A recent study conducted by the cybersecurity company Comparitech has shown that globally nearly 61 per cent of all politicians don’t use industry standard security certificates on their websites. Canada, as a whole is comparatively atrocious on this front. The study found that when looking at the major party’s websites, a whopping 86.25 per cent of websites did not meet current standards. To put that in an academic context, for students, an 86.25 would be considered an “A” grade. It can be said then that Canadian politicians receive an A, but for these purposes it represents “awful.”
The Green Party had a shocking 100 per cent of their website or affiliate websites that did not feature an SSL certificate, commonly identified as an “HTTPS” prefix before the website address, as opposed to an unsecured “HTTP” prefix. Coming in second was the NDP with 95.12 per cent of websites not having a valid SSL certificate. The party that had the highest amount of coverage was the Conservative Party of Canada with 68.89 per cent of relevant pages unsecured. Even the party most covered still had well over half of their websites unsecure.
This information is particularly disturbing considering that there is an imminent federal election fast approaching. Couple this with the barrage of allegations our neighbours to the south have been hurling at one another about cybersecurity during the last election cycle.
Whether those accusations were accurate or not is irrelevant considering the impact it had in the election for the Democrats, with unsecured email servers and the subsequent special counsel investigations being launched at the Republicans. It is now on the record that there is the potential for cyber interference, or at the very least, the ability for hackers to access Canadian’s information that have registered on a politicians website for donations or newsletters.
According to Global Sign, a separate cybersecurity company, an SSL and HTTPS prefix is important because “SSL certificates are small data files that digitally bind a cryptographic key to an organization’s details.” When installed on a web server, it activates the padlock and the HTTPS protocol and allows secure connections from a web server to a browser.
It is important for any website that retrieves information from site visitors to have an SSL certificate because it provides an extra layer of protection against people that may be trying to access their stored information.
“HTTPS encrypts data in transit so that unauthorized third parties cannot intercept and decipher it. Valid SSL certificates also authenticate websites, helping to ensure voters that they’re on the politician’s genuine site and not a fraudulent one,” Paul Bischoff of Comparitech wrote in the study.
SSLs are especially easy to obtain in our modern technological era so there is no excuse for politicians not to have one on a website that collects information from the public. Hopefully, this study will spur Canadian politicians to take action in protecting their data, as well as ours.
You can find the Comparitech study here.