European Election Management Bodies Participate in Second Electoral Technology and Cyber-Hygiene Course

by Andrew Rogan

Following the success of its pilot course in June 2019, the International Foundation for Electoral Systems (IFES) welcomed 12 election management body (EMB) representatives to Tallinn, Estonia, for its second iteration of the Electoral Technology and Cyber-Hygiene course. Participants spent four days earlier this month learning the use of technology in elections, how to integrate safe cyber behavior into their work and how to mitigate online harassment and violence against women in elections. The course also included insightful guest presentations and valuable site visits. Upon completion, participants received accreditation from the Tallinn University of Technology (TalTech), transferable to any further education degree.

Representatives from EMBs in Albania, Bosnia and Herzegovina, Bulgaria, Croatia, Estonia, Georgia, Kosovo, Latvia, Lithuania, Montenegro, North Macedonia and Serbia were nominated by their institutions to participate. The course was designed to introduce technologies available in the electoral process and to provide the representatives with cybersecurity policies, good practices and tools to protect themselves and their organizations when using technology in elections.

In the first part of the course, participants were exposed to a variety of election technologies and asked to critically analyze the benefits and risks involved throughout the electoral process. Through global case studies of technology in elections, participants were able to see the practical application of these technologies and evaluate their use. As the course was held in Estonia, participants particularly studied e-governance in the country. Professor Robert Krimmer of the Ragnar Nurkse Department of Innovation and Governance at TalTech led a presentation on the history of internet voting in Estonia, assessing both its key benefits and current challenges.

Ana-Marija Lasić of Bosnia and Herzegovina, Nikola Mugosa of Montenegro, Kristina Vlašić Krasnec of Croatia and Maili Kark of Estonia work together to identify the characteristics of a phishing email

To bridge the gap between election technology and cybersecurity in elections, the national chief cyber risk officer of Estonia, Liisa Past, delivered a presentation on the nexus of the two topics, describing the importance of what’s at stake when technology in elections face increasing cyber threats. Participants then transitioned to an in-depth cyber-hygiene awareness training, which included activities such as identifying the characteristics of phishing emails, integrating the use of password managers on their devices and strategizing institutional policies to build stronger cyber safety.

The course also included an informative visit to the State Electoral Office (SEO) of Estonia, where participants learned the history and context of the electoral and political process in the country. Participants and the current SEO Chief Adviser and former President Priit Vinkel, engaged in a lively question-and-answer session to deliver a comprehensive, practical understanding of technology and cybersecurity from the perspective of an EMB. While at the SEO, participants also watched as the Estonian Parliament passed new legislation removing all restrictions during electoral campaign periods. Following, participants had the chance to visit the Parliament’s home, the Riigikogu, where they learned about the electoral process from yet another point of view.

IFES Cybersecurity Expert Thomas Chanussot works with Kristina Vlašić Krasnec of Croatia, Vladimir Dimitrijević of Serbia, Iva Ivanova of Bulgaria and Diana Daubare of Lithuania to use cyber-hygiene tools.

Finally, the course introduced the pilot “Gender and Online Spaces,” a newly developed IFES course module. First, all participants learned of the various types of online harassment and violence in elections, such as trolling or doxing, and how women might experience it differently. Examples from Europe and Eurasia were discussed, and participants were welcomed to offer their own examples from their respective countries. In the second portion, the women and men were divided into two separate exercises. The women were offered the space to discuss their personal experiences and provided with actions they make take as survivors of online harassment or violence. Meanwhile, the men engaged in an interactive male allies’ exercise, where they were tasked with deciding responses to various scenarios in which their female family, friends and colleagues might be targeted.

“I learned awareness of protecting myself and my work through new tools. There is new information to help with everyday work.”

Course participants spoke highly of their time in Tallinn and of the skills and tools they left with. Nikola Mugosa of the State Election Commission of Montenegro shared, “I learned awareness of protecting myself and my work through new tools. There is new information to help with everyday work.” Further, course participants expressed their desire to share their learnings widely with their colleagues, which cascades the impact throughout their institution. Ana-Marija Lasić of the Central Election Commission of Bosnia and Herzegovina was particularly excited about cyber hygiene in emails, “Cyber-hygiene was definitely the most useful skill from the course, because I can prevent co-workers from opening phishing emails.”

In the months following the course, IFES will roll out a quarterly newsletter to participants from this course and the prior one in June. The newsletter will offer reminders of good cyber-hygiene practices and innovative tools available to build safe online behavior. Next year, IFES plans to widen the scope of the course to also target civil society organizations and information technology users and administrators at EMBs in the region.

The course was part of IFES’ “Regional Elections Administration and Political Process Strengthening (REAPPS)” project in Europe and Eurasia, funded by the United States Agency for International Development (USAID) and implemented through the Consortium for Elections and Political Process Strengthening (CEPPS). REAPPS was designed to address common challenges among Central and Eastern European and Eurasian societies. These include defining the role of government, fostering political pluralism, stimulating civic participation and channeling internal conflict into political institutions to produce democratic outcomes faced by transitioning democracies within Europe and Eurasia.

Established in 1995, CEPPS pools the expertise of three premier international organizations dedicated to democratic development: IFES, the International Republican Institute and the National Democratic Institute. CEPPS has a 20-year track record of collaboration and leadership in democracy, human rights and governance support, learning from experience, and adopting new approaches and tools based on the ever-evolving technological landscape.