Sep 2024

Corrupted code: exposing fraud tactics in Russian
e-voting system

The first experiments with e-voting in Russia began in 2019. Back then, the main issues were the system's lack of transparency and technical glitches, but by 2024, observers had identified numerous cases of direct fraud: vote manipulation, account theft, result tampering, and others. In this report, Cedar highlights the major risks of e-voting systems using the Russian example.

Research by: Alesya Sokolova

An adapted version of this text in Russian can be read on deg.expert. Read Cedar's research on the history of election fraud in offline voting in Russia here.

Introduction

From September 6 to 8, around 4,000 electoral campaigns of various scales will take place across 83 regions of Russia. The Moscow City Duma elections are of particular interest to public observers, as for the first time, most Muscovites are expected to vote online. Voters will have to submit an application in advance if they want to cast a paper ballot.

Remote electronic voting (REV) has been conducted in Russia since 2019, in elections ranging from local to presidential. However, until now, REV was only an option, with in-person voting at polling stations remaining the default method. The Moscow City Election Commission's decision to limit traditional ballot casting by requiring in-advance applications has sparked criticism among experts. Stanislav Andreichuk, co-chair of the public movement for voters' rights Golos, argues that e-voting is less transparent for public oversight, and its widespread implementation could undermine citizens' trust in election outcomes.

Experiments with electronic voting are taking place in dozens of countries worldwide. In some places, it involves only the use of machines for automatic vote counting at polling stations, while in others, it includes direct online voting. However, universal e-voting in parliamentary or presidential elections remains rare.

For example, online elections are held in Estonia. The source code of Estonia's electronic voting system is open and has been reviewed by numerous international experts. Despite this, the Estonian e-voting system has faced criticism, particularly for the inability to verify the results. E-voting is also used in referendums in some Swiss cantons. However, in 2019, opposition representatives criticised the electronic voting system for its vulnerability to manipulation.

A study by the Open Evidence research centre for the European Commission highlights the following drawbacks of e-voting:

  • Uncontrolled environment, difficulty in ensuring that people vote freely;
  • Risk of cyberattacks on the system with the aim of election manipulation;
  • Risk of cyberattacks on individual voters' devices;
  • Difficulty in guaranteeing at the same time accurate voter identification and secrecy;
  • Voter accounts may be stolen or sold;
  • Difficulty in observing the voting process;
  • Difficulty in recounting votes and verifying election results;
  • Dependence on voters having reliable internet connections;
  • Technical failures and cyberattacks may prevent voters from casting their ballots.

Concerns about interference in online elections or the impact of simple technical glitches on election results are not unfounded. In 2021, the results of local elections in the Australian state of New South Wales had to be annulled because some voters were unable to cast their votes due to problems with the online voting platform. Although only about 150 voters were affected, the High Court of Australia determined that their votes could have influenced the election results. As a result, the election was rerun without the use of the electronic system. The German Constitutional Court even banned the use of e-voting machines, arguing that voters without specialised technical skills would not be able to verify the integrity of the voting process.

These are examples from democratic countries. In contrast, Russian courts have never ruled against the use of REV or annulled its results, despite numerous reports of violations that had likely influenced election outcomes. Under the full control of the Russian state apparatus, the REV system complements traditional tools of fraud, such as "analog" ballot falsification and protocol tampering, but proving electronic violations is much more difficult. However, it is easier to track each individual vote in case someone needs to check the effectiveness of "directive" voting by dependent voters.

In this text, we explore the key risks of electronic voting systems by examining the violations of voters' rights during the short history of REV in Russia. We investigate the system's technical vulnerabilities that open up opportunities for fraud, as well as the analytical methods still available to observers despite the system's opacity.

2019

The REV system was developed within six months by the Moscow Department of Information Technology (DIT) in collaboration with Kaspersky Lab, with the final test conducted just two weeks before the elections. The introduction of REV faced criticism from technical experts due to vulnerabilities and the lack of adequate monitoring tools.

