South African Electoral Commission’s mobile app for voters: Data privacy and security dimensions
In 2014, the Electoral Commission of South Africa (also known the “IEC”) launched a mobile app to support voter participation in electoral processes. The app, called IEC South Africa, can be used to verify, update, and confirm a voter’s registration details and voting station. It also provides an i...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
LINK Centre, School of Literature Language and Media (SLLM)
2024-12-01
|
| Series: | The African Journal of Information and Communication |
| Subjects: | |
| Online Access: | https://ajic.wits.ac.za/article/view/18132 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In 2014, the Electoral Commission of South Africa (also known the “IEC”) launched a mobile app to support voter participation in electoral processes. The app, called IEC South Africa, can be used to verify, update, and confirm a voter’s registration details and voting station. It also provides an interface for special-vote applications and real-time election results. This study conducted a privacy and security analysis of the app, through a compliance review of the IEC’s privacy policy in terms of the South African data protection legislation, followed by an analysis of the app’s APK files, permissions, third-party trackers, and vulnerabilities, including API (application programming interface) calls. The analysis revealed several security and privacy concerns, including inadequately secured API keys, the potential for unauthorised access, and the potential for data breaches. In addition, the presence of advertising and analytics trackers suggested third-party data-sharing, raising concerns about transparency and user consent. The study draws attention to the need for the IEC to take action to address the app’s security and privacy weaknesses. The study also demonstrates the importance of data minimisation, transparent practices, and adherence to privacy policies in order to maintain user trust and security in electoral technology.
|
|---|---|
| ISSN: | 2077-7205 2077-7213 |