The voting process for the next British prime minister – to be elected by Conservative Party members between former Chancellor Rishi Sunak and Foreign Secretary Liz Truss – has been delayed after an alert from the country’s spies that cyber hackers could change members’ ballots.
According to ‘The Daily Telegraph’, the National Cyber Security Centre (NCSC), which is part of the UK’s Government’s Communications Headquarters (GCHQ) listening post, advised the Conservative Party to rethink a plan to allow members an option to change their votes at a later stage. The postal ballot papers were to be mailed out from Monday but are now expected to start being issued a few days later, with a delivery deadline set as next Thursday.
“As you would expect from the UK’s national cyber security authority, we provided advice to the Conservative Party on security considerations for online leadership voting,” a spokesperson for the NCSC said.
“Defending UK democratic and electoral processes is a priority for the NCSC, and we work closely with all parliamentary political parties, local authorities and MPs to provide cyber security guidance and support,” the spokesperson said.
Under the change, the Conservative Party has been forced to abandon plans to allow members to change their vote for the next party leader in the contest because of hacking concerns.
“We have consulted with the NCSC throughout this process and have decided to enhance security around the ballot process. Eligible members will start receiving ballot packs this week,” a Conservative Party spokesperson said.
It was initially planned that the voting process would have allowed members to choose whether to vote by post or online and then, if they changed their minds, use the alternative method to cancel out their previous vote. But after the advice from the government’s spies, the party headquarters decided to make changes to “enhance security around the ballot process”.
“Your ballot is now on the way – but it will arrive with you a little later than we originally said. Please do not worry. This is because we have taken some time to add some additional security to our ballot process, which has delayed us slightly,” reads an email to the estimated 180,000 Tory members eligible to vote, seen by the newspaper.
“It is an offence to vote more than once – any member found to have voted more than once will have their party membership withdrawn,” it adds.
Under the original plan, Tory members were to be issued with a postal ballot with a specific code. They could then vote by post or – for the first time in a Tory leadership race – online. This remains the same.
However, members were to be allowed to change their vote later in the race by post or online if they wanted. But now this option to change a vote has been scrapped. Under the new system, each member’s unique code will be deactivated once they vote, meaning it will not be possible to change that decision later in the race.
The deadline for registering votes is the evening of September 2 and the results will be declared on September 5, with the elected candidate going on to address their first Prime Minister’s Questions (PMQs) in the House of Commons on September 7.