---
title: "Swiss E-Voting: The Hackers Were Right"
subtitle: "How security researchers killed Switzerland's 'third way' of voting in weeks"
category: "Investigation"
date: 2020-08-22
tags: ["E-Voting", "Security", "Swiss Post", "Democracy", "Cryptography"]
---

## The Numbers

| Metric | Value |
|--------|-------|
| Years of pilot programs | 15+ (since 2004) |
| Cantons offering e-voting (peak) | 9 |
| Cantons offering e-voting (2020) | 0 |
| Time to find critical flaw | Weeks (public testing) |
| Citizens who could vote online (2019) | ~300,000 Swiss abroad |
| Citizens who can vote online (2020) | 0 |

## The Promise

Switzerland, land of direct democracy, wanted to modernize. Citizens vote on everything—federal initiatives, cantonal measures, municipal decisions. Postal voting already worked well. Why not add a digital option?

E-voting would be the "third way"—alongside polling stations and postal ballots. Swiss abroad could participate easily. Young voters might engage more. Switzerland would lead the world in digital democracy.

## The Two Systems

By 2019, Switzerland had narrowed to two e-voting systems:

### Swiss Post System
Developed with Scytl, a Spanish company specializing in election technology. Used cryptographic protocols for vote verification. Deployed in multiple cantons.

### Geneva System
Developed by the Canton of Geneva. Open-source approach. Used in Geneva and available to other cantons.

## The Public Intrusion Test

In early 2019, Swiss Post opened their system to public security testing. Researchers worldwide were invited to find vulnerabilities. Cash bounties awaited those who succeeded.

They succeeded.

## The Melbourne Discovery

Researchers from the University of Melbourne examined the cryptographic protocols. What they found was devastating:

{{< irony >}}
A flaw in the system's commitment scheme could allow **undetectable vote manipulation** during the shuffling phase.

Not a minor vulnerability. Not a theoretical attack. A fundamental cryptographic error that meant votes could be changed without anyone—voters, auditors, or officials—knowing.
{{< /irony >}}

The researchers described the system as having:
- Poor design
- High complexity
- Possibility of altering votes during shuffling without detection

## The Collapse

### March 2019
Swiss Post pulls the plug on their system just before a nationwide vote scheduled for May 19. Security concerns make deployment impossible.

### June 2019
The federal government abandons plans to recognize e-voting as an official "third way" to vote.

### July 2019
Swiss Post scraps the entire system. They announce plans to develop a new one from scratch.

### Meanwhile in Geneva
The Canton of Geneva abandons their system too—not for security reasons, but because they can't afford to maintain it alone.

**Result:** Nine cantons that had been offering e-voting had to stop. The entire Swiss e-voting infrastructure collapsed within months.

## The Political Backlash

Parliament wasn't pleased:

> Politicians in the larger parliamentary chamber voted (100 to 75, with 7 abstentions) in favour of a proposal to halt trials of the technology altogether.

A citizens' initiative was launched to ban online voting for at least five years, until the system could be proven secure.

## The Deeper Problem

The Swiss Post system wasn't built by amateurs. Scytl was a specialist company. Cryptographic experts were consulted. Testing protocols were followed.

And yet:

{{< irony title="The Security Testing Irony" >}}
The critical flaw was found within weeks of opening the code to public scrutiny.

For years, the system had been deployed in actual elections while this vulnerability existed. Voters in multiple cantons had cast ballots through a system that could theoretically have been compromised without detection.

Nobody knows if it ever was. That's the point.
{{< /irony >}}

## The Scytl Factor

Swiss Post's partner Scytl had a troubled history:

- Deployed systems in elections worldwide
- Faced criticism from security researchers repeatedly
- Filed for bankruptcy in 2020
- Assets acquired by another company

Switzerland had entrusted its democratic infrastructure to a company that would shortly cease to exist.

## What Was Never Answered

- How many votes were cast through the vulnerable system over the years?
- Were any elections affected?
- Who approved the cryptographic design?
- What review process failed to catch the flaw before public testing?

These questions remain largely unanswered. The system is gone. The cantons have moved on. The voters who used it will never know if their votes were counted correctly.

## The Restart

By December 2020, the Confederation launched a "redesigned" e-voting trial. Swiss Post fixed their protocol and reimplemented much of the system.

But the damage was done. Trust was broken. The "third way" of voting remained a pilot project rather than an official channel.

As of 2025, most Swiss abroad still cannot vote online. The country that pioneered direct democracy fell behind nations with far less democratic tradition in providing digital voting access.

## The Verdict

{{< conclusion >}}
Swiss e-voting failed not because the technology was impossible, but because the implementation was rushed, the oversight was inadequate, and the response to criticism was defensive rather than constructive.

Security researchers—outside the system, unpaid beyond bug bounties—found in weeks what years of official development had missed. This is not an indictment of the researchers. It's an indictment of the process that made their work necessary.

Switzerland spent 15 years building e-voting infrastructure. It took one public test to prove it wasn't ready. The hackers were right.
{{< /conclusion >}}

<div class="sources">

### Sources

- [SWI: These are the arguments that sank e-voting in Switzerland](https://www.swissinfo.ch/eng/politics/e-voting_these-are-the-arguments-that-sank-e-voting-in-switzerland/45136608) ([archive.org](https://web.archive.org/web/20190802132328/https://www.swissinfo.ch/eng/politics/e-voting_these-are-the-arguments-that-sank-e-voting-in-switzerland/45136608))
- [SWI: E-voting dealt another political blow](https://www.swissinfo.ch/eng/politics/parliament_e-voting-dealt-another-political-blow/45425298)
- [SWI: E-voting suffers another setback amid expat Swiss concerns](https://www.swissinfo.ch/eng/politics/digital-democracy_e-voting-suffers-another-setback-amid-expat-swiss-concerns/45059918)
- [Wikipedia: Electronic voting in Switzerland](https://en.wikipedia.org/wiki/Electronic_voting_in_Switzerland)
- [Library of Congress: Switzerland New Legislation on E-Voting](https://www.loc.gov/item/global-legal-monitor/2022-08-04/switzerland-new-legislation-on-e-voting-trials-enters-into-force/)

</div>