Is India moving towards E-Voting
Case of Bihar Election and Challenges
**Alok Singh
Bihar became the first state to adopt an e-voting system for urban polls. The Bihar State Election Commission (SEC) has decided to roll out an e-voting system using an Android-based mobile. Although the SEC has adopted an end-to-end digital optical character recognition system and digital locks for EVM strong rooms, a face recognition system, legal challenges and practical risks persist. Additionally, it raises fundamental constitutional questions about electoral integrity and digital rights that require immediate legal policy intervention, considering India’s asymmetric federalism and digital/literacy inequality.
Bihar E-Voting Model
The current step was taken by using the power under Section 14 of the Bihar Municipal Act, 2007, through which the Bihar Municipal Election (Amendment) Rules, 2022, were promulgated. Rule 20 of the Amendment Rules explicitly allows for the use of electronic devices, other than electronic voting machines, such as laptops, palmtops, Android/iOS-based smartphones, servers, etc.
The primary target voters are migrant workers, persons with disabilities, Pregnant women, senior citizens and seriously ill individuals. The SEC said it will help to increase voter turnout and make elections more inclusive. This could be considered as an important step, as the Bihar voter turnout in the General Election 2024 was the lowest amongst the Phase VII states. Additionally, the central government itself told the SC that they were considering a mechanism to ensure the voting rights of NRIs, as they are unable to access their right.
Constitutional Analysis
The Indian Constitution had established a clear division of electoral authority. Article 324 vests “the superintendence, direction and control” of all elections to Parliament and to the Legislature of every State in the Election Commission of India (ECI). This grants the ECI a broad, pre‑eminent role in the conduct of national and state polls.
By contrast, the 73rd and 74th Constitutional Amendments created independent State Election Commissions (SECs) for local elections. Article 243K(1) and 243ZA(1) explicitly vest “the preparation of electoral rolls” and “the conduct of all elections to Panchayats and to Municipalities respectively, in the State Election Commission. At first glance, this suggests Bihar’s SEC has the authority to introduce e‑voting for municipal elections.
However, this authority is not unlimited. Article 327 provides that “Parliament may from time to time by law make provision with respect to all matters relating to, or in connection with, elections to” Parliament and state legislatures. Though Article 327 does not mention local elections, it exemplifies the principle that changes to electoral procedures generally require statutory backing.
The Supreme Court in N.P. Ponnuswami v. Returning Officer emphasised that for any election to be lawful, there must be (1) a valid law covering the process, (2) an appropriate authority to implement it, and (3) a judicial forum to resolve disputes. Importantly, Ponnuswami was not directly related to e-voting; however, it articulates a constitutional principle about legal provenance that elections are not ordinary administrative programmes but core democratic processes. Therefore, rules must be laid down by law so that citizens know the terms of the franchise and courts have predictable standards to supervise.
This doctrinal principle was applied in A.C. Jose v. Sivan Pillai (1984), where the Court struck down the ECI’s pilot use of Electronic Voting Machines (EVMs) on the ground that the procedure lacked statutory sanction. The Court held that the “Commission could not innovate a method…was not covered by the existing law…field”. The later insertion of Section 61A in the Representation of the People Act (RPA) to authorise EVMs was upheld by the Court in AIADMK v. CEC (2001). On a doctrinal basis, the consequence is clear: technological innovations that change the mechanics of voting (whether EVMs or smartphone-based remote voting) require explicit legislative sanction or a statutory framework.
Bihar’s e-voting app, launched by the SEC without enabling legislation, raises constitutional concerns. A similar approach is seen in the case of Gujarat, which ran a high-profile online e-voting pilot in 2010, and the scheme was later withdrawn by the Gujarat SEC. Telangana also piloted smartphone-based/dry-run e-voting in Khammam and considered Aadhaar/OTP approaches for special-category remote voting. But plans were not effective as there is no specified law to deal with privacy and security concerns. The Indian experience, therefore, shows repeated implementation attempts and legal uncertainties: some states have run pilots/dry runs, but none has embedded a permanent, broadly applicable remote e-voting regime in state law. Without federal or state laws authorising this shift, the SEC potentially lacks the legal authority to replace traditional paper ballots with e-voting.
