Heads Or Tails Voting: A Secret Ballot In Plain Sight

It would be useful if people could vote secretly from home. If we could do this right, we could do all kinds of things to improve our political systems.

The problem is that if someone is voting outside a secure voting booth, we can’t be sure that someone isn’t watching how they vote. If someone can watch how you vote, they can bribe or pressure you to vote in the way they want. Some people have concluded that it’s impossible to have a secret ballot using online voting.

Heads Or Tails Voting gives you a secret ballot in plain sight. The voter has a single secret piece of information which is never displayed on their computer screen: Whether they are a Heads Voter or a Tails Voter. Using this secret, they can vote without anyone ever knowing how they voted – even if someone was looking over their shoulder as they did it.

Here’s how it works.

Registration

• You register in a secure booth. Like an existing voting booth, only one person is allowed in at a time, and you have to prove who you are before you are allowed to use it.
• Using the computer in the booth, you create a login name and password that you will be able to use from your PC or mobile phone.
• The computer randomly chooses either Heads or Tails, and tells you which it chose. This information is stored in the voting database along with your password, and no-one else knows whether your are a Heads Voter or a Tails Voter.
• You only have to visit the booth once, unless you forget whether you are a Heads Voter or a Tails Voter. Everything else can be done from your PC or your phone.

Voting (Yes or No)

• Log into the voting website using your login name and password.
• The screen shows the choices for Heads Voters on one side and Tails Voters on the other side.

• If you are a Heads Voter, click the top checkbox to vote “Yes” or the bottom checkbox to vote “No”.
• If you are a Tails Voter, click the top checkbox to vote “No” or the bottom checkbox to vote “Yes”.

Voting (Ranking Multiple Choices)

• Log into the voting website using your login name and password.
• The screen shows the candidates arranged in a random order.

(Click for a demo.)

• Rearrange the order of the candidates by dragging their names to the left or right.
• If you are a Heads Voter, put your favourite candidate on the left and your least favourite candidate on the right.
• If you are a Tails Voter, put your favourite candidate on the right and your least favourite candidate on the left.

What Happens If…

• If you forget whether you are a Heads Voter or a Tails Voter, you can go back to the registration booth and find out.
• If someone tries to force you to vote the way they want, you can trick them by lying about whether you are a Heads Voter or a Tails Voter, and make your actual votes go to whoever you think will annoy them the most.
• If someone steals your login name and password, they’ll have to guess whether you are a Heads Voter or a Tails Voter. Since they only have a 50/50 chance of guessing right, they will be as likely to hurt their chosen candidate as help them.

Constitutional QWERTY: Democracy without the stuck keys

With the chance that Britain may soon decide to experiment with democracy by replacing the House of Lords with an elected second chamber, there’s been a fair bit of discussion recently about what form it should take; Some people want only 100 or so senators, others want to use all the seats in the room. Some people want them to be up for election repeatedly, and some people thing they should serve a single term then retire. But there’s very little controversy about the basic design: One way or another, usually involving occasional popular votes, we come up with a list of representatives who will make all the decisions for us.

When nineteenth-century engineers set out to design a keyboard for their new-fangled typewriters, they had some serious technical limitations to deal with. Famously, the typewriters of the day suffered from jammed keys if you typed too fast on them, so we ended up with an arrangement that spread the keys out to put the frequently-used ones further apart.

People designing electoral systems up until the nineteenth-century had some even more constraining limitations to deal with. They were supposed to represent the wishes of millions of people, but it was hard to arrange a meaningful discussion between more than a few hundred. They were supposed to help us make decisions affecting people over hundreds of miles, but getting just a single communication – let alone a conversation – backwards and forwards between someone at one end of the country and someone else at the other end could take over a day. Asking people their opinions was expensive, so you couldn’t afford to do it too often.

