ISLAMABAD: Cyber security experts on Thursday informed that the Election Act 2017 exposes and risks citizens’ personal database to be misused by hackers, criminals or possibly in the upcoming general elections 2018.
Official sources released a warning against the Election Act 2017, comprising of a major blunder that possibly allows breach of voter’s personal database. Sources claim that the voter’s lists are vulnerable to security risks under Section 79(3) of Election Acct 2017.
Section 79 entails three major clauses pertaining to final electoral rolls of all constituencies to be provided to the Returning Officer, passed on to the Presiding officers of all polling stations and lastly for final electoral roll lists including photographs of the voters, to be provided to the District Election Commissioner or any authorized officer, as searchable soft copy by the Returning and Presiding Officers.
Clause 3 states “On application of a candidate or his election agent, the District Election Commission or any officer authorized on behalf of the Commission shall provide to a candidate or an election agent a hard or searchable soft copy on universal serial bus (USB) in portable document format (PDF) or any other tamper-proof format of the final electoral roll with photographs of the voters and shall ensure that the copy is same as provided to the Returning Officer and Presiding Officers.”
According to cyber security experts, Clause (3) of Section 79 poses a security risk to 104 million voters’ database participating in general elections 2018 as the database is derived from National Database and Registration Authority.
Cyber security experts claim that providing the database of registered citizens is a major blunder in formulation of policies regarding privacy and confidentiality of Pakistani nationals. They further said that the soft copy of the electoral data can be copied within seconds, which may cause massive damage to country’s civil registry and voter database.
The main arguments by experts mainly circle around the breach of the database by hackers, as it would be easily accessible. The officials said that it may be the case that political parties get the databases in digital format for their own benefit.
Sources said that Section 79(3) of Election Act 2017 should have been revoked in order to safeguard citizen’s database from being breached. Earlier, it was observed that in United States (US), hackers had attacked database of US voters during 2016 elections in US.
Previously, Facebook chief Mark Zuckerberg had claimed on April 11 in a congressional appearance that fake accounts may influence general elections 2018. Similarly, experts had earlier observed unusual traffic and attempts by international hackers to compromise online services of Pakistan.
On April 24, Careem taxi service had revealed that its database had been hacked resulting in theft of 14 million users’ record including the credentials of Careem’s captains’. Careem also said that hackers had stolen credit card database of dozens of citizens.
Experts further said that precautions should be taken up as elections approach with numerous plausible security risks to the citizens’ database. They stressed that a national strategy should be made to safeguard such attacks.