REV was implemented in three out of 45 electoral districts during the Moscow City Duma elections. In one of the test districts, online voting reversed the results in favour of a pro-government candidate.

2020

The first large-scale test of REV took place during the vote on constitutional amendments, with the system being used in Moscow and the Nizhny Novgorod region. A total of 1.19 million people participated in the e-voting. Journalists discovered tens of thousands of elderly voters’ accounts on the voter lists, raising concerns that these accounts could have been used for electronic voting without the account holders' knowledge.

2021

In the State Duma elections in Moscow, REV reversed the results in 8 out of 15 districts: independent candidates were leading based on paper ballots, but after accounting for electronic votes, pro-government candidates emerged victorious. Anomalies indicating vote rigging were detected during the analysis of voting dynamics. The rigging was facilitated by a revote mechanism.

For the first time, the federal REV system, developed by the Russian telecommunications company Rostelecom, was used in six regions, while Moscow retained its own platform.

2022

The source code of the system was no longer made publicly available. The revote option was eliminated, but significant changes were made to the system, making it easier to manipulate and reducing transparency.

During the municipal elections in Moscow, 72% of ballots were submitted via REV. Vote manipulation was observed in the voting dynamics graphs, lasting for over a day and a half. Interestingly, the manipulations did not benefit the United Russia party candidates, possibly in an attempt to restore the reputation of REV.

2023

On the first day of voting in the Moscow mayoral election, there were widespread disruptions lasting several hours, preventing many voters from casting their ballots. The disruptions may have been caused by attempts to manipulate a large number of votes rather than a natural system overload. According to official data, 81.5% of all votes in this election were cast via REV.

2024

In the 2024 presidential election, more voters used the federal REV system than the Moscow one for the first time: around 3.6 million people in Moscow (71% of voters) and 4.4 million in 28 other regions (15%). It was also the first time evidence of vote manipulation was detected in the federal system. In the Moscow election, signs of artificially lowering the results of a candidate supported by the opposition were observed.

1. General lack of transparency

Russia uses two independent e-voting systems: the Moscow system and the federal system. The Moscow system was developed by the Moscow Department of Information Technology (DIT) in collaboration with Kaspersky Lab, while the federal system was developed by the Russian telecommunications company Rostelecom.

In its simplified and idealised form, the operation of REV systems consists of three main stages:

  • The vote cast by the voter on the REV website is encrypted in the browser using a public key.
  • The encrypted vote is recorded in a blockchain database.
  • After the voting ends, the votes are decrypted using a key that is shared among all members of the unified Moscow Election Commission, and the system counts the results.

Until 2021, the operators of both the Moscow and federal e-voting systems partially published their source codes. However, even with open source code, there is no guarantee that the code running on the voting devices is the same as what has been published.

In 2019, the team of independent Moscow City Duma candidate Roman Yuneman, who lost the election due to an anomalous distribution of e-votes, along with expert Evgeny Fedin, found a fragment in the Moscow REV system’s source code that could allow votes to be altered in any way. The DIT claimed this code had not been used in the actual election, but this cannot be verified.

In 2021, it was revealed that the source code did not match the official documentation, and it was also found to have been modified during the actual voting. In addition to the publicly accessible database, programmer Petr Zhizhin discovered a second, non-public blockchain. The existence of this second ledger was later confirmed by the DIT’s technical team. Zhizhin also found an unprotected table with recorded votes and corresponding encryption logs, which could allow election organisers to easily identify each specific vote.

After the 2021 scandal, the source code of the Moscow and federal REV systems was no longer made publicly available. Since then, analysts have had to infer changes made to the REV system based on the data that the browser sends to the REV system during voting.

Until 2022, a voter in the Moscow e-voting system could verify that their vote was correctly recorded, though doing so required technical expertise. In 2022, a feature allowing voters to verify their votes was added to the interface, but it was made optional — to use it, the voter must check the checkbox. This allows fraudsters to alter the votes of those who do not request verification without risk of being caught. As to the federal REV system, it does not provide any option for voters to verify that their votes were recorded correctly at all.

