I am short on time, but this is a topic very close to my heart.
The problem, put simply, is that voting machines do not record voter intent. They only record what the machine interpreted the voter intent to be.
When we vote with physical media, there is a chain of trust from the voter intent, through to the mark on the media. The voter intent is directly recorded and is used to form the final tally for the election.
When we insert a machine in there, it's a vote by proxy. There are varying degrees of this, ranging from mechanical assists through to full on electronic solutions that don't mark media at all!
Secondly, when we mark media, it's marked. Media is actually changed by the act of the voter imparting their intent to the media. Undoing or modifying that intent in a way transparent to those counting for the final tally is actually difficult to do.
Bits change easily. In fact, we design computer bits to change over and over again, and we do that so we get the benefit of fluid information processing, and this is a good thing.
Media of various kinds do not require enabling technology to use. Humans can work with the record of the voter intent directly, in a court room, under the watchful public eye.
Enabling technology is always needed for humans to see bits, and due to the nature of how bits are handled, we never actually see the bits that encoded what the machine thought the voter intent was, just some copy, or processed version.
So then, how can electronic voting work? How can Internet voting work in a trustworthy way?
Before I give that answer, consider these four pillars of a trustworthy election:
Anonymity. Voters are not personally linked to their votes.Trustworthy elections embody all four of those to the maximum extent possible.
Oversight. No secrets. The public should be able to follow the voter intent from the voter, and the direct record of their intent, through the process and see it accumulate into the final tally.
Freedom. Voters may vote or not as they see fit.
Transparency. This is required for oversight and the process itself should be documented as a matter of law and procedure, observable by the interested public.
Now, what is the difference between electronic voting on the Internet and banking, for example?
Loss of anonymity!
The only way we can make electronic systems even remotely plausible is to record what everybody voted everywhere and keep that as an enduring record. Voters then could verify their votes, protest them, detect inaccuracies, and that comes at the cost of being held to a greater account for them too.
Unless we are willing to do that, no electronic system is trustworthy, because the nature of computer bits and the failure to directly record voter intent, forcing us to trust a proxy, means we must hold an election where we never, ever actually record voter intent!
That is madness!
Now, if we use machines to assist voters in the generation of human readable records to be used for the tally, a person can verify the record is an accurate expression of their intent.
People want the quick Internet voting, but they also want to trust it, and the point I am making in this diary is very significant! Read it again:
Electronic touch screen machines do not record voter intent. They parse input and record what their designers want them to record. Home computers are no different! A voter can click something and something else says their vote is X and what then?
NOBODY KNOWS! Without the loss of anonymity, nobody can know.
Notice how those machines have strong IP protection? Funny how that works isn't it?
When you add up the vote by proxy, IP considerations, change nature of computer bits, and the overall secrecy surrounding voting, it's pretty easy to see an Internet election, or one where it's done on machines simply isn't trustworthy at all!
Worse, doing this doesn't solve any real problems that we can't solve with people and some basic process considerations.
Please don't go down this road. I know it's compelling to get Internet votes because we generally rule the Internet. But it's a mistake! It's a mistake because we won't be recording voter intent anymore, and once we fail in doing that, the elections are no longer something we can verify and with that, no longer something we can trust.