Digital Rights, Access Inequality and Article 14
Any move to electronic voting must reckon with India’s deep digital divide. Bihar lags in internet penetration and digital literacy. According to NFHS‑5 data, only about 63% of men and 41% of women nationwide have ever used the internet, and Bihar fares worse, with the lowest proportion of internet-literate women in India. Rural areas, economically disadvantaged groups, the elderly, and those with limited education are similarly disconnected.
These facts have important constitutional implications under Article 14. If e‑voting is offered as an alternative, a large class of citizens (e.g. rural poor, less-educated, older women) would be effectively barred from participating in that mode. This unequal access could amount to an unreasonable classification or discrimination. While well-intentioned, selective availability creates two tiers of voting. Any affirmative action to assist special-needs voters must conform to equality principles by not compromising others’ votes.
The state cannot claim a neutral technological choice if it systematically disadvantages certain castes, classes, or genders. In an analogous context, the Supreme Court has often struck down election procedures that indirectly disenfranchise voters on arbitrary grounds.
Besides access, digital rights such as privacy are also implicated, as the ECI denies requests for sharing voting data. The app, which is used in Bihar, reportedly collects and uploads sensitive biometric information (facial images, fingerprints), election preferences, and biometric and facial data, which are “sensitive personal data”. However, no specific legal framework currently governs how election authorities may store or use such data. In sum, e‑voting intersects with fundamental rights and equal protection.
Secrecy, Coercion and Verification in Remote Voting
One of the cornerstones of free elections is the secret ballot. Traditional polling booths are designed to isolate the voter and prevent observation. Moving the vote onto personal devices and remote settings might fundamentally alter this dynamic. Enforcing secrecy in a voter’s home, digital environment, or community centre becomes far more difficult. As critics warn, “when voting moves from the controlled space of the polling booth to the personal device, […] the protection that comes with in-person voting also starts to erode”. Further, verifying that a ballot is secret and voluntary is nearly impossible without full control of the voting environment.
One mitigation against coercion in remote voting is the ability to recall or change one’s vote after the initial cast by physical voting and annulling the previous one. Estonia, a leader in Internet voting, has implemented this safeguard: votes cast online during early voting can be re-cast electronically until the final day, and any physically cast paper ballot subsequently overrides the electronic one. An Estonian voter who feels coerced or insecure about her Internet ballot can simply show up at an early-voting station and vote by paper; the system is designed so that only the last vote (paper or electronic) is counted.
Verification of votes is another challenge. In any e‑voting scheme, voters need a trustworthy way to record their vote correctly. Remote systems must rely on cryptographic measures without a tangible paper trail, like India’s EVM‑VVPAT system. SC held that the VVPAT paper trails were essential to the election process. This supports the contention that there is a need for verification. However, it is important to note that in physical form, 100% verification is not possible. Lastly, the app permits two voters per phone number. This opens the door to duplicate or unauthorised votes: “one person, one vote” could be violated if two voters share credentials on one device.
Estonia’s e‑voting provides each voter with a cryptographic receipt. After casting a vote, the system generates an encrypted vote data that the voter can save and later verify on an independent device. This allows voters to confirm their choice without revealing their vote. This type of model is currently unavailable in India. In summary, secrecy and coercion present significant hurdles for remote voting.
Legal Gaps and Comparative Perspective with Estonia
India currently has no dedicated e‑voting law. Apart from Section 61A of the RPA (which covers EVMs), the statutory framework assumes in‑person voting. By contrast, Estonia built its i‑voting on a firm legal foundation. In 2002, the Estonian parliament enacted several statutes (e.g. the Local Elections Act, Referendum Act, Riigikogu Election Act) specifically authorising Internet voting in various elections and detailing procedures.