While the votes remain encrypted, it is impossible to see who voted for whom. To verify a vote, a voter would need to find their encrypted vote in the database using its unique address. This vote could then be decrypted using a key held by the election commission members. The key is only made publicly available after the voting ends.

However, the REV website interface did not provide voters with access to the address of their encrypted vote. The only way to obtain it was to open the developer tools in the browser before voting, cast the vote, and then find the ballot’s address in the page’s code. The address could then be used in the verification interface. Naturally, very few voters used this method.

Since 2022, vote verification has become available only by request. Previously, this process was technically challenging but did not reveal to the election organisers which voters had checked their votes. Now, voters must check a box located at the bottom of the page in small print to request verification. This makes it easier for interested voters to verify their votes, but it also gives election organisers information about who has used this function. They can use this data to carry out more subtle manipulations by not altering the votes of those who requested verification while altering the votes of others.

Tracking the dynamics of electronic voting is the primary method for analysing potential manipulations in Russia's REV system. The blockchain archive containing data from the Moscow REV, including decrypted votes, was available for anyone to download. Additionally, before 2021, observers could independently decrypt the votes recorded in the Moscow REV to verify their accuracy. However, starting in 2021, the system was altered — only DIT could decrypt the votes, making independent verification of the decryption process impossible. In the federal system, only information on the total number of votes cast is available.

To analyse the Moscow e-voting, a public snapshot of the database containing encrypted votes and their timestamps could be downloaded from the official observer website (observer.mos.ru) after electronic elections. Before 2021, these votes could be decrypted using a publicly available key, allowing observers to see who voted for whom.

Typically, analysts would then plot the voting dynamics aggregated over time intervals (e.g., 5-minute or 30-minute intervals). This could reveal anomalies indicative of glitches or manipulations.

In 2021, a separate, non-public blockchain database was implemented to facilitate re-voting, which made independent decryption of votes impossible — analysts had to rely on the decrypted data provided by DIT.

In 2022, the re-voting option was removed from the Moscow REV, and DIT discontinued the use of the non-public blockchain. However, this did not improve transparency. A new layer of encryption was introduced: beyond the standard key available to the commission and observers, each vote is now also encrypted with a key accessible only to DIT. As a result, independent decryption of votes and verification of their correct counting remains impossible.

Data from the federal e-voting system can be analysed similarly. The key differences are that the federal REV observer portal is not publicly accessible, and only registered REV observers can download data (which are then shared with analysts and journalists). Additionally, due to the use of "homomorphic encryption" that prevents the decryption of individual votes, it is impossible to obtain information on the voting dynamics for specific candidates.

2. Vote swapping

Re-voting as a mechanism for electoral fraud

In the opaque environment of REV in Russia, the election organisers can modify the voting software to manipulate election results, for example by swapping the votes. The first evidence of such fraud emerged during the 2021 State Duma elections.

During these elections, about half of all Moscow voters participated electronically. REV flipped the results in eight out of 15 single-member districts — while opposition candidates were leading based on paper ballots, after the electronic votes were counted, the ruling party, United Russia, secured victory, leaving no mandates for the opposition.

Serious suspicions of fraud arose even before the results were published — counting 1.9 million electronic votes took an unusually long time, almost a full day. By comparison, the results of the 2020 e-vote on constitutional amendments were announced in less than an hour, even though there were only 700,000 fewer voters.

The head of Moscow's election observation headquarters, Alexei Venediktov, who was also the editor-in-chief of the radio station Echo of Moscow, claimed that the delay was due to the processing of votes cast during re-voting. According to Venediktov, the re-voting feature was introduced to reduce the possibility of voter coercion: after initially supporting a government-backed candidate under pressure, individuals could later change their choice, even multiple times. However, as it was later revealed, this mechanism was actually used for fraud. Neither before nor after the 2021 Moscow State Duma elections was the re-voting mechanism included in REV. This was the first and only time it was ever used.

