MPs fiddled with voter ID as electoral data security burned – Source: www.theguardian.com

It turns out that while Conservative ministers were spending hours of parliamentary time in 2021-22 introducing requirements for voters to produce ID at polling stations – to protect elections against a threat most experts believed was negligible – the Electoral Commission was being hacked by “hostile actors”.

These hackers, who have not been identified and whose motivations are unclear, were able to access the data, such as home addresses, of millions of voters, many of whom choose not to make that information publicly available.

It took the commission – the body charged with upholding the integrity of the election system – almost a year to announce the breach; a delay it explained by saying it needed to “remove the actors and their access to our system” and put extra security in place, before going public.

The commission’s chief executive, Shaun McNally, is correct when he says accessing the electoral register is a long way from being able to directly influence a poll. In the UK, there are no electronic voting machines to hack – voting is still done with pencil and paper, and counting takes place in town halls under the beady eyes of party observers.

As McNally put it: “The UK’s democratic process is significantly dispersed and key aspects of it remain based on paper documentation and counting. This means it would be very hard to use a cyber-attack to influence the process.”

But there may be many forms of influence available short of directly tampering with voting outcomes.

Before Donald Trump won the 2016 US presidential election, the idea that “hostile actors” might succeed in interfering in the democratic process in a mature liberal democracy might have seemed fanciful. But social media has made the public realm increasingly disparate and porous; and a series of painstaking investigations have exposed the role of Russian trolls and bots in boosting Trump and, to some extent, in promoting the cause of Brexit, a few months earlier.

The contemporary historian Timothy Snyder suggested in his book The Road to Unfreedom that Russia’s aim in that presidential campaign was not just to propel a Kremlin-friendly candidate into the White House, but to undermine US democracy altogether.

“Russia’s intervention in the 2016 US election was not just an attempt to get a certain person elected. It was also the application of pressure to the structure,” he wrote.

It is unclear whether Russia or some other “hostile actor” was responsible for viewing UK electors’ data, but the news comes at a time when public confidence in democracy and the rule of law feels shakier than it has for many years.

The wrangle over the meaning of the Brexit vote left many electors feeling their views had been sidelined, while pandemic lockdowns fed a growth of anti-authority conspiracy theories, online and beyond.

Watching Boris Johnson flout one constitutional convention after another and ennobling his mates (including the son of a former KGB spy) before raking in millions in speaking fees, seems unlikely to have helped either.

So the news of the hack on Tuesday was a salutary reminder of the importance of strengthening and protecting the democratic system, with the next general election likely to be little more than a year away.

Yet the same Elections Act that introduced voter ID earlier this year also undermined the political independence of the Electoral Commission by creating a power for the government to introduce a “strategy and policy statement” to set its direction.

The government’s ID rules, introduced to tackle the vanishingly rare crime of voter impersonation, resulted in 14,000 people being turned away from polling stations in May’s local elections, and potentially hundreds of thousands more staying at home.

Tuesday’s news suggests more pressing threats to British democracy may lie elsewhere.