Crucially, Estonia also passed a comprehensive Digital Signature Act in 2002, enabling every citizen to obtain a government-issued identity card with an embedded digital certificate for strong online authentication. This statutory regime clarified how remote voting would work, including timelines, vote security, and audit methods, so courts found it consistent with Estonia’s constitutional requirement of “free elections… voting shall be secret”.
India’s approach has been the opposite: technology has been deployed first, and laws have been amended only after court direction. No election code provision contemplates remote voting via smartphones. The reasonable legislative and constitutional trajectory was entirely skipped with no enabling state act, public consultation, independent certification, or a clear forum to challenge electronic ballots.
Notably, the failure of the Gujarat pilot offers a cautionary tale. The Gujarat SEC spent heavily (about ₹26 crore on software and ₹6 crore on publicity) to introduce online voting in select wards. Initial reports of ~77% turnout of registered online voters sounded impressive, but that translated into fewer than a thousand actual votes because registration was voluntary, and uptake was minuscule. By 2015, the program was quietly abandoned, and by 2020, the SEC announced it would suspend e‑voting. Gujarat’s experience shows that without simplicity and legal clarity, even technically sound systems may flounder.
Globally, experiments with e‑voting have had mixed results. Many European countries (the UK, the Netherlands, Norway, etc.) have withdrawn or scaled back remote voting pilots due to security and trust concerns. For example, in the UK, pilot e-voting channels (online, phone, SMS) failed to increase turnout, and surveys showed no significant trust or usability gains. In Ontario, Canada, which offered online voting in municipal elections, researchers found no evidence that it changed candidate demographics or turned out underrepresented groups meaningfully. Countries like Germany and the Netherlands have scrapped e-voting trials because security risks outweigh benefits. By contrast, Estonia continues to see high levels of i‑voting; in recent elections, roughly one‑third of votes have been cast online (peaking over 40%). It remains the sole country where internet ballots are routine and legally entrenched.
These comparisons yield a common lesson: successful digital voting requires more than software. It requires robust institutional and legal frameworks (as in Estonia), user-friendly design and outreach (as Gujarat ultimately realised), and public confidence (hard to win but easy to lose).
Data Privacy, Blockchain, and Emerging Technologies
As Bihar’s app collects biometric identifiers and transmits votes online, data privacy becomes a prime concern. The system stores facial photos and fingerprints alongside one’s vote. With the current legal/enforcement framework, questions arise: Could hackers breach the database and link identities to votes? Could authorities misuse facial data for surveillance? These uncertainties implicate fundamental rights of dignity and privacy. The allegations of data leaks from the government portals about Aadhaar exacerbate the doubt and concern.
On the other hand, emerging technologies, such as Blockchain, offer tools to bolster trust – if used correctly. Blockchain is often proposed for voting because it can create an immutable record of transactions (votes) across a distributed ledger. A well-designed blockchain voting system could let anyone verify that votes were counted correctly without exposing voter identities. However, practically achieving end‑to‑end voter anonymity on a blockchain remains challenging, and the intricacies of blockchain may make it difficult for people to accept.
Other advanced cryptographic methods, such as homomorphic encryption and mix‑nets, could also be incorporated. These allow votes to be tallied in encrypted form or shuffled to break linkages between voter and ballot. Some systems (as in Switzerland’s and Estonia’s trials) even explore verifiable choice encryption and code‑voting. Additionally, extensive security audits and open-source transparency are crucial. For now, India’s focus on blockchain remains largely speculative.
Cybersecurity and Technical Standards
Cybersecurity is non-negotiable for any e‑voting system. Unlike EVMs, closed devices with physical security, internet voting exposes multiple attack surfaces from voter smartphones, networks, servers, and the software. The consequences of a breach could fall out of the democratic setup. Any deployment of e‑voting must therefore follow strict standards.
Council of Europe guidelines (CM/Rec(2017)5) effectively constitute the only international e-voting standard, calling for systems that uphold democratic principles and resist cyber threats. Practically, this means end-to-end encryption, multi-tier architecture, and continuous monitoring. For instance, the Gujarat pilot implemented some baseline measures, but independent verification was lacking.
