Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Joint Standing Committee on Electoral Matters
18/11/2016
Conduct of the 2016 federal election and matters related thereto

SINCLAIR, Mr Cameron, Chief Marketing Officer and co-founder, veri.vote

[11:29]

CHAIR: I now welcome Mr Cameron Sinclair from veri.vote to give evidence here today. Although the committee does not require you to give evidence under oath, I should advise you that this hearing is a legal proceeding of the parliament and therefore has the same standing as proceedings of the respective houses. The giving of false or misleading evidence is a serious matter and may be regarded as a contempt of parliament. The evidence given today will be recorded by Hansard and attracts parliamentary privilege. I now invite you to make an opening statement, and we will then proceed to questions and discussion.

Mr Sinclair : For the past 12 months, veri.vote has been working on building an e-voting platform using blockchain technology. The real catalyst for this was probably personal experiences during the 2014 Senate recount, where we saw some ballots lost during the 2013 federal election and the necessity for a recount, as you are no doubt aware, Chair.

CHAIR: I well remember.

Mr Sinclair : The reason we set out to do this was really to help inject some transparency into the voting process for the average voter. It is a system which is designed to help increase that public voter confidence in the electoral process. For a lot of people, we think that the voting process is a bit of a black box. Once they put their vote into the ballot box, they are not really sure what happens to it from there and, apart from party scrutineers or the counters themselves, there is no real ability for people to publicly scrutinise the count. That is probably one of the factors we think contributes to that lack of confidence in our electoral system. The reason that we are using blockchain technology is that it actually address a lot of the concerns—

CHAIR: Before you get to that, for the benefit of the committee and perhaps for those who are listening in to the broadcast, could you just explain for us exactly what blockchain technology is? That will give us a little bit more context.

Mr Sinclair : Yes, of course. We are in our tech bubble; we forget that these jargon terms are not widely known. Blockchain is an electronic ledger system, so it is like a public database, essentially. Rather than just data, it allows you to transfer assets on a one-to-one basis. If, for example, I was going to send you an email attachment, like a photo, I would not be sending you that actual photo; I would be sending you a copy of that photo, and I would still have the original. What blockchain allows us to do is, if I am transferring that photo—or whatever file it is—to you, I would no longer have access to that: you would be the only one in possession of that photo. So that is why the main use of blockchain technology at the moment is actually currency—what is called cryptocurrency—and bitcoin is the predominant version of that at the moment, and that has hundreds of billions of dollars being transferred across that. So it is a proven digital technology which allows people to transfer assets as they would data, but it allows ownership, and for that process to be a trusted type of process.

CHAIR: How is that applicable then to voting? If you are talking about the transfer of assets, how would that be of benefit, or more secure, in terms of the voting process?

Mr Sinclair : Yes. So a person's privilege to vote is kind of like that—we do not want a single voter being able to cast multiple votes. This allows each voter on the roll to be assigned their own unique ID, and that ID is only able to vote once. It cannot cast multiple votes. The real challenge with current technology—without using blockchain—to run elections is that it depends on all of the votes being cast into a single central database. Each vote is recorded into a single central database which is then protected by different security methods, like firewalls and things like that. But the challenge there is that, if someone is able to jump into that single central database, it is just as easy for them to change one vote as it is for them to change all of the votes. So it is a massive risk. The way the blockchain deals with that is that it is actually a decentralised database, which is out in the ether, and the way that it runs itself is out on millions and millions of different computers in an encrypted format. So if someone was to try to change that ledger of votes, they would need to change millions and millions of different instances of that ledger, rather than just hacking into a single server and doing it once. That part of the process is what enables what is called trustless transfer of these things, which means that you do not need to trust a middleman to run that central server, but that trust is decentralised out to millions of people, so it is a much more transparent and open system.

CHAIR: Thank you. I really found that helpful, just to get that context. Sorry, keep going with your statement.

Mr Sinclair : I can give you maybe a layman's sort of explanation of how blockchain works. It is almost like a rug that is always being woven. Constantly, new threads are being woven onto the end of the rug. Each strand of that rug is a piece of information. So, if you wanted to change one of those strands, you would actually have to unweave the entire rug to get back to the strand that you wanted to change and then weave it back up again, all on millions of different computers around the world and all in the spotlight of the largest computing power in the world. I am not saying it is impossible, but it is probably one of the most difficult things that you could ever do.

CHAIR: Thank you.

Mr Sinclair : So this indelible record and append-only ledger also enable the list of all the votes that have been cast to be scrutinised by anybody. It separates a voter's identity from their voting action, and then it will create a list of every single vote that has been cast in a particular election and allow people to make their own tally, essentially.

CHAIR: So it open-sources the results?

