How Civic Internet & Telephone Voting Compares

Purpose-built for Municipal Elections Act, 1996 (s.42) alternative voting methods — ballot design, candidate randomization, ward-based eligibility, school board support, and multi-channel double-voting prevention are native.

Paper-based elections with manual processes. Internet/telephone voting requires procurement of separate vendor solution with limited municipal customization.

General-purpose voting platforms designed for surveys, polls, or corporate elections. Municipal election compliance (MEA, AODA, MFIPPA) requires extensive customization.

Full source code licence — perpetual software asset your municipality owns and controls. No recurring SaaS subscription. No per-election fees. Optional managed hosting and support.

Per-election vendor contracts with significant recurring costs. No source code access. Vendor lock-in. Municipal has no control over election infrastructure between elections.

SaaS subscription with per-elector or per-election pricing. No source code access. Vendor dependency for every election cycle. Exit costs and migration challenges.

Cryptographic ballot separation mathematically guarantees no linkage between voter identity and ballot choices. Multi-custodian key management. Ballot mixing before decryption. Independently verifiable by third-party auditors.

Paper ballot secrecy depends on physical processes — ballot boxes, folding, counting procedures. Verifiable but labour-intensive.

Varies significantly by vendor. Many lack cryptographic ballot separation. Audit trail may link voter to ballot. Independent verification not always available.

Full provision for independent third-party audit before, during, and after election. Blockchain audit trail with cryptographic proof. Voter-verifiable receipts. Source code available for review.

Physical ballot recounts and observation processes. Labour-intensive but well-established. No cryptographic verification.

Audit capabilities vary. Proprietary systems may not allow independent code review. Cryptographic verification rarely available. Vendor-dependent audit process.

Three integrated voting channels: secure web portal, IVR telephone voting, and accessible kiosks — all synchronized against a single voters list in real-time (< 5 second sync). Hybrid election support (internet + telephone + in-person).

Single channel: in-person voting at polling stations. Some jurisdictions offer advance polls. No remote voting option.

Typically web-only or web + email. IVR telephone voting and accessible kiosks rarely offered as integrated channels. Real-time cross-channel sync not standard.

WCAG 2.1 AA verified voting portal. Audio ballot via IVR. Accessible kiosks with paddle switch, sip-and-puff, adjustable height. Assistive technology validation with real users. TTY/TDD. Multi-language support.

Physical polling station accessibility varies. DRE machines may be available but are expensive. Assistive technology support is inconsistent. Audio ballot via companion requires trust.

Web accessibility varies by platform. Most lack IVR telephone voting and accessible kiosk options. Assistive technology compatibility rarely validated with real users.

End-to-end encryption, DDoS protection with traffic scrubbing, ML anomaly detection, blockchain audit trail, risk-based authentication, multi-region deployment, and load testing at 5× peak volume.

Physical security (locked ballot boxes, chain of custody). No cyber threat surface but vulnerable to physical manipulation. No real-time monitoring.

Security varies significantly. Few provide ML anomaly detection, blockchain audit trails, or DDoS protection designed for election-grade availability (99.99%).

All voter data, encrypted ballots, and audit records stored exclusively in Canadian data centres (Ontario + Québec). Contractually guaranteed. Source code licence enables on-premises deployment.

Data remains in-jurisdiction (physical ballots stored locally). No cross-border concerns.

Canadian hosting may be available but not guaranteed. Sub-processors may access data from outside Canada. Encrypted ballot storage location policies vary.

Real-time voters list synchronization across all channels (internet, telephone, kiosk, in-person) with < 5 second latency. Fail-safe design: prevents voting rather than allows potential double vote on sync failure.

Manual voters list strikethrough at polling stations. Cross-location reconciliation at end of day. Gaps during advance poll periods.

Single-channel systems have simple duplicate prevention. Multi-channel real-time sync with fail-safe design is rarely available.

Designed to increase turnout by 10–15 percentage points through 24/7 extended voting period, multiple accessible channels, and removal of geographic and mobility barriers.

Limited by in-person-only access, fixed hours, and geographic constraints. Turnout typically 35–40% for municipal elections.

Web-only voting may increase some turnout but excludes electors without internet access. No telephone or kiosk channels for digitally disadvantaged populations.

Reduces poll worker requirements by 60%. Automated tabulation delivers results within 30 minutes of polls closing. Automated credential generation, voter information letters, and post-election reporting.

Labour-intensive: 200+ poll workers for mid-size municipalities. Manual ballot counting takes hours. Post-election reporting is manual and slow.

Reduces in-person polling requirements. Reporting capabilities vary. Integration with existing election administration systems not always supported.

Source code available for review. Independent third-party audit before, during, and after election. Blockchain audit trail with mathematical proof of integrity. Voter-verifiable receipts. Test election before live election.

Established public trust through familiar physical processes. Transparent counting procedures with observers. Long track record.

Proprietary systems with limited transparency. Source code not available for review. Public confidence depends on vendor reputation. Independent audit capability varies.

One-time source code licence. No per-election recurring fees. No per-elector charges. Optional managed hosting billed separately. Predictable costs from election to election.

Per-election costs: poll workers, venues, ballots, tabulators, supplies. Costs scale linearly with population. Increasing year-over-year.

Per-elector or per-election pricing. Multi-year contracts with escalation clauses. Total cost difficult to predict. Vendor lock-in penalties.

Self-service administration. Source code ownership means full independence. Municipality can operate elections without vendor involvement after initial deployment. Optional support available.

Low vendor dependency for elections. High labour dependency for poll workers. Equipment vendor dependency for tabulators.

High vendor dependency for every election. No source code access. Vendor manages all infrastructure. Municipality cannot operate independently.