Online misinformation and cyberattacks could have a detrimental effect on the Irish democratic process, according to a new report.

The unsteady nature of global democracy has been in the spotlight for a couple of years now, as digital interference, ‘fake news’, debilitating nation-state cyberattacks and other incidents show a world in flux. Governments around the world are examining their own risks in an effort to preserve democratic integrity and the public’s trust in the processes surrounding it.

Ireland, though a small nation, is no stranger to online manipulation of political processes on a large scale. Only in May did we vote on a referendum marred by digital controversies, from ill-informed adverts to a full-on DDoS attack.

In response to the referendum earlier this year, as well as general concern about global politics and the internet’s growing role, the Department of the Taoiseach has published the First Report of the Interdepartmental Group on Security of Ireland’s Electoral Process and Disinformation.

How should we control disinformation?

The report was recommended following the consideration of a bill dealing with online ads and social media transparency from Fianna Fáil technology spokesperson James Lawless, TD, in 2017.

It found that the spread of so-called fake news poses a “high risk” to elections in Ireland, and advertising purchased by foreign sources is also a major concern. There is not enough transparency at present around the real source of ad sponsorship or audience targeting.

The lack of limitations in terms of digital campaign spending is also a worry, according to the report. It said digital platforms “present particular risk in relation to disinformation and deliberate bias”.

The traditional electoral system infrastructure (register of electors, polling and counting of votes, print and broadcast media) is quite low-risk, the report added.

Cyberattack risk a real threat

Cyberattacks are a medium-level risk, the report found.

DDoS attacks and website defacement risks were mentioned, as well as the digital manipulation of the Electoral Register or data exfiltration allowing for the theft of confidential Government data.

What did the report recommend?

To mitigate the risks here, the report recommended that the National Cyber Security Centre (NCSC) continue to interact with international bodies and advise on outside interference. It also advised the NCSC to educate politicians and parties about good cybersecurity practices.

The report recommended that the establishment of an Electoral Commission be expedited and the voter registration process be modernised. The EU must also be supported in terms of its battle against online disinformation, with a common code of practice tabled by the European Commission on the cards, as well as a network of fact-checkers across the EU.

Furthermore, the report advised on the regulation of online political advertising and reformation of legislation around election and referendum funding, but no timeline was provided for these changes to be made. Media literacy initiatives in schools were cited as an option.

Lawless welcomed the report, but criticised the absence of a timeline in terms of prioritising and implementing its recommendations. “They [the Government] don’t seem to take into account the seriousness of the threat posed by external interference in our democratic process.

“It feeds into the general lack of urgency that the Government has shown towards dealing with fake news. For example, we were promised a new Electoral Commission in 2011 which still has not been delivered.”

Ballot box in a polling station. Image: zixia/Shutterstock