Digital systems enable flexible interfaces for various disabled. But as long as digital systems cannot be trusted from a security and privacy standpoint, these digital systems should not be implemented!
This concept aims to improve voting security and add individual election verification to enabling a digital voting system. Everybody becomes an election inspector, but nobody’s privacy is jeopardized.
Adding your recognizable color(+sound) to your vote and receive a private computer generated tag
When preparing your ballot you choose a memorable color(+sound) and when privately printed the computer generates a unique voting code for your selection. The election result is presented in a downloadable form where all votes are searchable by these tags. It is important that each tag is unique; the system will generated a unique code with 6 characters with only upper case and numbers (0 and O excluded) with over 1 billion alternatives. You get a receipt with your tag, but also valid colored(+sound) tags for all other options in the election, these extra tags are copies of other persons valid votes. On your receipt each tag is written next to a voting option but only you will know which tag was yours, you have your choice of color(+sound) attached as a memorable guide. You will have a receipt so that you do not forget your own tag. It is very important to also have the “fake” but valid tags for all other options on the receipt to eliminate the pressure of a potential blackmailer or other aggressive person/organization willing to force your vote through punishment and threat. When choosing your personal color it is important that you also have the ability to choose preferred colored options for your “fake” alternatives.
When making your selection you tagging it with your chose from a list of colors, but each color is also represented with a sound so that people without sight can make an preferred tag as well.
Flexibility for everybody
To enable you to prepare your vote at your best time and with your favorite interface the possibility is given to do so.Ballots are made accessible through post, in community spaces, voting centers etc.Each new ballot is unique but does not carry any vote attached to them, you will digitally attach your proffered selection to it and you will have to give your selection color(+sound). At the voting center or earlier you might want to change your mind and by grabbing a new ballot and attaching your new selection to this one you can do so. Basically you can prepare as many ballots as you wish and take them to the voting center, but only register one of them the end.
Making the computer generated tag private
It is also important that at the occasion when you are given your personal computer generated tag you are in privacy. At the voting center you will in privacy add a print with your vote on to the ballot to enable manual count. When adding your voting print to the ballot at the voting center you also get your receipt with voting tags with your selected colors. At this point you can in privacy search the database to see that your unique computer generated tag is not already registered! And if it is you can alarm that there is something suspicious going on! In privacy you can check your printed ballot and if you printed the wrong ballot you can reprint the correct one. As soon as your vote has been registered in the ballot box the unique tag is shown as registered with a search on the database. For added trust the unique vote on the database is also displaying your attached color.
To enable this system for the first persons to vote all options already have a digital tag in the digital system for each color(+sound). When the searchable result of the election is presented you cannot tell which of these tags was there from the start but the amount of start-up tags is known and can be deducted from each of the options for the digital result when compared with the manual count.
Register your vote at the voting centre
After making your preferred choice and printing your ballot and receipt at the voting centre, the ballot needs to be added for manual counting as well to be counted! But first you have to show that you are eligible to vote, showing your ID/biometric/ to match the voting roll. When approved to vote you put your ballots in the correct boxes and if scanned correctly your vote is added digitally and collected manually and your successful vote will be marked in the voting roll. Now your tag and color will show as registered if searched at the database. If scanned and disapproved by the collection box the ballot is refused by the box and you can have another go. It would also be good if the box added a print to the receipt so that you would know that a receipt actually represents a valid vote and not only a prepared ballot.
Voting secure from home or anywhere
Instead of starting with paper ballot you start with a pair of voting glasses! By combining the system with the type of glasses presented in /open/voting/concepting/eye-voting-glasses/ it may be possible to set up a secure and private voting from anywhere. When combined with this concept only the tagged and colored receipt system of my concept is needed and you would have the option to be sent a receipt digitally or have it printed and posted. My only concern in this situation is how to create and give the feeling of a traceless connection between you as person and your vote.
Potential fraud in this system and how to avoid them
1. One fraud possibility that I thought of is that a hacker may want to mixture with the system to create duplicate tags that several people think is their own.
By setting up a tag system as explained above that combine a computer generated code with a choice of color(+sound) and the ability to check whether your code is already taken before you register your vote, the chance of choosing the same color as someone else in the time frame where you would not notice that a duplicate is made gets very limited and is not likely to affect the result in a dramatic way. Also if additional manual counting is applied as suggested, such hack would create a miss match between the digital and the manual count.
2. Another way to fraud this system is if a hacker gets the digitalized system to ad votes that has not been cast by eligible persons.
My suggested solution to this is that the votes are not only counted by the computer. To fulfill your vote you also have to print* your ballot at the voting center and hand it in at your voting center, or send it as a secure traditional postal ballot as existing in several countries. When handing in your vote the voting center would mark that you cast your vote in the election roll. The voter will then take the printed ballot and put it in a counting box. The ballot has a encrypted code (QR or similar that identifies the vote and marks it for the election server as registered in the box, a verification lamp and sound gives the voter a message that it is digitally registered as voted) the box takes the vote and it cannot be removed until manual voting begins. If the manual counting does not match the digitalized counting the counting was made wrong or the computer is hacked.
3. Imagine someone threatens you and says you have to choose a certain color for a certain option. With the system described you will be able to show the receipt with that color on that option and a search will verify this.
4. Another potential for someone that wants to fraud the system is to hack the election roll or ID verification list to either exclude real people or ad imaginary people enabling multiple votes by the same physical person representing the imaginary. I would suggest that the security of a digital relying system for rolls and ID verification lists etc are constant verified by challenging hackers to try to break the system with a reward, and develop security measures related to the result of these challenges.
5. Another fraud possibility in the concept described above is that someone prepares a lot of ballots, prints these with receipts and forces these on to people.
One way to protected against this is by setting a maximum time from print to register for a ballot and not allowing anyone to rush through the private area in the voting centre faster than this time frame.