When analysing the voting dynamics in Moscow, journalists from IStories noticed an anomaly — on the last day of voting, from exactly 2 a.m. to 4 p.m., the share of votes for United Russia sharply increased, then returned to its previous level. This rise and fall happened almost instantaneously, within a few minutes, and the pattern was identical across all 15 electoral districts. Explaining such an anomaly through natural processes is extremely difficult; the most likely explanation is deliberate vote manipulation through the use of software.

According to Novaya Gazeta, a similar pattern was observed in the voting for single-mandate candidates from United Russia. The key difference was that the noticeable spike in the graph lasted until 2 p.m. instead of 4 p.m. Even if we assume this voting pattern was due to natural causes, the discrepancy between voting dynamics for party lists and single-mandate candidates is suspicious in itself. If a voter supports a party, it is reasonable to expect they would also support individual candidates from that party. For most of the time, the share of votes for the same party in party lists and single-mandate districts is indeed proportional. However, REV statistics show that for two hours, voters actively supported United Russia, but did not vote for individual candidates from the party. This could indicate that the vote manipulation algorithm for party lists operated for two hours longer.

Both in party voting and for single-mandate candidates, United Russia experienced a synchronised drop in results from 12:20 p.m. to 1:00 p.m. During this time, the manipulation algorithms seem to have paused for some reason, which the media referred to as a "lunch break."

In response to the criticism, the e-voting verification team attributed the surge in votes for United Russia to mass SMS campaigns and other mobilisation efforts. While increased voter activity due to SMS campaigns is noticeable, it does not account for the observed multi-hour anomalies.

The specific mechanisms behind these manipulations were uncovered relatively quickly. It turned out that the re-voting mechanism was used for these manipulations. According to official statistics, during the night from Saturday to Sunday, around half of all voters who initially supported alternative candidates changed their votes to favour the United Russia candidates.

The abnormal period of re-voting started and ended as abruptly as the influx of anomalous votes for United Russia. It is difficult to imagine natural causes that would prompt voters to change their votes during this specific time frame and particularly from opposition candidates.

Information about how each vote was cast cannot be known until the votes are decrypted and the election results are finalised. At least, this was suggested by the public information about REV’s protocol. However, in reality, re-voting did not occur randomly — votes were taken away from opposition candidates much more frequently than from pro-government ones. According to Novaya Gazeta's calculations, such a distribution could only occur if the fraudsters had information about the destination of each vote before the decryption.

Vote swapping without re-voting

In 2022, the re-voting mechanism used for manipulating votes was abolished. However, other technical changes were introduced that allowed for vote tampering. Identifiers for the same candidates now differ for various voters. For example, if both you and your friend voted for a hypothetical candidate A, your vote would be recorded as being for candidate number 1234, while your friend's vote would be recorded for candidate number 5678. To determine the actual candidate, e-voting matches these identifiers with an internal, unpublished table. Technically, there is nothing preventing REV staff from altering this table after the decryption if it turns out that there are insufficient votes for the "desired" candidate.

It appears that this mechanism was used for tampering, but in a highly unconventional manner. In many districts, there were 1-2 candidates with an unusually high percentage of electronic votes. For instance, if other candidates in a district received 50-60% of the votes through REV, these anomalous candidates might receive 80-90%. These anomalous candidates were not typically from United Russia or the mayoral program My District, nor were they from the opposition Smart Voting. More often, these were candidates with initially low chances of winning who ended up losing in the final tally.

The anomaly is particularly evident on the timeline — electronic votes suddenly concentrated on certain candidates during the time interval from 3:50 p.m. on the first day of voting to 2:40 a.m. on the last day, while during other periods, the votes remained at a lower level. It is difficult to imagine a scenario where voters for an unpopular candidate would coordinate and vote uniformly over a period of one and a half days, especially right after a "system failure," and then show no interest at other times.

