After bouncing the idea off a few people and thinking about it for a while, I've got the next iteration of my voting idea. I'm thinking we could use
GnuPG to handle all the cryptography since it's free (as in speech), open source, stable, secure, and widely adopted. Here's how it works.
Three groupsEveryone involved in the process falls into one or more of the following groups:
- The polling authority is the entity in charge of administering the voting process, and in this case would be a political party.
- The voter is anyone eligible to vote, but not necessarily a member of this party. They choose a delegate to vote on their behalf. All voter information is confidential.
- The delegates are entities that have been given authorization by voters to vote on their behalf. They can be people, computer programs, corporations, other political parties, or whatever else the voter chooses. All delegate-related information is public.
Step 1: Delegate registrationAnyone or anything wishing to serve as a delegate can submit a name, email address, and
public key to the polling authority. An encrypted confirmation email will then be sent to the delegate. Once confirmed, the delegate is added to the
key server. The public will have read-only access to the key server.
Step 2: Voter registrationA voter travels to the polling authority with an accepted form of identification and registers to vote. The voter then types in the email address of a delegate who has registered in Step 1. The voter can optionally specify multiple delegates, so if the voter's first choice delegate does not vote, their second (or third, fourth, etc) choice will be used instead. As a courtesy, voters can notify their delegates when selected or removed, but this can't be done by the polling authority without risking voter
coercion or
bribery. For most voters this step can be automated for complete privacy, but we'd also provide assistance on request.
Step 3: Call for votesWhen it's time to vote, the polling authority publishes notice on the party website and mailing list. For example, a poll could look like this:
Poll 123456: "What will we have for dinner?"
001 Pizza
002 Salad
003 Toothpaste
Step 4: Votes submittedThe delegates who had registered in Step 1 would then:
- Rank the choices from Step 3 in order of preference,
- Save those rankings to a file,
- Tamper-proof the file by digitally signing it, and
- Email this ballot to the polling authority.
Since an unscrupulous attacker could block a delegate's registered email address during this step, we'd have to allow ballots from any address so long as the registered one is mentioned and the signature passes verification.
Step 5: Votes talliedAfter a set amount of time has passed, the polling authority verifies all submitted ballots and tallies the votes. I'm a fan of the
Schulze method, but there are some other good
electoral systems out there for determining the winner. The winning choice and every other choice that has been ranked by over 1% of all votes will be displayed on the party website. The ballot from each delegate will also be publicly visible.
Other ideasI've been thinking about Coriolinus' tagging idea from the last post, but I can't think of any good way to make it work properly. Everything I've got so far either introduces the risk of gaming the system or just wouldn't prioritize issues perfectly for everyone. I'm open to the idea, but I'm not 100% sure how I could make it work.
Labels: politics, voting