Language switcher

You are here

Analysis: Estonia Case Study of Scalable Ecosystem Fostering Secure I-voting

A newly published study catalogues risks related to use of technology in elections and recommendations for overcoming them. "All Elections are Hackable: Scalable Lessons from Secure I-Voting and Global Election Hacks" by Liisa Past, the Chief Research Officer of RIA’s Cyber Security Branch, was published in the European Cybersecurity Journal.

"Estonia is a case study of a realistic, scalable ecosystem of e-services that fosters I-voting and could support election technology. The ecosystem needs to include a wealth of digital services from government and private sector to build trust and form habits," points the article highlighting the differences between secure online voting and election technology, a wider all-encompassing term for use of digital solutions in elections.

The study emphasizes that no election technology is 100% secure 100% of the time. "Given modern threats, including hybrid attacks against elections, and the fundamentality of elections to citizens’ rights, election technology and I-voting benefit from a comprehensive and cross-government approach," writes Liisa Past.

Since introducing I-voting in 2005, Estonia has not seen a single significant technical or security incident influencing voting outcomes. Drawing on that experience, the article looks at best practice that can be scaled to secure election technology and introduce online voting. "I-voting in national elections is a monumental task and governments would be well advised to start small, either with non-binding polls, or with provincial elections," it suggests.

Liisa Past is also speaking on the subject at the European Cybersecurity Forum on October 10, 2017. “All Elections are Hackable: Scalable Lessons from Secure I-Voting and Global Election Hacks" from the European Cybersecurity Journal (2017, vol 3) can be downloaded from here (2.04 MB, PDF).

More news on the same subject


Cyber Security in Estonia 2020: A Comprehensive Look At The Estonian Cyber Landscape

11.05.2020 - The Estonian Information System Authority (RIA) has compiled a comprehensive overview of cyber security in Estonia. “Cyber Security in Estonia 2020”, available at, explains the landscape, the responsibilities and activities of different public sector organizations in Estonia who all contribute to keep Estonians safe online. From setting up a cyber security standard to combating cyber crime to training military cyber defence operators, every agency has a vital role to play.