Madam Chair, ladies and gentlemen members of the committee, thank you for inviting me to appear before you.
My name is Guy-Vincent Jourdan. I am a professor of computer science at the University of Ottawa's Faculty of Engineering. My research topics include software security and cybersecurity. Over the past few years, I have worked specifically on cybercrime and cybersecurity, in collaboration with IBM.
Is there a reasonably secure way to implement a hybrid Parliament in Canada, including a remote electronic voting system based on the report produced in May here titled “Virtual Sittings of the House of Commons”? I think so, as long as we are given the means to do so.
Of course, it is difficult to be very specific without an in-depth preliminary study whose conclusions would not fit into seven minutes anyway, but here are a few important points, in my opinion.
Concerning parliamentary discussions and debates, a number of key elements facilitate the process. First, our Parliament has an existing and effective security structure, recognized as such, and competent staff we can count on. Secure communications among members, secure infrastructure, control of devices used remotely and the software installed on those devices have all existed for a long time.
In addition, the situation we are facing is global and the needs are similar everywhere else. For example, I know that Brazil, Spain, the United Kingdom, Wales and the European Parliament have all set up forms of virtual Parliament, some with a remote electronic vote. So it is feasible, and we can, therefore, also benefit from the feedback and lessons learned around the world.
The idea of virtual sittings and remote votes may be relatively new for many parliaments and governments, but we shouldn't forget that those systems have been used for a long time in the private sector to handle daily business, organize confidential meetings and boards of directors or to vote at shareholder meetings.
Video conference software, in particular, has been the subject of security analyses for a long time. For instance, the NSA recently published and has been updating a document containing the important points on selecting and using that software, such as end-to-end encryption, multifactor authentication or the use of certified and controlled devices.
In that report, a number of solutions are positively assessed, such as the solutions provided by Microsoft or Cisco, or the Zoom software, which we are using now.
However, there is more to the issue than choosing a video conferencing software. Parliament certainly needs to be able to debate, but it also needs to be able to call for a vote, vote and have confidence in the result of the vote. It must be possible to respect the rules and adapt them as needed.
The Internet vote is an issue in itself. I think that we can generally say that the IT security community is not favourable to it, as the challenges are too great, the risks too high and the benefits dubious. That said, once again, we have to look at what we are talking about. The parliamentary vote is not the same thing as the Internet vote in general.
One of the fundamental differences, first and foremost, is that it is a public ballot, which, of course, considerably facilitates the problem resolution. The result can be widely disseminated, and everyone can know how the votes were counted.
Moreover, the electorate is very small, and every member is known. The devices used for the vote are controlled and managed by the parliamentary technical staff. Members can also be provided with tailored training and support. Finally, the benefit of such a vote seems clear, at least right now.
We can imagine that the system will be a combination of an accredited video conferencing system, a secure communication system and a voting system, possibly integrated into one of the two systems, but not necessarily.
During normal proceedings, the member will be asked to vote through a secure communications system. During the vote, a biometric authentication will take place, and a number of receipt orders will be published immediately. Procedures will have to be implemented to manage abnormal situations, such as connectivity losses and handling errors.
To maximize the likelihood of success, it must first be ensured that the devices used are managed and controlled by the technical team, as well as verified, certified, updated, secured, and so on. As far as I understand, that is already the case.
Next, it must be ensured that the software used comes from a certified supply chain, that it has been verified by independent teams and continues to be verified regularly, that it has adequate certifications—such as FIPS-140—and that it is kept up to date. Once again, my understanding is that this is also currently the case.
The system will need to be integrated into the existing parliamentary infrastructure: multifactor authentication mechanisms, a virtual private network, cloud architecture, and so on.
What is more, registries will have to be produced and maintained in a secure manner at every possible level to be able to respond to and remedy any real or perceived issues. Clear and effective procedures will have to be implemented to define the steps to follow in case of problems and to ensure that the sitting can continue.
Finally, the proposed solution will have to be reviewed and critiqued regularly by independent specialists from the private and academic sectors. Ideally, the solution will be made public.
None of this seems out of reach to me.
Thank you.