As in 2021, the vote manipulation occurred suddenly and in a step-like fashion. The duration of the “steps” in 2022 was significantly extended — the manipulations did not stop for one and a half days. They began after a “failure” in the system, during which votes were not recorded for approximately 20 minutes. This “failure” was likely associated with the initiation of the vote tampering program.

Observers and candidates took note of the anomaly. Dariya Bagina, a representative from the Communist Party who won in the Akademicheskiy District, publicly refused to acknowledge the election results in her district and questioned the legitimacy of the parliamentary mandate she received, given the influence of anomalous electronic votes.

The reasons behind such tampering are unclear. According to the report made by Golos, the tamperers may have aimed to demonstrate that candidates other than those from United Russia could win through e-voting. Errors in the tampering algorithm are also possible — perhaps the intention was to manipulate votes for other candidates, but the algorithm malfunctioned.

Given that no obvious anomalies in the total number of votes are noticeable, it is plausible that tampering was achieved through substitution. However, direct ballot falsifications cannot be ruled out: nothing prevented tamperers from writing an algorithm that would falsify votes proportionally to actual turnout.

During the 2024 presidential elections, vote substitution may have also been used in Moscow’s e-voting. This is suggested by the unusual dynamics in the results for Vladislav Davankov — a state-backed candidate who was supported by some opposition figures due to his relatively less aggressive public stance on the war in Ukraine.

At exactly four o’clock in the morning on Sunday (the last day of voting), the percentage of votes for Davankov in Moscow’s REV sharply increased. Simultaneously, the rate of incoming votes for all other candidates dropped dramatically, especially in comparison to similar moments on other voting days. Such dynamics would be possible if, until four o'clock in the morning, some votes for Davankov were not counted or were attributed to another candidate. Then, at four a.m., the "tampering machine" might have been turned off, as this timing would be the most inconspicuous — given that few people vote at night, and a sudden spike would not be expected. This would also explain the nearly perfectly stable curves up until Sunday, followed by their abrupt change.

3. Theft of voter accounts

During the voting on constitutional amendments in 2020, journalists from Russia’s independent channel TV Rain discovered that in Moscow, unknown individuals had been mass-registering accounts by using the passport details of pensioners on the mos.ru platform to involve them in online voting. These registrations were facilitated using pre-purchased SIM cards. The exact number of such accounts is unknown, but estimates from TV Rain suggest that it involved tens of thousands.

Following the publication by TV Rain, DIT announced the exclusion of 24,000 suspicious accounts from voting. Some of these could have been among those reported by journalists. However, verifying this is challenging due to the cumbersome nature of working with voter lists.

The comprehensive list of voters registered for e-voting is accessible only to DIT, while separate lists broken down by polling stations are available to the respective district electoral commissions. Violations could be detected either by manually calling voters from the lists for each district (available only to registered observers) or by chance — if a voter showed up at the polling station and unexpectedly found themselves registered for e-voting. Such cases occurred, but their total number remains unknown. It is also impossible to prove whether this was deliberate tampering or an error. The lack of clear control mechanisms over the voter list also led to the opposite issue: some citizens managed to vote twice — once at the polling station and once electronically.

In practice, the available voter lists and the statistics provided by the Central Election Commission (CEC) only limited the extent of vote tampering in REV. The CEC website published the total number of voters registered for e-voting in each district — the only criteria for verification was whether this number matched the total number of votes cast electronically. The CEC’s open data did not provide means to verify the authenticity of registrations and voting of actual users in REV.

Thus, it was impossible to verify that only real people registered themselves for e-voting. Moreover, it was also impossible to check whether the incoming votes were linked to real voter accounts in REV.

On June 30, eight days before the elections, the passport data of all REV voters — 1.19 million people — was leaked online. Journalists from TV Rain again discovered suspicious accounts in this database that they had previously reported.