Like the keyboard designers, people came up with some creative solutions. The country is arbitrarily divided into electoral areas (constituencies) and each area elects its own representative. People can decide on representatives without knowing what’s going on at the other end of the country, and can make their decisions based on a discussion with somebody close to them. To avoid lots of expensive votes, you pick your representative only once every few years; since the choice you’re making is simple and local, it’s easy to administer. Primitive versions of this system would have a single choice, marked with an “x” (in case you couldn’t write) per person per election. It was simple, crude and cheap, tailored to fit the technology of its time.

Modern keyboards don’t have a problem with stuck keys, and the logistical problems that we worked around with constituencies and parliaments have now been solved. We can have discussions with people without them all being in the same room. We can count a million electronic votes in less than a second. We don’t need constituencies with arbitrary boundries gerrymandered by parties arguing about over bus routes, and we don’t need to restrict our choices in elections to whatever bozo did the best job of sucking up to the local party.

If we wanted a democratic, responsive government, and we weren’t worried about nineteenth-century logistics, here’s how we do it:

1) Start with the concept that everyone gets a vote on everything. If you want to have your say on Article 234Z of Amendment 4B of the Dry Cleaning Regulation Bill, you should be able to exercise it. That didn’t used to be practical; now we have the internet. Vote on everything that way. Problem solved.

2) We don’t need everyone in the same room – we can talk about everything on the web. That means we don’t need a limit on how many people can participate; let anyone join in whatever discussions they like, and let people use whatever ignore filters and reputation systems they like to make sure the people with the most to say get heard.

3) Most people won’t know or care about a lot of issues, or they’ll prefer to let someone they trust figure it out for them. Let them delegate their votes to anyone they like – a friend, a political party, a union, a charity, anyone.

4) Logistically, we don’t need constituencies anymore, and they don’t serve any other useful purpose, so get rid of them. If people value having someone local to represent them, they can delegate their votes to the person of their choice. If for some reason they don’t identify with that local area (as in “I am British, I am English, I am European, but most of all I belong to Oxford West and Abingdon!”) they can delegate their votes based on something else.

This is how Democracy will look in the future. Direct democracy where you want it, representative democracy where you don’t. A local connection where you prefer, national expertise if you’d rather have that instead. Five-year elections and parliaments will be confined to the dustbin of history. We will look back on them as a thing of the past, like those weird old-fashioned qwerty keyboards. Oh, hang on….

Originally posted at Orange By Name.

I think that the

…argues a commentator writing for AP.

Is Google changing voters’ brains?

Right around the time we all started getting mobile phones, people often used to comment that they were losing the ability to remember phone numbers.

As we get used to having Google on-demand, people are starting to say that they’re using the ability to remember anything.

Much as it may upset the Daily Telegraph, this is a rational response to the acquision of our new information super-powers. When information was hard to get, you needed to spend your time hoarding knowledge that you might need. Now that we can pull up all the information we want in a few minutes, it makes sense to tune out anything you don’t immediately need .

Meanwhile, Mickey Kaus writes:

Q: What do you get when you combine the Feiler Faster Thesis (voters are comfortable processing info quickly) with the Theory of the Two Electorates (the mass of voters who don’t follow politics are less informed than they used to be and only tune in at the last minute)…

A: You get elections that are a) close but b) might not look close three, two, or even one day before the vote…

In the US primaries, a few people here have commented how badly out a lot of the polling has been. It would be interested to know if the late surges that have been a feature of this race are a result of more people making their minds up later in a way they didn’t used to – which could, in turn, be a result of the way the internet has change the way we think.

If this is what’s happening, it will have implications well beyond the US race; Polling will get less reliable, and politicians who fail to grasp what Google has done to our brains will lose.

How to vote securely over the internet

Guest blogging over at orangebyname, I’ve argued that a lot of aspects of our current democracy – constituencies, representatives, parliaments, etc. are ways of solving 19th Century logistical problems that no longer exist, and we should get rid of them all and just vote for everything over the internet.

