About Vote Palestine

What is Vote Palestine?

Vote Palestine is a civic platform where you can anonymously show your support for three concrete demands: recognition of the state of Palestine, stopping arms sales to Israel, and ending illegal investments in the occupation.

How does it work?

We take your anonymity very seriously. Here's how it works:

  1. Request: Enter your phone number and receive a ballot via SMS with a unique link.
  2. Voting: Open the link and vote yes or no on the three demands. Your phone number is encrypted with a one-way algorithm so it cannot be reconstructed.
  3. One vote per number: Each phone number can only vote once. The ballot expires after 24 hours.

We store no IP addresses, no cookies, and no personal data in connection with votes.

Vote bundling

To protect early voters, the total vote count is only displayed once there are at least 50. Until then, only the collection status is shown.

The three demands

1. Recognize Palestine

Denmark must officially recognize the state of Palestine as a sovereign state.

2. Stop arms sales to Israel

All sales and exports of weapons and military equipment to Israel must be stopped.

3. Stop illegal investments

Danish pension funds and public funds must divest from companies profiting from the illegal occupation.

Technical security

  • SHA-256 hashing of phone numbers with server-side salt
  • Ballot tokens with 24-hour expiry
  • Rate limiting on all endpoints
  • Max 3 pending ballots per device
  • No third-party tracking or analytics

How the encryption works

When you vote, our server combines your phone number with a secret key (a "salt"). This combination is run through SHA-256 — a cryptographic one-way function. The result is a 64-character fingerprint (a "hash") that we store instead of your phone number.

"One-way" means you cannot mathematically calculate backwards from the fingerprint to the number. When you send a new ballot, we create the same fingerprint from your number again — if it matches, we know you've already voted.

But can't you just try all phone numbers?

Good question. Danish mobile numbers are 8 digits — about 100 million combinations. A computer could hash all of them in seconds. That's why we use the salt: without the secret key, you can't recreate the fingerprints. The salt is stored only on the server and never appears in the code or database.

Even if someone gained access to both the database and the salt, they would only learn that a specific phone number voted yes or no. No names, IP addresses, or other personal data is stored alongside the vote.