Mr Sinclair : That is right.

CHAIR: It open-sources the results, but then how do you guarantee anonymity, which is obviously one of the core principles?

Mr Sinclair : Absolutely, yes. There is a process in cryptography called zero-knowledge proof. Although my technical guys are not here, I can try and explain it. Basically what it allows you to do—

Mr MORTON: It's probably a good thing!

CHAIR: Probably a good thing, yes!

Mr Sinclair : Essentially, what it allows you to do is prove that you are allowed to participate in that election—or you are a proven voter—without actually giving up the information of your identity. So it separates that voting action from the identity verification, and it keeps those two pieces of information separate. So, even if you wanted to, you could not unweave the fact of someone's identity, but they can only cast a vote by proving the fact that they are allowed to vote.

CHAIR: Thank you. Sorry, keep going.

Mr Sinclair : That is fine. I am getting to the end of the statement, I think. Really what we are trying to achieve here is explaining the case that, if electronic voting is to be something which is considered in the future by the Electoral Commission, we think that blockchain technology is going to be an important part of that. It is not a silver bullet for all of the security concerns, but, particularly around the actual casting and counting of the voting process, we think it is extremely useful.

We think that the challenges probably lie in the integrity of the roll and the ability of people to cast their votes using their own device. It is a big challenge to ensure that every single voter's device is completely secure and all of that sort of thing. So that is probably the big challenge for us, but we think that the opportunity here for blockchain is in that casting and counting of votes.

CHAIR: I understand from other briefings by cybercrime and cybersecurity experts that the vulnerability is not always in the cryptology, but it is the end user or the people who engage with the system, their lack of security and their own personal vulnerabilities that represent the biggest risk in some areas.

Mr Sinclair : Agreed.

Mr GILES: Thank you, Mr Sinclair, for your evidence today. You mentioned in your opening submission that the genesis of this was your experience of the 2014 Senate re-election. Were you involved as a scrutineer?

Mr Sinclair : I was. It was a surprise to see the scale of the logistics operation that went into just a state-wide vote, and the fact that it took three weeks to give a result was quite a surprise in a First World democracy, where you would think you would have that sort of result a lot faster.

Mr GILES: We have heard a bit of evidence already about electronic voting and we will get some more over the course of this inquiry. But from my perspective, I am quite persuaded by the last joint standing committee's thoughts on this matter, and also on those of Antony Green and some of the other experts who certainly looked at a rather more limited approach to electronic voting in a general election or Commonwealth election process than appears to be the scope of your aspirations. Have you had an opportunity to consider those submissions that we have heard, particularly Antony Green's, or to comment on the use of electronic voting in the Australian Capital Territory in their territory elections?

CHAIR: Evolution.

Mr Sinclair : Yes. There are a lot of people used to doing their civic duty and turning up on Saturday morning and casting their vote in person, and I do not think that is going to change for very long time. But I think the real opportunity is probably in the postal voting process, particularly with the cost of post becoming increasingly expensive and the reliability of the postal service becoming less so.

Mr GILES: The thing that strikes me in our conversation is that it was not immediately clear to me—it has been very interesting to hear your submission—but the problem that your process is trying to solve from our perspective was not clear but, perhaps, looking at some of the particular chunks of the electoral process might be where the opportunity lies. Perhaps that is an observation rather than a question.

Mr Sinclair : Sure, no problem.

Mr MORTON: Can you advise us a little bit more about veri.vote as a start-up? How did it start? What are the intentions of veri.vote? You are seeking to provide secure electronic voting systems using log chain. Are you seeking to provide these services just to an electoral commission? Obviously, I am assuming you have no customers as you are a start-up, but where are you headed? What would give us confidence in recommending that we look at the services that you might be to provide in the future?

Mr Sinclair : So veri.vote started as a Startup Weekend contestant, which is a weekend-long hackathon which happens around Perth. It just came up as an idea, that this is problem that we have observed and we looked for some solutions. We ended up winning that competition amongst 20 other start-ups for the weekend, and from there we were invited to pitch to the US ambassador to Australia. He runs start-up competition once-a-year as well, and we won that and received a small grant from him. So we thought this is potentially something that we should pursue, and he gave us a little bit of money to work on that.

A bit of background on the team: two of the team members are UWA computer science and physics graduates. I think one of them has a background in quantum computing, and both of them have deep backgrounds in cryptography, and then there is another guy who is a PhD candidate in mathematics. So there is a strong technical background there. At the beginning of this year, we continued working on the product. We discovered that probably the easiest application for the technology that we are building at this stage is just in yes/no type votes. So we found that EBA ballots, where employees vote on enterprise bargaining agreements, was probably a good application of the technology as an early start. It is something where there are two parties, employers and unions, who do not quite trust each other so there needs to be some sort of trusted middleman who can conduct those elections. So we have been working on that as an early application of the product. Universities have been very interested as well. They have tens of thousands of students and very low turnouts in their elections. It is an expensive process for them—nearly $100,000 to run an election. So we have great interest from those two channels.