What I’ve suggested is just giving everyone a vote on everything, but letting them delegate it to any person or group they want to.

At this point, some people will be wondering whether internet voting doesn’t have a bunch of logistical problems of its own.

Basically, there are three kinds of problems we have to deal with: Usability, security and secrecy.

1) Usability

Most people are increasingly happy using a computer interface, but there are a few who still don’t get it, and don’t particularly want to. We don’t need to worry too much about them because we can make our new system backwards-compatible with the old one; We can setup ballot boxes once every 5 years or so where people who haven’t signed up as online voters can delegate all their votes to an old-fashioned political party.

2) Security

This is a bit harder, because most people’s computers have long-since been owned by Chinese hackers. That said, in most cases people’s home PCs seem to be good enough for online banking and gambling, so we can probably live with it, even if we do end up passing the occasional spammer subsidy law or whatever. In any case, these problems should get better over time as users become increasingly clueful.

3) Secrecy

This is the problem that a lot of people seem to think is effectively unsolvable – but they’re wrong. The aim here is that it should be impractical to bribe or intimidate people into voting the way you want, because it’s impossible to verify how somebody has voted. That way, with the exception of Japanese people, who have wierd ethics, attempting to buy a vote should tip off the voter that you can’t be trusted, so they can just take your money, promise to support you and go and vote for your opponent. Likewise, intimidation is likely to be counter-productive because you just annoy the intimidatee, who’s obviously going to vote for someone else if he’s confident that you’re not going to find out what he did. In both cases, the key to keeping the system fair is to allow voters to lie to everybody else about how they voted.

Until now we’ve done this by having people vote in closed, managed spaces where nobody can see how you’re voting, but people can see whether you’re being observed. This obviously doesn’t work if you’re voting at home using your computer because it would be too expensive to send somebody over to your house to make sure nobody’s watching when you do it.

At this point it’s worth pointing out that the system we have is already full of holes. For one thing, we also allow voting by post or by proxy, where there’s no way to confirm who actually cast the vote; It would be trivial to apply for a postal vote and then sell it to the highest bidder – you could even do this anonymously, so you’d never even know who you were selling it to. Not only that, voting in a closed space is also now subject to a bunch of vulnerabilities that weren’t there when they came up with the system hundreds of years ago. Everyone carries a little camera around with them attached to their phone, and you can even buy tiny concealable cameras that would allow you to video the whole thing to prove to your vote buyer that they’re getting their money’s worth. Within a decade, the biggest headache for polling officials is likely to be getting people to turn off the cameras on their glasses.

With online voting we can solve these problems. But we’ll need people to show up once – only once – in a managed environment like our current voting booths. Except it will be better secured than our current voting booths, because you’ll be able to show up and do this any time you like instead of everyone having to do it on the same day, so it can be staffed and managed by professionals instead of volunteer old ladies. Or we could stick the things in vans and have them drive around the place like mobile libraries or TV detector vans.

Anyhow, all you’ll have to do at these booths is create some accounts with usernames and passwords that you’ll use to do your online voting. Not a single account – several. (Or as many as you like.) Why several? Because only one of them will work – the other two will be dummies. When you use them to vote, the dummy accounts will look exactly like the real ones – but their votes won’t be counted. The only way to tell which account is which will be from inside the secure booth. That way if someone tries to buy your vote, you can log in with one of your dummies, vote the way he’s telling you and take his money. If you like you can log in again later and cast your real vote.

Alternatively, to fully leverage the power of bloody-mindedness when people try to tell you what to do, we could set it up so that you only have a single account, but you get to choose whether its effect is positive or negative. Then if your violent father tries to force you to vote for his local self-appointed Community Leader, you can sit their clicking obediently while actually casting your vote against him. Nah.

Problem solved.

There we have it: Online voting – usable, secret and (mostly) secure. Pity there’s nothing we can do about the spammer subsidies, though.