Skip to main content

New Paper: South African Electoral Commission’s Mobile App for Voters - Scott Timcke

In the December 2024 recent issue of the African Journal of Information and Communication, Nawal Omar and I  have a study on the IEC's mobile app, and how it handles data privacy and security dimensions. More broadly, while digital tools can enhance voter participation and streamline electoral processes, they must be developed and deployed with utmost attention to security and privacy - the cornerstones of democratic integrity. The trust citizens place in electoral systems extends to the digital tools that support them, making cybersecurity not just a technical requirement but a democratic imperative. These matters will become more acute in the years ahead

Here is the title, abstract and other details:

South African Electoral Commission’s mobile app for voters: Data privacy and security dimensions
Nawal Omar, Scott Timcke

In 2014, the Electoral Commission of South Africa (also known as the “IEC”) launched a mobile app to support voter participation in electoral processes. The app, called IEC South Africa, can be used to verify, update, and confirm a voter’s registration details and voting station. It also provides an interface for special-vote applications and real-time election results. This study conducted a privacy and security analysis of the app, through a compliance review of the IEC’s privacy policy in terms of the South African data protection legislation, followed by an analysis of the app’s APK files, permissions, third party trackers, and vulnerabilities, including API (application programming interface) calls. The analysis revealed several security and privacy concerns, including inadequately secured API keys, the potential for unauthorised access, and the potential for data breaches. In addition, the presence of advertising and analytics trackers suggested third party data-sharing, raising concerns about transparency and user consent. The study draws attention to the need for the IEC to take action to address the app’s security and
privacy weaknesses. The study also demonstrates the importance of data minimisation, transparent practices, and adherence to privacy policies in order to maintain user trust and security in electoral technology.

Keywords
elections, voters, technology, mobile apps, data privacy, data security, South Africa, Electoral Commission, IEC

Recommended citation
Omar, N., & Timcke, S. (2024). South African Electoral Commission’s mobile app
for voters: Data privacy and security dimensions. The African Journal of Information and
Communication (AJIC), 34, 1-21. https://doi.org/10.23962/ajic.i34. 18132
Labels:

Comments

Post a Comment

Popular posts from this blog

A Caution Against Emerging Digital-Industrial Complex in Africa - Nelson Otieno

In his  farewell Presidential Address in 1961, outgoing US President Dwight Eisenhower then warned about the dangers of the military-industrial complex . He acknowledged the necessity of collaboration between the US government, the military, and industry for national development. But he cautioned that the alliance was vulnerable to abuse. Eisenhower further expressed his concern that the military-industrial complex could gain undue influence, ultimately surpassing the traditional powers of the State. Eisenhower’s warning has proven prescient. Over time, the military-industrial complex has evolved into a powerful force that, driven by profit motives, plays a significant role in perpetuating global conflicts and wars. Today, in this digital age, Eisenhower’s speech resonates once again , but with a modern twist — ushering in the rise of what I term the “digital industrial complex.” As we witness the increasing convergence of technology, industry, and government, especially in Afr...
Post a Comment
Read more

AI's Next Frontier Could Supercharge Tax Havens. Here's Why That Matters - Scott Timcke

The quiet revolution in AI isn't just changing how we work and live. It's about to transform how wealth moves around the globe - and not necessarily for the better. As AI systems become autonomous, they threaten to supercharge tax avoidance strategies in ways that could devastate public finances worldwide. Consider a future where AI systems don't just identify tax loopholes, but actively exploit them in real-time, moving capital across jurisdictions faster than regulators can respond. This is the emerging reality of what technologists call "agentic AI" - systems capable of making independent financial decisions without direct human oversight. The implications are acute. Tax havens have traditionally relied on human financial experts laboriously analyzing regulations to find advantageous arrangements. These new AI systems can perform the same analysis continuously across multiple jurisdictions, identifying opportunities for tax arbitrage with unprecedented speed an...
Post a Comment
Read more