15th Electoral Management Bodies Conference
Check against delivery
It is a pleasure to be here this morning and to discuss an urgent, fast-evolving and long-term challenge to our democracies:
Security in elections.
In this matter the role of Electoral Management Bodies is vital – and extensive.
You safeguard the security of citizens and candidates, of buildings and installations and of the administration and operation of the elections themselves.
The precise legal frameworks in which you can do this –
The best practices being used among you –
And the specific contexts in which elections are fought – including emergency and conflict zones.
All of these are up for discussion at this Conference.
And all of them are of course impacted by the increasing use of information and communication technologies in the election process, particularly internet service providers and social media.
This will not stop.
Indeed the pace of innovation may grow even faster.
And the challenge for you, lawmakers and other authorities is keep ahead of the technological curve.
Because, ultimately, what is at stake is public confidence in the democratic process.
Over recent decades, the average turnout in elections across Europe has fallen considerably.
This is the result of a number of complex and concerning factors.
But if people come to believe that elections are no longer secure –
That technical innovation around that process is confusing, obscure or subject to abuse –
We can fairly assume that still fewer voters will make the trip to the ballot box.
This is something that we cannot accept.
New technology can improve the public’s experience of democratic participation.
It must not be allowed to sap their confidence and turn them away from it.
So your task is not an easy one.
And your discussion today could not be more timely.
But I want to assure you that you are not alone.
The Council of Europe is working hard on these issues at the international level.
We have developed conventions, recommendations and guidelines that help member states’ authorities ensure the integrity of their electoral processes in the twenty first century.
Our Budapest Convention on Cybercrime is a key case in point.
The Convention criminalises, for example, interference with computer systems that play a role in elections.
And it helps secure evidence of such interference too.
In recent years we have seen databases and registration systems hacked, opening up the possibility of voters’ details being added or deleted.
We have witnessed counting systems being tampered with in order to influence results.
And we live with the threat of attacks on voting machines that could literally prevent people from casting their ballots on Election Day.
The computer systems of political parties, candidates and campaigns are also at risk.
These contain valuable information that rival interests, governments or any given hacker may want for their own ends.
And taking and releasing that information may have a major impact on election results.
In 2017, for example, Emmanuel Macron’s presidential campaign in France was hacked and thousands of emails stolen.
What impact those emails might have had on voters’ choices is unknown.
What we do know is that this – all of this – is cybercrime.
It is illegal under the Budapest Convention.
And member states should prosecute it as a priority.
But there are other problems that are arguably more dynamic.
Notably, the challenges posed by the rapid rise in new digital advertising techniques –
For the purpose of electoral campaigning –
And in order to influence voter behaviour.
On these matters I cannot promise to be as detailed in my knowledge as Mark Zuckerberg.
But I am confident that I can provide a little more insight than at least some of the US Congressmen who questioned him last week.
These challenges include concerns about transparency.
With question marks over the capacity of internet platforms to ensure the disclosure of political ads’ origins and to uphold information standards –
Fears of hidden spending on digital advertising.
And worries over the processes for selecting and targeting potential voters online, often with highly divisive messages.
Worries that are only heightened by the failure of social media outlets to share information on how their algorithms work.
Added to this, the recent Cambridge Analytica revelations have exposed the need for better enforcement of the rules on data protection.
And perhaps most widely discussed, the decline of traditional filters for online news has resulted in less fact checking and the rise of disinformation or “fake news” –
Often amplified by social media.
European states have experienced all of these issues in recent election periods.
In part, the answer is to apply the tools already at their disposal.
For example, the Council of Europe’s Data Protection Convention, or Convention “108”.
This has been ratified by all of our member states – and by four others.
Underlining its role as a unique mechanism at the global level too.
It ensures that data protection principles are applied when personal data crosses borders.
And, after seven years of hard work and negotiations, we expect to adopt soon a re-shaped version of this landmark Convention, reshaped for the digital era.
Convention “108+” will provide safeguards fit for the modern day.
Added to this, our Guidelines on Big Data and our 2013 Recommendation on Profiling also set standards for privacy in the digital environment.
And our Committee of Ministers’ Recommendation – from this year – on the roles and responsibilities of internet intermediaries is important too.
It clarifies the obligation on member states to regulate internet intermediaries’ activities.
To provide effective legal remedies where those organisations fail to uphold human rights.
And it calls on the intermediaries themselves to respect the rights of internet users, assess the impact of new technologies on those users’ rights, and increase their transparency and accountability.
Applying these standards to online electoral campaigning is an important step.
And the Council of Europe works with Electoral Management Boards – and other authorities – to help them do so.
But we know that in a fast-changing environment, more must be done to keep pace with innovation.
Our study on the use of the internet in electoral campaigns has called for a review on existing regulation.
Our Steering Committee on Media and Information Society is using that study’s findings – now – to develop new guidelines on the accountability, transparency and use of automated data processing.
And a letter that we signed last year with the internet giants – including Google and Facebook – has paved the way for our ongoing co-operation on a range of pertinent issues.
All of this falls under our current Internet Governance Strategy.
That Strategy addresses issues that go beyond security in elections.
But our work in the coming months and years will certainly cover matters that relate to it.
So that technical innovation is framed by legal and ethical boundaries that reassure the public, win people’s trust and enhance European democracy.
This will be a priority for the Council of Europe.
So today is an opportunity to share experience, knowledge and best practice on how to provide security for the whole electoral process.
And it is an opportunity to discuss what further legislation might be required at the national and international level too.
The sad reality is that there are those who would undermine democracy in Europe.
Your role – our role – is to stop them.
And, together, we will.