I was just reading how electronic voting without a paper trail might be a problem and I think there is a way for it to be secure.
That is, if the computers say candidate B won, how will we know if it is correct?
How about the following solution
When you go to vote, the computer generates a long pseudo-random number and prints it out on paper (which you take home with you). The paper need not have the details of what you voted for, although that would be preferable, just a long (unique) number. Let’s call this the RVN (Random Voter Number).
The computer associates your vote with your RVN.
After the results are tallied electronically, the results are posted on a website that contains a list of ALL RVNs along with what each RVN “voted for”.
If people want to see that their vote was properly counted, they just go to this website, type in their RVN and see the corresponding vote.
Advantages of this system: Transparency and anonymity at the same time
A) It would be easy for any citizen to go to the website and count the votes and see which candidate won. (may be difficult manually, but a good Perl script should do the job)
B) It would be easy for every voter to verify that his/her vote was counted properly
C) Anonymity of voters is maintained. Since your RVN is not your SSN, and since it changes from election to election, no one will know whom you voted for.
If the paper containing the RVN also contains what you voted for, that would actually provide detailed proof in case of fraud or malfunction. Otherwise, fraud or malfunction would be detected by the fact that thousands of people report under oath that the vote corresponding to their RVN was not counted properly.
Anyway, just a thought. Maybe something like this is already in place. Maybe this would have several severe disadvantages.
But I like the fact that I can go to a website and see all the votes from all the voters and count the votes myself.
Yes, one thought :
I state that the number 45698VCDE3456234 is mine and has been counted as a vote for Bush while actually I voted for Kerry. It can be true and piss me off royaly, but how do I make my case in this situation? Or I could lie just in order to raise a fuss and cast doubts on the legitimacy on the election, and if there are enough of us, how could you convince the public who can’t really control by itself the electronic procedure?
Well, there would have to be “enough of you”, and I assume it might not be easy to get thousands (or tens of thousands) of people to lie under oath.
In any case, I stated that it would be preferable if the paper with your RVN contained what you actually voted for
I didn’t think of this before, but I guess it could be handled using the number of people who voted. That is, the number of votes on the website has to equal the number of voters who voted on election day. Assuming the latter number is determined offline (non-electronically), things should work out. Or maybe someone else has a better idea.
sailor has posted a lot of really good information about making electronic transactions secure and private. I haven’t seen him around lately, but searching on his username and the relavent terms should bring up a wealth of good information and links to good information.
Here is one of those threads that erislover mentions, with links to lots of other electronic voting issues.
The problem with this, of course, is that it would enable an interloper to validate that the votes they paid for were properly cast. It creates more problems than it solves.
While I like the idea of receipts, I don’t think you need to map “RVNs” to voters, as you propose. But I really have nothing more to add to what I contributed in the linked thread above.
I’m sorry, but this whole thing seems rather superfluous to me.
Isn’t the point to not need a papertrail and not need people to check their votes? Everyone getting a slip of paper and then having to go home and re-check their vote for themselves? Seems a little cumbersome. What does the person do if his/her vote was different? Report to the local social security office?
What if you “blind” it? In the booth, show the voter their RVN. Highlight the last digit for the voter, which serves as a checksum; for example, they would see a big red "
[color = “red”]2[/color]". Then you print a receipt that says
Bush 01AC663EF2
Kerry 01AC663EF1
Nader 01AC663EF4
Nixon 01AC663EF7
Vader 01AC663EF3
(bolding indicates focus of voter’s attention, not actual bold printing on receipt)
So the voter knows he’s a “two” and that his vote went for Bush. The RVNs for the other four votes are dummy RVNs, and if entered into the system will not reflect a real vote. Since the website wouldn’t be posted until all the returns were in, it would deter – though not prevent – vote-buying.
The point is to accurately and securely record the votes of the electorate in such a way that the public has confidence in the fairness of the outcome.
Touch screen or other electronic technologies can only meet this standard if the recording is separate from the counting. The recording by the electronic device in the voting booth generates a paper ballot, which is then counted when the voter takes is to the ballot box and feeds it into the counting device. The paper ballot is retained by the ballot officials in case a recount is warranted.