4. Ballot stuffing

Manipulations in the Moscow system

Ballot stuffing in the REV system does not necessarily require manually registering real people, as might have been the case in 2020. The inability to verify the votes cast in e-voting opens up opportunities for purely programmatic ballot stuffing.

This manipulation became easier with the introduction of electronic voter lists (EVL) in Moscow in 2022. Paper lists were not very convenient but still provided a transparent tool for monitoring. The electronic list, however, is impossible to verify.

The EVL system automatically tracks who has voted via e-voting. If such a voter goes to a polling station, the system informs the district election commission staff that the voter has already cast their vote. Ensuring that all REV voters are real people is now practically impossible since the list of e-voters has been removed from public access.

Previously, e-voting required in-advance registration, and fraudsters could not stuff REV with more votes than the number of registered voters. With the introduction of EVL and the elimination of registration, this limitation was also removed.

It is possible that in 2022, manipulations were not only achieved through vote substitution but also through such programmatic ballot stuffing. This is indicated by the unusually high turnout for municipal elections: in 2022, it averaged 33.9% of the population across all districts of Moscow, with 72% of ballots cast through REV. In 2017, during a much more competitive election campaign, turnout was only 14.8%. As with previous elections, in 2022 there were also instances where voters were told at the polling stations that they had already voted online. The hypothesis of ballot stuffing is supported by sociological data — according to a survey conducted by Russian Field, only 55% of Muscovites voted electronically.

Ballot stuffing could also have been applied during the 2023 Moscow mayoral elections. The first half of the first day of voting was marred by widespread system failures. Analysis of the voting dynamics suggests that the failures in REV’s technical infrastructure were directly linked to the operation of the vote-stuffing program. This is indicated by the fact that the result for the incumbent mayor of Moscow, Sergey Sobyanin, fluctuated with the same frequency as the number of ballots arriving during the failure periods. When more ballots were entering the system, Sobyanin’s result increased; when fewer, it decreased.

During failures, the number of incoming votes showed sharp fluctuations within a 15-minute period. Such fluctuations can occur due to natural system overloads. However, in such cases, the share of votes for Sobyanin should not change. The system should have no way of distinguishing for whom a specific vote is cast, so it should accept or reject votes for Sobyanin and other candidates with equal probability. Such fluctuations during failures are observed only for votes cast through remote voting. Votes cast at electronic voting machines on the physical polling stations do not show these fluctuations.

The observed dynamics make sense if we assume that the manipulation algorithm was attempting to load too many votes for Sobyanin simultaneously, periodically stopping due to overload. During the algorithm’s downtime, a small number of real voters who managed to vote despite the failure continued to enter the system, resulting in a lower tally for Sobyanin. If this explanation is correct, manipulations were applied from the very start of the voting. As far as we know, this anomaly has remained unnoticed so far.

Manipulations in the federal system

The federal e-voting system was first used in 2020. During those elections and subsequent ones, the system did not attract significant attention. Its scale was smaller, and there were fewer opportunities to analyse it. However, the 2024 elections provided serious grounds to believe that ballot stuffing through e-voting also occurred at the federal level.

In almost all regions, the maximum number of voters cast their votes in the first minute of the voting period. Even considering the unprecedented pressure on public sector workers, who were coerced into voting via REV on Friday morning, it would be physically impossible for them to vote at such a rapid pace. Given the multiple steps required on the Gosuslugi website to obtain an electronic ballot — pressing at least two buttons, reviewing and agreeing to terms, marking two checkboxes, pressing "confirm," receiving and entering an SMS code, pressing "send," then "continue," waiting for the generation of a personal encryption code, and finally pressing "continue" again — voting at such speed is implausible. In comparison, in Moscow, the peak voting time was not exactly at 9:00 a.m. but at 9:08 a.m.

On the second day of voting, for five hours, voters across all regions with e-voting exhibited a uniform voting pattern to the minute, regardless of the time zone. There are no natural reasons for such uniformity, especially given the complex overall patterns: a sharp rise at 9:30 a.m., two sharp peaks immediately afterwards, a sharp drop at 12:00 p.m., and then at 4:15 p.m. These patterns could be explained by intensive, coordinated multi-hour calls to vote. Alternatively, it could be that at 9:30 a.m. Moscow time, all regions activated vote stuffing using the same algorithm.

