Skip to main content

New Paper: South African Electoral Commission’s Mobile App for Voters - Scott Timcke

In the December 2024 recent issue of the African Journal of Information and Communication, Nawal Omar and I  have a study on the IEC's mobile app, and how it handles data privacy and security dimensions. More broadly, while digital tools can enhance voter participation and streamline electoral processes, they must be developed and deployed with utmost attention to security and privacy - the cornerstones of democratic integrity. The trust citizens place in electoral systems extends to the digital tools that support them, making cybersecurity not just a technical requirement but a democratic imperative. These matters will become more acute in the years ahead

Here is the title, abstract and other details:

South African Electoral Commission’s mobile app for voters: Data privacy and security dimensions
Nawal Omar, Scott Timcke

In 2014, the Electoral Commission of South Africa (also known as the “IEC”) launched a mobile app to support voter participation in electoral processes. The app, called IEC South Africa, can be used to verify, update, and confirm a voter’s registration details and voting station. It also provides an interface for special-vote applications and real-time election results. This study conducted a privacy and security analysis of the app, through a compliance review of the IEC’s privacy policy in terms of the South African data protection legislation, followed by an analysis of the app’s APK files, permissions, third party trackers, and vulnerabilities, including API (application programming interface) calls. The analysis revealed several security and privacy concerns, including inadequately secured API keys, the potential for unauthorised access, and the potential for data breaches. In addition, the presence of advertising and analytics trackers suggested third party data-sharing, raising concerns about transparency and user consent. The study draws attention to the need for the IEC to take action to address the app’s security and
privacy weaknesses. The study also demonstrates the importance of data minimisation, transparent practices, and adherence to privacy policies in order to maintain user trust and security in electoral technology.

Keywords
elections, voters, technology, mobile apps, data privacy, data security, South Africa, Electoral Commission, IEC

Recommended citation
Omar, N., & Timcke, S. (2024). South African Electoral Commission’s mobile app
for voters: Data privacy and security dimensions. The African Journal of Information and
Communication (AJIC), 34, 1-21. https://doi.org/10.23962/ajic.i34. 18132
Labels:

Comments

Post a Comment

Popular posts from this blog

After AI in Africa: Some pertinent questions - Andrew Rens

Whether one views AI as a bubble or a boom, it must eventually end. If it is a bubble, AI may be sustained as improbably long as cryptocurrency, but it will inevitably subside. However, if AI is a burgeoning general technology, it will eventually become embedded in various other products and services. At that point, AI will no longer draw the same levels of investment and public scrutiny that it currently does. One question remains invisible in the formulation of AI policy across the African  continent: What will the legacy of AI be, and specifically, what infrastructure will remain after AI?  The shaping of AI's contribution to the future, through policy, implementation, and investment—whether aligned with national processes or not—seems curiously elided in the current AI debate. Lessons from South Africa's Minerals Revolution   In contemplating the end of AI in Africa, it is useful to reflect on the minerals revolution in Southern Africa that began in the 1860s and resh...
Post a Comment
Read more

Beyond a buzzword: Can Ubuntu reframe AI Ethics? - Anye Nyamnjoh

The turn to Ubuntu in AI ethics scholarship marks a critically important shift toward engaging African moral and politico-philosophical traditions in shaping technological futures. Often encapsulated through the phrase “a person is a person through other persons”, Ubuntu is frequently invoked to highlight ontological interdependency, communal responsibility, relational personhood, and the moral primacy of solidarity and care. It is often positioned as an alternative to individualism, with the potential to complement or “correct” Western liberal frameworks. But what does this invocation actually do? Is Ubuntu being used to transform how we think about ethical challenges in AI, or is the emerging discourse merely softening existing paradigms with a warmer cultural tone?   The emerging pattern A recurring pattern across the literature reveals a limited mode of Ubuntu engagement. It begins with a description of AI-related ethical concerns: dependency, bias, privacy, data coloni...
Post a Comment
Read more