
provide online voting capability. It does request documents or assessments
related to the obvious, growing, and likely more extensive risks of
election outcome influencing through distribution of misinformation,
disinformation and propaganda, or bribery or political funding.

 

Yours faithfully,

 

William Foster

 

-------------------------------------------------------------------

 

This is an Official Information request made via the FYI website.

 

Please use this email address for all replies to this request:

[5][FOI #29245 email]

 

Is [6][GCSB request email] the wrong address for Official Information
requests to Government Communications Security Bureau? If so, please
contact us using this form:

[7]https://aus01.safelinks.protection.outlo...

 

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:

[8]https://aus01.safelinks.protection.outlo...

 

If you find this service useful as an Official Information officer, please
ask your web manager to link to us from your organisation's OIA or LGOIMA
page.

 

 

-------------------------------------------------------------------

 

--------------------------------------------------------------------------

This electronic message, together with any attachments, contains
information that is provided in confidence and may be subject to legal
privilege. Any classification markings must be adhered to. If you are not
the intended recipient, you must not peruse, disclose, disseminate, copy
or use the message in any way. If you have received this message in error,
please notify us immediately by return email and then destroy the original
message.  The New Zealand Intelligence Community (NZIC) and the
departments comprising the NZIC accepts no responsibility for changes to
this e-mail, or to any attachments, after its transmission from NZIC. This
communication may be accessed or retained for information assurance
purposes. Thank you.

--------------------------------------------------------------------------

References

Visible links
1. mailto:[FOI #29245 email]
2. https://aka.ms/LearnAboutSenderIdentific...
3. https://www.newshub.co.nz/home/politics/...
4. https://evoting-community.post.ch/en/abo...
5. mailto:[FOI #29245 email]
6. mailto:[GCSB request email]
7. https://fyi.org.nz/change_request/new?bo...
8. https://fyi.org.nz/help/officers

hide quoted sections