Such stuffing could have been conducted through "dead souls" added either via Gosuslugi or directly by employees of Rostelecom, who operate the e-voting system. Officially, the total number of registered voters on the federal REV is compiled from lists at each polling station and then published on the Central Election Commission CEC website. Thus, to keep manipulations unnoticed, it would be necessary to stuff only a small number of votes (up to 1-2% of the total number of e-voters) so that the total number of votes does not exceed the number of registered e-voters. Alternatively, manipulations with the lists themselves could be carried out: registering voters on REV without their knowledge or adding non-existent people to the lists.

Observers could only detect anomalies in the lists at polling stations. However, physically checking all voter lists was challenging — access was provided only during the voting period. Given that independent observation at polling stations was virtually impossible in 2024, there was no one to do this. Nevertheless, there were instances where the number of e-voters listed on the CEC website did not match the number on the station lists. The accounts of these individuals could have been used for stuffing.

After the elections, analyst Ivan Shukshin compared the list of REV-registered voters on the CEC website with the total number of REV-registered voters from all polling station lists. It turned out that the CEC website listed 4,767,993 voters, while the polling stations had 4,462,208. Nearly one in ten polling stations (7.9%) did not even publish voter lists. Some of the 300,000+ unaccounted voters at polling stations might have been used as "dead souls" for voting, but errors by commissions in entering data on the website or concealment of this data for other purposes cannot be ruled out. In any case, the organisers of the election did not bother to calibrate the voter databases, although the discrepancy raises obvious suspicions of manipulation.

Observer Viktor Tolstoguzov also noted a discrepancy between the number of voters in the REV database (not to be confused with the total number of REV voters at polling stations counted by Ivan Shukshin) and on the CEC website, where there were 211,000 more voters. The number of votes cast in these databases matched. It is unclear whether this discrepancy is the result of a technical error in forming the REV database or evidence of manipulation.

5. Technical failures

In 2019, during the first use of REV in Russia, the results of e-voting drastically differed from those at physical polling stations. Pro-government candidates received significantly higher results online. In one of the three test districts, after counting paper ballots, independent candidate Roman Yuneman was the leading candidate. However, when electronic votes were included, the victory went to United Russia party member Margarita Rusetskaya. The margin between the candidates was only 84 votes, with 2,371 voters participating in the remote voting.

Technical failures during the voting could have seriously affected its outcome. The system was inoperative for more than 30% of the voting time. According to a report by Yuneman's team, a representative from DIT admitted in a private conversation that 944 people were unable to receive ballots during the downtime. Some managed to vote later, but according to the report's estimates, 218 voters remained without ballots. Some users could not vote even after receiving their ballots. More than 70 citizens contacted Yuneman's campaign with technical problems when trying to vote, and three of them later confirmed their statements in court. Given Yuneman's narrow margin of only 84 votes, the absence of technical failures might have changed the election outcome.

Similar issues have been reported at almost every REV election. For example, in 2023, due to problems with EVL, many Muscovites could not vote either online or at the polling stations for half of the first day of voting. Many voters did not receive the SMS required for verification in online voting. Others were denied access at polling stations because their votes had supposedly already been counted in REV. Delays in tallying the results were also attributed to technical failures of REV, during which many district election commissions lacked access to the system. As noted above, these failures could have been caused by vote-manipulation programs; however, even without direct fraud, the inability to vote violates voters' rights.

In the same year, significant failures were also recorded in the federal e-voting system in at least two regions. In the Nenets Autonomous Okrug, some voters received only one "electronic" ballot instead of two (one for party lists and one for single-member districts). To address the problem, voting was suspended for two hours. In the Novosibirsk region, the Communist Party of the Russian Federation (CPRF) reported that not all voters could vote for their candidate on the first attempt. Olga Blago, head of the regional election commission, confirmed the problem, noting that the organising commission could not resolve it as it did not control the system's operations.