Any other method that combines recording with counting without any paper record of the vote is doomed to create chaos whenever there is a razor thin margin such as 2000. I don’t think the American public will stand for another election shrouded with any whiff of fraud, and civil unrest is a distinct possibility if an accurate recount is not possible.
Only a small number of people would need to check to detect fraud. Yes, you would report fraud to the “authorities” or to the media.
My thought was to print two identical receipts. The voter keeps one and puts the other in a ballot box that need be checked only if there is a problem with the electronic vote.
Jurph: That is a good way to avoid the vote buying.
Here’s the idea I had, when the subject initially came up after Florida 2000. Haven’t seen any better ones, but you be the judge.
You go up to the electronic terminal, and key in your choices. When you’re done, it prints out a ballot on card stock, naming the candidates you voted for.
You inspect it, and assuming it’s satisfactory, you insert it into the ballot reader, which tallies your votes. It preserves all the printed ballots as evidence of the precinct’s votes in the various races.
If there’s a mistake, you take your ballot to the election official, who puts your ballot in a box of rejects, and lets you return to the computer terminal to start over.
As always, the number of ballots counted can be no greater than the number of voters who were recorded as having shown up to vote.
The goal of counting votes electronically with a paper trail was fulfilled long ago by the punch ballot. The card readers are as close to 100% accurate as is practical and are not subject to software tampering. Unfortunately the actual voting machines were designed for adults with an IQ of at least 70.
Condescending attitude aside, the punch ballot can easily be adapted to an electronic system that assists those people who are having problems with the punch ballot. This is useful for a number of reasons:
-Electronic ballots will be more complicated than a punch ballot which requires only 3 steps (inserting the ballot correctly, point to the candidate with a stylis, press the stylis firmly in the hole next to the candidate).
-Electronic ballot machines will be expensive.
-Electronic ballot machines are more susceptible to software tampering.
The best solution, IMO, is to keep the punch ballot machines and add a single card reader to every voting precinct (or 1 for every 10 voting booths). That way a person who thinks they did it wrong can verify their vote with either a screen display, a printed copy of their vote, or both.
If you have some method of checking the votes weren’t disapearing into the ether, you could hope to vote electronically (modem, internet, telephone), couldn’t you? We’re probably not there yet, but we can plan for it. For instance:
I’m mailed a personal encryption key.
I ‘phone’ up the voting booth and using the key, vote.
This is stored in a big database.
Later, if I want, I can ‘phone’ up and get it read back to me.
Perhaps a distributed network, rather than a central machine, so one programmer couldn’t mess the whole thing up.
Why even bother with all this complicated machine stuff? Whats the matter with having a piece of paper with the office they are running for followed by all the candidates, each with a circle next to the name. You put an X in the box, which is right beside the candidates name, that you want to vote for.
Thats how we do it up here. Seems to work fine. And if you can’t figure out that the circle right next to the name of the candidate is where you put your X, should I doubt you could even find the polling office.
We have the advantage of not having to vote for multiple offices on a single ballot. The US groups these things together. i.e. Senate, House, President, etc.
getting back to the proposal in the OP, I think there are at least two things wrong with it:
there is no way to check the accuracy overall. Each individual voter has to check his or her vote for accuracy, but you can’t have a central recount. So in a recount situation, you have to ask all the voters to check their own electronic ballot?
you have to rely on the honesty of each voter. What if Voter A has changed his or her mind since casting the vote and wants to change the vote? Voter A could go to the media and squawk that his/her vote wasn’t recorded properly. How can the election officials check it out? What is the objective standard of proof? and will the media believe the election officials over the squawking voter?
The goal is to have an electoral system that has public confidence. If there’s no way the election officials can do the recount, and individual voters can allege error without a way to prove it one way or the other, I don’t see how public confidence would be maintained.
Yeah, you pretty much nailed it there. I can’t imagine these people operating the older voting machines that used levers.
I was so embarrassed by what the Canadians must have thought after watching the last election and you confirmed my suspicions.
My solution stands. Keep the punch ballot and include a reader for people who are too proud to admit they can’t program a VCR let alone invest in the 60 seconds necessary to understand the WORLDS EASIEST VOTING SYSTEM. Maybe the people who hand out the ballots could also hand out lollipops to those people who successfully voted.
