This study systematically evaluates the technical recommendations issued by the OSCE/ODIHR on Estonia’s internet voting over the past two decades, revealing that several are logically infeasible, while others entail critical security–usability trade-offs left unarticulated. Employing a policy–technology interdisciplinary analysis, formal modeling of security trade-offs, and rigorous formalization of end-to-end verifiability (E2E-V), the work identifies—for the first time—multiple recommendations that are either technically unrealizable or counterproductive. Key contributions include: (1) prompting international election observation bodies to publicly reassess the technical feasibility and implicit assumptions underlying their recommendations; (2) transforming the normative concept of E2E-V into a measurable, empirically evaluable technical standard framework; and (3) proposing a methodology for developing technically grounded, implementation-aware recommendations tailored to election oversight institutions—thereby bridging the gap between theoretical advocacy and engineering reality.

This paper takes a critical look at the recommendations OSCE/ODIHR has given for the Estonian Internet voting over the 20 years it has been running. We present examples of recommendations that can not be fulfilled at all, but also examples where fulfilling a recommendation requires a non-trivial trade-off, potentially weakening the system in some other respect. In such cases OSCE/ODIHR should take an explicit position which trade-off it recommends. We also look at the development of the recommendation to introduce end-to-end verifiability. In this case we expect OSCE/ODIHR to define what it exactly means by this property, as well as to give explicit criteria to determine whether and to which extent end-to-end verifiability has been achieved.