By contrast, certified voting technologies in India (like EVMs with VVPAT) undergo rigorous testing and auditing by the Election Commission and STQC (Standardisation, Testing and Quality Certification). No similar protocol currently exists for mobile voting. Policymakers should consider standards that could include software independence (i.e. a system where manipulation cannot go undetected by software alone), voter-verifiable audit trails (such as digital receipts), and resilience against Denial-of-Service attacks. Without such frameworks, the security of app-based voting rests solely on government assurances.
Proposals for Reform
Given these challenges, a cautious, phased approach is imperative. These are some recommendations for reforms:
Firstly, India needs clear legislative authorisation for any form of e-voting. Parliament should amend the RP Act and related election laws to clearly specify the scope and modalities of remote voting. This legislation must define who may vote electronically (e.g. all voters or special categories), the role of the ECI and State Election Commissions in overseeing it, and stringent audit requirements. Statutes should mandate verifiable audit trails (like VVPAT slips for EVMs) and allow judicial review of e-voting procedures. This could mirror how Section 61A and subsequent rules legitimised EVM use under law.
Second, any expansion of e-voting should be accompanied by robust data protection and privacy safeguards. Biometric and personal information collected for voting must be encrypted, stored only as long as necessary, and fully audit logged. The election authority should be barred from using voters’ digital fingerprints or behavioural data for any purpose beyond the immediate vote, and third-party processing (e.g. by app developers) must be strictly controlled. Independent security audits and “white box” testing (i.e. a method of testing software that tests internal structures or workings of an application, as opposed to its functionality) of the software should be mandatory before each election.
Third, the digital divide and literacy gap in India demand attention. Policymakers must ensure that remote voting supplements are not substitutes for traditional polling booths until near-universal access is achieved. Investments in rural connectivity and voter education are critical so that an overzealous shift to online methods does not disenfranchise eligible citizens. For example, mobile voting might first be limited to specific groups (e.g. disabled voters) with continued access to physical booths for all. Outreach programs should explain the new process clearly, and parallel assistance, such as hotlines and helpdesks, should be provided on election day.
Fourth, any rollout must be incremental and transparent. The Election Commission should conduct mock elections and public pilots to test the system end-to-end. Like traditional EVM rollouts, initial e-voting trials should be small-scale (perhaps in a few districts) under rigorous observation by party agents, civil society, and technical experts. The results of each pilot must be publicly analysed, and problems must be rectified before wider use. As the OSCE recommends, this process should involve broad stakeholder consultations and consensus-building on how core principles (privacy, secrecy, equality) are to be balanced.
Next, the collaboration between state and national bodies is also essential to ensure that voting systems remain consistent as they expand. Additionally, the judiciary should be prepared to oversee this transition, as courts play a vital role in protecting voting rights. Election petitions must address electronic voting procedures, and the Courts need the authority to quickly resolve disputes over app integrity and voter eligibility.
Conclusion: A Roadmap for Digital Democracy in India
India is at a crucial juncture where the Bihar e-voting initiative highlights both the potential benefits of convenience and inclusivity and significant constitutional and social challenges. The transition from remote voting will require comprehensive reforms, including legislative actions, strong security regulations, and efforts to bridge the digital divide.
Estonia’s success with digital voting demonstrates that internet voting can be effective with the right infrastructure and public trust. However, experiences in Gujarat and Europe show that technology cannot solve political barriers alone, and building trust takes time.
Therefore, India should adopt a phased approach, starting with small, legally sanctioned pilot programs supported by audits. Later, broadband access and digital literacy in other states will be expanded by ensuring that technology empowers all citizens. Institutional reforms are essential, including clear data handling rules and a permanent oversight body.
**Alok Singh, 2nd year law student at RMLNLU with area of interest in Constitutional law and IPR.
**Disclaimer: The views expressed in this blog do not necessarily align with the views of the Vidhi Centre for Legal Policy.