In 2020, Benjamin Netanyahu announced in a video he posted on social media that Likud would use an app called "Elector" in the upcoming elections, and called on his supporters to download it and use it. About a month later, a security breach was discovered in the company's servers, and data on more than six million voters became accessible online.

The Privacy Protection Authority investigated and found that the company "Elector" and the Likud and Yisrael Beitenu parties had violated the Privacy Protection Law. The case sparked extensive public debate, but it focused almost entirely on the leak itself. What was left out of the discussion was the question of what exactly the app does, and how exactly voter management apps like "Elector" work even when they don’t malfunction.

Leading up to the 2026 elections, this issue is reaching a tipping point. Attorney Shachar Ben-Meir has appealed to the Central Elections Committee demanding that political parties be prohibited from monitoring in real time the presence of citizens at the polls, thus creating an internal database that includes information on everyone who chose not to vote, in order to use it in the election campaign.

The Privacy Protection Authority and the Government Legal Counsel took a position acknowledging the potential privacy violation in the use of voter management applications, but left any decision to the Elections Committee. The Privacy Clinic of Tel Aviv University submitted a detailed opinion determining that this is a direct violation of the constitutional right to privacy, the confidentiality of the elections, and the integrity of the democratic process. The Chairman of the Elections Committee, Judge Noam Solberg, was asked to decide.

The threat to the integrity of elections is much broader

The legal proceedings focus on a specific question: Does documenting voting on partisan apps compromise election confidentiality? This is an important question, but it focuses on the moment when information is entered on the ballot and on the question of who is authorized to record it. What happens before and after that moment is much broader and no less important, and the issue now before the committee does not reflect that.

The principle of electoral confidentiality is intended to protect not only the content of the vote, but also the choice of whether to exercise the right to vote - without fear of surveillance, social pressure, or the awareness of strangers. When a person knows, or fears, that someone in their environment is secretly following them and can know in real time whether they went out to vote, this confidentiality is violated — even if the content of their ballot remains hidden.

The harm is not linked to the citizen's physical presence at the polling station. It can occur when information about the vote itself goes, without the voter's knowledge, to people who know him, know where he lives, and might act on that information.

To understand the scope of the issue, it is necessary to understand how these systems are built and operate. In a study I published in 2023, in which I analyzed the real-time operation of "Elector" during the 2020 elections, I documented a system with several interfaces operating simultaneously and connected to the same information infrastructure.

The starting point is the voter register that the state transfers to each party. On top of that, a classification system is built for the entire voting population according to their political positions: supporters, opponents, and undecided. This is done using information collected in field interviews, mined (usually illegally) from social networks, and sometimes cross-referenced with additional databases.

The voter base segmented by "supporters," "potential supporters," "non-supporter," and "unknown." From a 2018 instructional video by Tzuriel Yamin, manager of "Elector" (screenshot)

The result is a political portrait of every voter, constructed without the voter’s knowledge or consent. It is this data, more than the use of the app on election day itself, that is decisive for campaigns, and it is all based on covert collection, analysis, and tracking.

One interface is intended for observers, party representatives who sit at the polling station. Their legal role is to monitor the integrity of the vote, but in practice they enter the names of everyone who voted into the app in real time. This information comes to them by virtue of their official position and is immediately transmitted outside the polling station.

A separate interface allows campaign managers to see in real time not only voter turnout, but also a focused picture of who among their known supporters has not yet voted. Based on this information, call centers and shuttles operating throughout Election Day are managed and outreach efforts are directed to those people the system has pre-classified as supporters.

Crowdsourcing a snitch

But the interface that interests me as a researcher, and which remains almost entirely outside the legal debate, is the interface intended for activists. Certain parties have opened access to the database to thousands of citizens who have been recruited to support them. These activists can locate people around them within the database, mark them as potential supporters, and add personal and private information about them.

The app holds them personally responsible for making sure the people on their list vote on Election Day, and competition and incentives encourage them to continually expand their lists. In simple terms, this is a snitching mechanism based on “crowdsourcing,” in which the public themselves are recruited to enter, update, and expand a database of political information about other citizens, usually without their knowledge or consent.

This "crowdsourcing" mechanism does not come with effective oversight that limits it to locating only supporters. The ability to locate people in the database and build personal watchlists is not necessarily limited to political affiliation, and sometimes not even to an actual connection. For example, a user can include in his watchlist a neighbor, a coworker, an ex, a public figure, or any other person who piques his interest (say, a celebrity), even if they don’t know each other at all.

A Likud campaign message sent via the "Elector" app

On Election Day, when the poll watcher enters a name, the information reaches the operator in real time that the celebrity is on his list. If she has not yet voted, the operator is asked to contact her directly, call her, send a message, and in some cases go to her house. All of this happens without the celebrity knowing that she is on the list, without her knowing who is following her, and without her having any option to remove herself from those strangers' watchlists.

Thus, the monitoring system is transformed from a vertical structure between party and voter to a structure that spreads laterally, into the social fabric itself. It is no longer just institutional supervision that a party exercises over a citizen, but rather a system of snitching and mutual surveillance in which neighbor follows neighbor, acquaintance follows acquaintance, and sometimes even supervisor follows employee.

A woman who belongs to a community where there are pressures around the act of voting may avoid exercising her right if she fears information about her visit to the polling place may reach people in her environment. Someone who chooses not to vote as an act of protest may find their protest is exposed to those who seek to exert pressure on them. The chilling effect on the confidentiality of elections does not necessarily stem from overt pressure, but from the knowledge that the social environment itself has become an arena for surveillance.

Logic of a race to the bottom

The legal opinions submitted in the proceedings rightly focus on the violation of confidentiality, the irregular authority, and the chilling effect. But they mainly concern the institutional actor, the party that operates the system. A central part of the impact of these systems stems precisely from the way in which information becomes available for use between citizens and enables mutual surveillance that is not mediated by a single entity and is not subject to supervision.

This measure has a competitive logic that must be considered. A party that gives up these tools fears being left behind, and their very effectiveness creates pressure to expand their use. But this is the logic of a race to the bottom: each party that adopts it deepens the practice and makes it harder for others to step away from it.

There is no technological necessity for this. Tools can be developed to encourage voting that are not based on top-down and lateral surveillance, that do not require the construction of political profiles without consent, and that do not turn citizens' circles of acquaintance into a party's operational resource.

The argument that one must win now and change the rules later must be rejected, since political practices do not disappear through a resolution but are established through repeated use.

The question facing the chairman of the Election Commission is not just a question of the legality of action on one Election Day, but a question about the nature of political participation that takes shape in a democratic society. Surveillance, espionage and monitoring cannot be the basis for a standard democratic process.

When classification, labeling, and mutual surveillance become a built-in part of the campaign, they work in two directions simultaneously: citizens who feel they are being monitored may be deterred from exercising their right, and citizens who are recruited to monitor others learn that political snitching is acceptable. The two processes together shape a political culture in which surveillance is not an exceptional act to be condemned, but a practice that grows stronger with each election campaign.

The question at hand, then, is not just legal, but concerns the kind of society we want to be.

Prof. Anat Ben-David is a digital communications researcher in the Department of Sociology, Political Science and Communication at the Open University, and a member of the executive board of the Seventh Eye Association.

This article was published in Hebrew on March 18, 2026
Translation: Harriet Brown