Mr DICK: What was the second channel?

Mr Sinclair : University guild elections. Obviously, earning trust with those sorts of lower stakes type elections would be a good way to start and prove that the technology is applicable and people like using it. We see the next logical step to be local councils where, again, turnout is an issue and the majority of them are conducted by post.

CHAIR: Would this be fully online and people could download an app?

Mr Sinclair : That is right. It would be an app or it could be run on kiosks in a voting booth—for example, on an iPad owned by the Electoral Commission. Our votes could be cast that way as well.

Mr MORTON: This goes to some of the discussions we have heard previously. If it is in a kiosk, the data could then be held and not transmitted from that booth until such time as it is plugged into an accounting system or something. It is that possible? Is that how you deal with issues of connectivity and transfer? Witnesses earlier in the week in Melbourne mentioned that one of the great issues is the transmission of data and the problems that people face at their own computers.

Mr Sinclair : The challenge with blockchain is that a new block is added to it every 10 minutes, so it is a live, ongoing ledger. That could be a challenge if there were only a single point at which the data were added to the ledger. It could be technically possible, but I would have to take that on notice.

Mr DICK: I think this is really interesting evidence for the committee. Essentially, if we were to move towards electronic voting, this is an option for the AEC to consider and they would have to purchase your intellectual property or you would sell software to the AEC? I am trying to work out how you fit into the picture.

Mr Sinclair : It would probably be a process that they would license.

Mr DICK: So how do you make money out of it? That is what I am trying to get at.

Mr Sinclair : It would probably be a process whereby they purchase a licence on a per-election basis. Software as a service is probably the most likely channel. They would probably pay per volume of vote. It does cost a small amount to process a single vote, so it would probably be on volume of vote.

Mr DICK: And that would be the same if the department of local government wanted to use you for the WA council elections in 2017 or another entity.

Mr Sinclair : That is right.

Mr DICK: I know that you, as a former president of the Union of Liberal Students in WA, would have a knowledge of student union elections. That is a big impost to small funded guilds or unions who do not have a lot of money to run expensive ballots. Particularly young people are tech savvy. I am interested in it as an app. You would download that app. You would then log in or register. I am wondering about the security of the voter ID. Could you give me a bit of information on that?

Mr Sinclair : Sure. The security of the voter ID would largely be up to the organisation conducting the election. It is their responsibility to maintain their own roll. The likelihood is that we would use what is called two-factor authentication. That might mean there is an email and a mobile phone number and maybe some other form of ID which allows you to verify that the voter is in fact who they say they are and they are allowed to vote. You might receive an email with a specific code.

Mr DICK: Like the myGov website, where you get a text message and then log in.

Mr Sinclair : Exactly—where you get a text message.

Mr DICK: Similar to that.

Mr Sinclair : Yes. You most definitely need that security.

Mr DICK: The cost—a ballpark figure? I do not know whether you have done any modelling on this at council level or guild level or state or federal level?

Mr Sinclair : The modelling that we have done is that we should be around 10 times cheaper than a traditional paper vote for the actual counting process because we are taking out the paper printing and the human counting factor—that side of the process. It is significantly, in the order of magnitude, cheaper. So maybe it is a dollar or two a vote as opposed to, potentially, $10 a vote, as it is at the moment.

Mr DICK: Yes. I mentioned the practical side of filling in a Senate ballot paper online. We have had people talk about the size of a ballot paper. We have never had electronic voting on a mobile phone but that would be something down the track. That would be something we would have to take into consideration.

Mr Sinclair : Sure. In New South Wales the iVote system has addressed that legislative council ballot paper, which is quite a significant piece.

Mr DICK: Yes, and I imagine there would be options for non-English-speaking backgrounds and translations and all that sort of stuff.

Mr Sinclair : Yes, that is the beauty of it; it can be instantly translated.

CHAIR: Are there any other questions? As there are none, thank you very much for appearing here today, Mr Sinclair. It is certainly an issue of great interest to the committee and is one that we will be pursuing, over the course of the life of this parliament, in terms of how we proceed with electronic dating, online voting and all the issues in between. We did not ask you to provide any additional information, did we?

Mr Sinclair : No.

CHAIR: In that case, you will be sent a copy of the transcript of your evidence and you will have the opportunity to request corrections to transcription errors. Thank you very much.

Mr Sinclair : Thank you very much for the committee's time.