Examination of systems

The procurement of e-voting systems is the responsibility of the cantons. They can either operate their own system, use that of another canton or call in a private company as before (art. 27k^bis para. 1 let. b PoRO). The Confederation sets the regulatory framework and authorises e-voting trials.

Under federal law, only completely verifiable e-voting systems that meet the following examination and transparency requirements will be approved:

Independent examination commissioned by the Confederation: E-voting systems and their operation will be subject to an independent examination commissioned by the Confederation (Art. 27l PoRO and Art. 10 OEV in conjunction with No 26 of the Annex to the OEV). This addresses the need for an effective review of whether the requirements under federal law have been met and of whether risk-minimising measures are effective, as well as identifying potential for improvement.
Publication of information on the system and its operation: The cantons must ensure that comprehensive information on the system and its operation is published; this includes in particular the source code and the documentation (Art. 27l^bis PoRO and Art. 11-12 OEV).
Public scrutiny: The public and experts will be involved in improving e-voting systems (Art. 27l^ter PoRO). In particular, the cantons are to offer a permanent bug bounty programme (Art. 13 OEV).

Examination of Swiss Post system with complete verifiability

Since July 2021, the Federal Chancellery is commissioning independent examinations of the Swiss Post e-voting system offering complete verifiability and its operation. Experts from academia and industry are commissioned to conduct the examinations covering four areas: the cryptographic protocol of the system (Scope 1), the software to be used (Scope 2), the infrastructure and operations at Swiss Post and the cantons (Scope 3), and an intrusion test that the system must undergo (Scope 4).