Russell's Blog

Enthusiasm for schemes with which to conduct an anonymous, fraud-proof elections once again seems to have waxed. So, here is my humble offering.

• Three months before the election, set up 150 vote counting centers, three in each state. Each center must be capable of processing the entire national election by itself. This is to protect against large numbers of centers being shut down, and to make sure the counting happens quickly.
• Allow anyone to come to the vote counting center and inspect the equipment, interview the personnel, and test the machines.
• As long as the vote counting center is open, there must be nearby courts reserved specifically for hearing complaints about the vote counting procedure.
• In the months before the election, distribute a few rounds of test ballots with imaginary candidates. Anyone may submit a test ballot and see that their vote was counted.
• The week before the election, official ballot kits are printed at the vote counting centers. All aspects of the printing process are open to the public. Anyone may cull a ballot kit from the print process for inspection. All culled ballots must be immediately and publicly destroyed once inspected. Each ballot kit contains a local voter guide (like California's Voter Information Guide), a ballot sheet, three envelopes, and a special card marked with the serial number matching the ballot sheet. The card must be printed on something that can be easily and utterly destroyed by the voter. For example, paper that quickly dissolves in water. Each ballot kit is sealed in an air tight pouch with a tamper detection card; once the detector is exposed to air or light, it changes color and clearly indicates a spoiled ballot kit.
• At this point, if there are unaddressed problems at a vote counting center, it will be shut down and the ballot kits printed there destroyed. The courts will be instructed to accept nothing short of perfect working order.
• One week is set aside for voting. Everyone gets at least one paid vacation day and one half day.
• On the first day of the election week, distribute ballot kits to their respective localities. Ballots for different localities can be requested by people who will be away from home. Ballots are also sent to all U.S. embassies and consular offices for citizens traveling or living abroad.
• During the election week, local post offices will remain open extended hours.
• Everyone marks their ballot sheets. Each one has three carbon copies. Each copy goes into one of the envelopes. To submit a ballot, the voter goes to the post office and presents their ID. Their voter registration number is logged in a central database so that they cannot submit more than three ballots.
• The voter may then send the ballot to any vote counting center.
• Voters may drop off the envelopes at different post offices, or on different days. If they like, they can also drop off their ballots directly at the voting centers.
• At the end of each day during the week, the USPS suspends normal operations and processes ONLY ballot deliveries. USPS vehicles are escorted by police to the vote counting centers, but anyone is allowed to follow and videotape the delivery.
• When the election week is over, the ballot envelopes are opened and the ballots scanned. All aspects of this process are open to the public.
• When a ballot is scanned, its serial number and vote tallies are logged. When all votes are counted, the complete logs are published on the Internet in files of large groups of sequential serial numbers. To find your vote, you retrieve the range of votes that contains your serial number.
• Redundant ballots are logged but not added to the count.
• The final result of the election can be tabulated by anyone with some hard drive space and a simple program.

I think that would probably address most of the really bad problems with our elections. I like the idea of sitting down on a vacation day with my ballot, reading the information guide for a while, maybe checking stuff online if I'm curious, and then dropping it off when I'm done. It could be sort of like Thanksgiving, but with an actual serious purpose.

With a week's time instead of a single workday, there would actually be time to address problems that come up. If you go to vote and discover that you aren't registered, you get it fixed (even if it takes a day or two). If someone distributes misleading campaign information, there is time to alert people. The most important thing, though, is that it would make it possible for ordinary people to help verify the integrity of the system in a meaningful way.

It would still be possible to steal an election, but it would be hugely difficult to do without getting noticed. Even if one were able to subvert several of the voting centers, it would still leave very obvious statistical fingerprints. In each subverted counting center, there would be no way to know where the other two copies of a particular vote went until after the count is complete. Stealing a vote would require subverting at least three counting centers and isolating only the votes whose ballots happened to be sent to those particular centers. This would have to be done during the counting process while people are watching. To defeat a large-scale attack, all that is needed is to detect or thwart this exchange of information. Any other sort of attack would require getting at ballots before they are delivered. Ordinary people could make that very difficult just by following the ballot boxes.

In any event, the result isn't actually calculated by the center; it can be calculated by anyone. This makes it impossible to hide stolen votes in the aggregate numbers. If votes were stolen, the people who cast those votes would know. And in any event, the paper ballot sheets themselves would still exist. The fact that each vote would be shuffled across the country in a different way would require an attacker to destroy every one of the ballot archives to conceal the fraud. So, of course, one could simply say that the election results are valid only as long as its archives physically exist. If the archives are destroyed, a new election must be held immediately.