Jun 195 min read

The Electoral Roll has been hacked…

Updated: Jun 25

Or has it?

Did you just click on this article because I hacked your computer? Or because I hacked YOU?

Let’s start with the fact – The Electoral Roll has NOT been hacked (as far as I’m aware of), but could the electorate be hacked?

Ok. Ok.. I’m getting ahead of myself, let’s start at the beginning.

The Elections are coming

If you are registered on the UK Electoral Roll, on July 4th, you will be going to your local polling station to elect the next UK Government. You might be watching the debates on TV, discussing it with friends and family, and reading articles online.

All political parties are debating the pros and cons of each other, and we watch eagerly as they argue one manifesto topic after the other.

But one thing that all Politicians will agree on, is that the voting process has to be secure, and it has to be fair.

My question is; In the post-truth era, and given the world in which we live – can we ever expect a truly secure election again?

Security and the electorate

In the security sector there is a saying that there is no such thing as 100% secure, and we know that international threats are always looking for an opportunity to undermine our democratic processes. Threats from a ranger of nations (including Russia and China), individuals and groups, are a very real risk. They have a variety of motivations and capabilities that the government are quite rightly concerned about, and taking steps to protect us against.

But no matter what the government does to protect the central process (including systems) from cyberattacks, security cannot be guaranteed. Steps are taken to secure the voting process, and when you go to the polling station, those volunteers are themselves subject to close scrutiny. You will be expected to take personal identification to verify that you are eligible to vote, and that you are on the electoral roll.

The electoral roll is a register of names and addresses of everyone eligible (and registered) to vote. These are maintained at a regional level, and there are two versions; one is the full version, and the second is one that you can opt out of (which is publicly available).

Protecting this information is critically important, as is the process whereby these votes are counted (still largely a manual process). This has always been important, but with claims of vote rigging in the Trump Vs Biden US elections, there will be even closer scrutiny come the UK General Election in July.

There are significant security risks for the UK Elections, but the biggest risk we face isn’t a direct attack against systems and services. A cyberattack is a possibility yes, but as we are now living in a post-truth era, the real threat is a lot more insidious and subtle than all out attack.

What is the “Post-truth” era?

No, this is not part of Taylor Swift’s ‘era tour’, but points to a term that became popular during the Donald Trump presidential race, and UK Brexit decision. Post-truth became a phrase used to describe facts that held less influence of shaping public decisions than opinions, emotions and personal beliefs. All of which were played out online, on social media.

(Donald Trump reframed this as ‘Fake News’, but we’ll stick with the less dramatic and more expansive term, post-truth.)

The ability to persuade people to take actions, or ‘nudge’ them in the direction you want them to go, goes to the heart of marketing and advertising. If we see a certain brand for cat food, for example, and many of our friends are buying it or thousands of cat owners support it, then we’re more likely to buy that brand. The principle is known as ‘social proof’, where our inner voice says “Well, if thousands of other cat lovers like this, then it must be great”

This is ok when it comes to cat food, or cars, or clothing lines. But what happens when the psychological tricks of marketing are used to push a certain political stance or ideology?

Misinformation and Disinformation

This form of ‘advertising’ falls into the above buckets. They are similar but not the same.

Misinformation is where false information is presented as fact, or information is out-of-context. It can occur when people make mistakes or don’t recall all the facts. People may share this information as an attempt to make themselves look good, or simply to help other people in the misguided view that they’re doing a good thing.

An example of misinformation might be to share a news story online about a celebrity, without checking to see if it’s true. “Did you see Ed Sheeran is quitting music!” The person sharing the story is innocently sharing a story that Ed Sheeran is taking a break (not retiring), but shares it in a way that they think might be interesting to friends and family online. Quickly, it becomes a story that Ed Sheeran needs to refute! This might also be called ‘Click baiting’, where the intention of the article is to get you to react and click the story.

However, disinformation is a deliberate attempt to spread false information with the intent to influence or deceive people. People may then like, comment and share this disinformation believing it to be true.

An example of this is when people shared stories that the COVID19 vaccine contained microchips that allowed the government to track people. It’s a false claim, with the motive to create distrust of government or health services. Who started these rumours cannot be fully determined, but it could be anyone looking to create mistrust and dissent.

Misinformation and disinformation are closely aligned, and one can quickly follow the other. A good way to tell them apart is that misinformation, misses the important information and content needed, whereas disinformation starts with the word ‘dis’, which has its origins in the word ‘bad’ (e.g. ‘disaster’, ‘disagree’, ‘discomfort’). Therefore disinformation, by its very nature is ‘bad’.

The Biggest Risk to UK Politics

It’s not from Cyberattacks, it’s from attacks on our way of thinking. It is subtle. It is insidious and it will happen without our really knowing about it.

The security expert Bruce Schneier once said “Amateurs hack computers; Professionals hack people”. He’s not wrong. How we think and how we behave is determined by the people around us, and social media is able to change our way of thinking in the most dramatic ways.

We’ve almost reached the end of this blog, and I’m only now mentioning the use of Artificial Intelligence (AI) and Deep fakes, that create content that looks entirely believable. For example, we have already seen videos of Nigel Farage playing Minecraft, and Rishi Sunak talking about doing house-hold chores (both AI generated deep fakes). The old saying “The camera never lies” no longer stands true.

Social media platforms need to do more to curb the use of AI online, and platforms like TikTok are increasing investment in AI-labelling technology. This is a positive move, as we know that platforms like this are where young(er) voters will be receiving their facts and insights.

Marketeers have known the perfect way to persuade us to act in certain ways, mostly to our benefit. But their knowledge and insights can now be used by those who would like to direct our way of thinking that can have far reaching effect. From international governments to groups, they can direct our thinking, not only to help choose which brand of cat food to buy, but who to vote for in an election.

In a post-truth era, fact-checking will become a core skill. Education on how to do that, will determine what our future holds for us.

Consultants Like Us