Online elections offer a number of advantages. They can be designed to be more accessible and in some cases they can save resources compared to traditional elections, where votes are cast on paper in a polling booth or postal votes are sent by mail.

Nowadays, organizers of non-political votings or elections can offer the option that voters cast their votes using a smartphone, notebook or computer and send it via the internet or - in companies, for example - via the intranet.

Some votings and elections in the private and public sector are already being held online, such as the 2023 online social election, elections for equal opportunities officers or university committees.

At the same time, the use of online voting products poses new challenges in terms of the security and transparency of the election. This raises a number of questions for those responsible for elections: Which product is suitable for a specific use? How can the product be integrated into the technical setting of the election? What needs to be considered in addition to selecting a suitable product?

BSI projects on online elections

In order to address these questions and challenges and to enable election organizers to carry out online elections while taking essential aspects of IT security into consideration, the BSI is working on the following projects to provide assistance and IT security guidelines for online elections:

Studies on online elections

As an underlying basis for technical guidelines and the protection profile for voting products, a comprehensive study on currently available online voting products was carried out in the project Market and Vulnerability Analysis of Online Voting. The results have also been incorporated into the technical guidelines and protection profiles.

In a further project on methods of end-to-end verifiability in online elections, a comprehensive scientific study was carried out, which explains and examines the relevant mechanisms. The results of this study have been incorporated into a guide for election organizers.

TR-03169

BSI TR-03169 “IT security requirements for conducting an electronic election” is a technical guideline that addresses those responsible for elections and formulates requirements, for example for the operating environment. The TR-03169 website contains samples for the risk analysis. The technical guideline was published in 2023, and will be further revised.

Protection profile for online election products

The BSI has created a protection profile according to Common Criteria (CC profiles) for online voting products. Certification is already possible.

Exchange forum on the topic of online elections

Interested people and experts are invited to discuss the topic of online elections with the BSI. The BSI uses this forum to provide information about new findings or events and is available to answer questions. To register for the exchange forum, please send an e-mail to online-wahlen@bsi.bund.de.