[EM] Electronic Voting Bill of Rights?
davek at clarityconnect.com
Sat Nov 15 12:52:05 PST 2003
On Sat, 15 Nov 2003 10:36:58 +0100 David GLAUDE wrote:
> Ernest Prabhakar wrote:
>> On Nov 14, 2003, at 1:55 PM, David GLAUDE wrote:
>>> I think that before any electronic system get introduced, you need to
>>> carefull set the goal and define what democratic election are.
>> I actually think that this is an excellent point. We may disagree
>> about how easy a technical solution is, but I think we agree that we
>> need to explicitly state what the requirements are.
> The point is that the requirement are and should be technology
> independant. There is no reason why you would apply a different standard
> for electronic voting than for traditional (paper) voting.
>> Has anyone put together an "Electronic Voting Bill of Rights" to
>> specify what criteria should be required of electronic voting
>> systems? If not, I think it would be awesome if electorama could
>> draft and ratify something like that. Touch-screen voting seems to
>> be a hot issue, and it might generate some good publicity.
> Strange goal that you have. You want publicity... rather than the
> protection of democracy.
>> I'm sure many people here have their pet list, but I haven't seen
>> anything systematic. Mine would include things like:
>> REQUIREMENTS FOR ELECTRONIC VOTING SYSTEMS (EVSs)
ZERO. MUST NOT allow other people to verify that I voted a particular way
This one belongs UP FRONT. For some elections the temptation to cheat
will be irresistible, if it is made possible.
ZERO.1 MUST be designed to maximize probability of accurately recording
Going back to 2000, at least one Florida county did a layout of a
paper ballot that confused many voters enough that they voted invalidly.
When using the lever machines in New York City, confused voters can
reset the levers to nulls before leaving the booth (thus voting for no
one). Machine designers recognized this problem and corrected for it by
sensing for only nulls. Then somebody disconnected the sensors,
destroying this protection (done long enough ago that no one seems to
Using lever machines in upstate New York, there were a LOT of
write-ins in one district this year. One puzzle, big enough to affect
whether the write-in candidate should, or should not, win was that many of
the write-ins were written upside down (and gave headaches to those doing
the counting). Should they be counted as valid??? Write-in slots are at
top of machine, above voter's head - but these voters managed to reach
them. Write-in slots are slanted, making them convenient for the
right-handed. INconvenient for those who are left-handed, and they can be
tempted to write upside down, as more convenient for them.
>> 1. MUST enable potential recounts
I am not against this, so long as it does not get in the way of secrecy,
etc., and is not used as an excuse for failing to do open process.
In my DVD post I specified recording each ballot on the CD or DVD so that
they could be recounted if anyone chose. I specified with that that they
should be in random order to preserve secrecy.
> It is important to know what a recount mean. In Belgium we do recount
> the magnetic card (in case power is lost in the computerised magnetic
> card ballot box)... or we get impossible result. But this give us no
> garantee since we have no proof that what is on the magnetic card is the
> voter intent.
Seems worthwhile to make voting machines immune to power problems. In my
DVD post specify recording the ballots on disc, after which they do not
require power to protect them.
> Also the word potential is risky. What should be done is to make some
> full recount (in random locationç and partial recount everywhere else to
> detect hardware/software failure (or worst). If partial recount go
> wrong, then full recount is required.
> The recount must be technology independent, imagin a recount made using
> the recount program from the e-vendor. "Print me one more time the
> result, they ask for a recount."
> Also we must recount something that was voter verified (without
> technological help).
>> 2. MUST be developed in an open process, allowing external accountability
> All software and procedure MUST be open for review by all the citizen
> (transparency). So source code, reference compilation, hardware
> specification, sample content of booting device/encryptiong
> key/initialisation data. The source code must be writen in standardised
> non-proprietary language for which refence open source implementation exist.
"review by all the citizen" is neither practical nor useful, for few are
willing and able to do this. HOWEVER, the ability should be required,
such that any citizens who are willing and able can do this service for
themselves and others.
To expand on this:
Design should be open.
Developing of hardware and software properly belongs to the vendor,
though some details, such as hardware selection and programming
language(s), are properly specified.
Program source, etc., are properly deliverable items, and must be
available for review by citizens, as noted above.
In my DVD post I specified that everything of possible interest must come
to the polling place on a CD or DVD, and everything of interest that
happens there must be recorded on that same DVD.
In response to a thought about substituting:
Something unique should be recorded as part of preparing to
open the polls. This means no substitute can be prepared in advance.
After polls close, copies of the DVD should be made (before
there is opportunity for substitution) and distributed, meaning:
Substitution of one of these mostly makes noise.
The program on the DVD can be compared with a fresh
compilation of program source (available elsewhere).
>> 3. MUST allow me to verify that my vote was entered and counted correctly
Some propose printing a paper ballot that the voter can inspect before
leaving the machine, and then the ballot being deposited by the machine in
a ballot box. This requires manual shuffling of ballot box content when
polls close, but is workable.
Anything less protective of secrecy should be rejected.
> In a technology independant way.
>> 4. MUST NOT allow other people to verify that I voted a particular way
I move this up, consistent with its importance.
> MUST respect the secrecy of my vote.
davek at clarityconnect.com people.clarityconnect.com/webpages3/davek
Dave Ketchum 108 Halstead Ave, Owego, NY 13827-1708 607-687-5026
Do to no one what you would not want done to you.
If you want peace, work for justice.
More information about the Election-Methods