"The Council of Europe has identified two types of cyberthreats to elections. First, threats to electoral democracy, namely “attacks against the confidentiality, integrity and availability of election computers and data”, compromising voter databases or registration systems; tampering with voting machines to manipulate results; interference with the function of systems on election day; and illegal access to computers to steal, modify, disseminate sensitive data. Second, threats to deliberative democracy, i.e. “information operations with violations of rules to ensure free, fair and clean elections” related to data protection, political finances, media coverage of electoral campaigns and broadcasting and political advertising."
DocumentCoE (Venice Commission): Principles for a Fundamental Rights-Compliant Use of Digital Technologies in Electoral Processes, para. 79
- Necessary steps to give effect to human rights include a requirement to prevent, punish, investigate, or redress violations of human rights by non-state actors.
- States have a duty to investigate alleged rights violations.
- The duty to investigate includes the investigation of acts by private persons and entities.
- The voting system, including electronic systems, should be sufficiently secure against fraud.
- The state has a duty to punish cases of electoral fraud.
- Personal data controllers should ensure data accuracy and protect personal data from unauthorized disclosure, loss, modification, or other misuses.