Skip to main content

New Paper: South African Electoral Commission’s Mobile App for Voters - Scott Timcke

In the December 2024 recent issue of the African Journal of Information and Communication, Nawal Omar and I  have a study on the IEC's mobile app, and how it handles data privacy and security dimensions. More broadly, while digital tools can enhance voter participation and streamline electoral processes, they must be developed and deployed with utmost attention to security and privacy - the cornerstones of democratic integrity. The trust citizens place in electoral systems extends to the digital tools that support them, making cybersecurity not just a technical requirement but a democratic imperative. These matters will become more acute in the years ahead

Here is the title, abstract and other details:

South African Electoral Commission’s mobile app for voters: Data privacy and security dimensions
Nawal Omar, Scott Timcke

In 2014, the Electoral Commission of South Africa (also known as the “IEC”) launched a mobile app to support voter participation in electoral processes. The app, called IEC South Africa, can be used to verify, update, and confirm a voter’s registration details and voting station. It also provides an interface for special-vote applications and real-time election results. This study conducted a privacy and security analysis of the app, through a compliance review of the IEC’s privacy policy in terms of the South African data protection legislation, followed by an analysis of the app’s APK files, permissions, third party trackers, and vulnerabilities, including API (application programming interface) calls. The analysis revealed several security and privacy concerns, including inadequately secured API keys, the potential for unauthorised access, and the potential for data breaches. In addition, the presence of advertising and analytics trackers suggested third party data-sharing, raising concerns about transparency and user consent. The study draws attention to the need for the IEC to take action to address the app’s security and
privacy weaknesses. The study also demonstrates the importance of data minimisation, transparent practices, and adherence to privacy policies in order to maintain user trust and security in electoral technology.

Keywords
elections, voters, technology, mobile apps, data privacy, data security, South Africa, Electoral Commission, IEC

Recommended citation
Omar, N., & Timcke, S. (2024). South African Electoral Commission’s mobile app
for voters: Data privacy and security dimensions. The African Journal of Information and
Communication (AJIC), 34, 1-21. https://doi.org/10.23962/ajic.i34. 18132
Labels:

Comments

Post a Comment

Popular posts from this blog

How Bot Traffic Signals the End of Ad-Supported Internet - Scott Timcke

The statistics are stark and sobering. According to Fortune, approximately half of all internet traffic now comes from non-human sources . Imperva’s 2024 Bad Bot Report identifies nearly 50% of web activity as originating from bots; 20% of which are explicitly malicious. This is not a technical inconvenience or a cybersecurity concern. It represents nothing less than the undermining of the foundational economic model that has sustained the internet as we know it for the past three decades. We are witnessing the collapse of the ‘attention economy’, the system whereby human attention becomes the primary commodity being harvested, packaged, and sold to advertisers.  The entire edifice of the contemporary internet rests on a simple premise: that clicks, views, and engagement metrics represent genuine human interest and, by extension, purchasing intent. When bot networks can simulate this engagement at scale, they do not create noise in the data. Rather they destabilize the value pro...
Post a Comment
Read more

After AI in Africa: Some pertinent questions - Andrew Rens

Whether one views AI as a bubble or a boom, it must eventually end. If it is a bubble, AI may be sustained as improbably long as cryptocurrency, but it will inevitably subside. However, if AI is a burgeoning general technology, it will eventually become embedded in various other products and services. At that point, AI will no longer draw the same levels of investment and public scrutiny that it currently does. One question remains invisible in the formulation of AI policy across the African  continent: What will the legacy of AI be, and specifically, what infrastructure will remain after AI?  The shaping of AI's contribution to the future, through policy, implementation, and investment—whether aligned with national processes or not—seems curiously elided in the current AI debate. Lessons from South Africa's Minerals Revolution   In contemplating the end of AI in Africa, it is useful to reflect on the minerals revolution in Southern Africa that began in the 1860s and resh...
Post a Comment
Read more