The Election – 2000

As I write this, a week after the Presidential Election we still don’t know who won. Part of the problem is simply due to the incredible closeness of the vote. The main problem lies with the archaic way we vote.

I am not talking about the Electoral College, which I think is as valid today as it was when first established.

The actual ballots and how they are punched, checked, marked, and above all counted, are hoplessly out of date and should be replaced.

There are many technical issues and detailed checks and balances that will need to be addressed but a general approach is easy to determine.

Each voter is mailed their precinct card, just like we already do. The new precinct card will contain a voters unique ID# and a random default password. The ID# will be randomly generated so that they can not be easily guessed. Additional steps, such as sending a conformation code to each mailing address could be added if necessary.

Voting could be done either via the web, using any browser that supports SSL, or at the polling place using the same web based interface (ensure consistency). The machines at the polling place should be on an isolated network (to prevent hacking) and connected only to the central state voting commission computers.

Using a basic HTML form it is easy to prevent many of the common problems that currently cause votes to be discarded. Radio buttons can easily prevent multiple selections. By forcing the voter to specify that they abstain from voting for a canidate or issue rather that just leaving that section blank, simple JavaScript can alert the user to missed sections before the vote is even submitted.

After voting each voter is given a reciept that is the only record of how they as an individual voted. The reciept is simpy a confirmation page sent to the web browser. It contains their name (maybe not?), their ID#, vote#, how they voted on each issue (including abstentions) and a plain text (not human readable) public key signature block at the bottom that “certifies” or “verifies” that it is an offical reciept (perhaps enclose an encrypted copy of the vote information in that block).

The voters ID# is tossed out and not stored with the vote. Each vote is assigned a unique vote#. If a voter suspects that their vote was not correctly recorded they simply present the vote reciept. The vote# is matched to the vote# stored in the election database. The database entry is compared with the reciept.