In the 2024 presidential elections, e-voting observer Viktor Tolstoguzov estimated that up to 3% of ballots submitted to the federal REV system might have been uncounted due to technical failures.

6. Coercion of voters

The introduction of e-voting has only strengthened the control over dependent voters — a chronic issue within the Russian electoral system. With online voting, ensuring that a controlled voter actually casts their vote, and for the desired candidate, is even simpler than in traditional paper-based elections.

According to a report by the Yuneman team, at least 53% of voters in the 30th district were employees of state enterprises. The report includes personal testimonies from voters who were coerced by their supervisors. Survey data collected by the report authors indicate that most voters believe their supervisors and/or executive authorities are aware of how they voted. Prior to the elections, many new users registered on the voting portal during working hours, which may indicate widespread pressure.

Evidence of voter pressure is also apparent in the voting dynamics of REV across all elections held in Russia. For instance, during the 2024 presidential election in Moscow's e-voting, a peak at 9 a.m. on Friday seems to reflect unprecedented coercion of civil servants and people who work at state-funded organisations. The peak rises gradually and reaches its maximum around 9:08 a.m. The fact that the peak does not occur precisely at 9 a.m. suggests its real nature: people needed some time to vote under duress.

Small, similar peaks overlaying the main peak are also visible at 10, 11, 12, and 2 p.m., indicating that employees in different organisations were pressured to vote at different times. The overwhelming majority of votes on Friday appear to have been cast under pressure, which undermines the trustworthiness of REV results even if all other possible violations are excluded.

A distinct peak exactly at 1 p.m. on Friday stands out on the graph. Unlike the aforementioned "natural peaks," this peak rises abruptly and reaches its maximum precisely at 1:00 p.m. This suggests an unnatural pattern, which could be indicative of possible vote tampering or technical failures.

Conclusion

As the coverage of e-voting expanded — from initial experiments in select districts of Moscow to the implementation of a federal online voting system across dozens of regions — the scale of manipulations within the system also grew. While the proven violations in 2019 were more about systematic glitches than direct vote rigging, by 2021, the algorithm for vote tampering was in operation for several hours. In 2022, it ran for nearly a day and a half, and in 2024, the algorithm for inflating votes in Moscow's REV system appeared to be active from the start, running for two of the three voting days. In 2024, compelling evidence of fraud was discovered for the first time in the federal REV system as well.

Each year, the manipulation algorithms in REV become more sophisticated. In 2021, votes for pro-government candidates were inflated during a specific time window, making the fraud easy to detect. By 2022, votes were added not for ruling party candidates, but for random, unpopular ones. In the 2023 elections, manipulations were detected solely due to system overloads. In the 2024 elections, only indirect evidence points to fraud, making it difficult to conclusively interpret.

It is likely that violations will become more frequent, while detecting them will become more challenging. The design of the REV system does not allow for indisputable direct evidence of fraud. Unlike "paper" elections, where falsifications can be captured on video, such a possibility does not exist in REV — observers and analysts must rely solely on indirect evidence.

However, it is still possible to analyse the REV system and search for indirect signs of violations using the fragments of information available to observers. While such analysis does not provide a complete picture, it remains the only way for the public to learn that the state is violating electoral rights through electronic voting.

The examples of manipulation presented in this text give the expert community an opportunity to better understand the risks that the mass transition to online voting poses, especially in a non-transparent electoral system. We hope that the Russian experience will at least help to prepare for them.

We would like to thank Petr Zhizhin, Alexander Isavnin, Roman Udot, and other e-voting experts for their technical consultations and assistance in preparing the data.

We and selected third parties use cookies or similar technologies for technical purposes and, with your consent, for other purposes. Use the “Accept all” button to consent. Use the “Decline all” button to continue without accepting.