|
PAPER NÚM. 9
(Papel nº9/Paper 9)
Marc Strassman
Internet voting and its cousin, digital signatures on initiative petitions, are now seen by many observers as inevitable steps in a national effort to get people back to the polls or, more accurately, to get the polls out to the people. How would Internet voting look in, say, the 2002 elections? Surprisingly, it would not look much different than ordering books at Amazon.com looks today, with the operative metaphor being a "digital ballot," instead of an "electronic shopping cart." The main difference would be that the security and authentication levels would be higher, since we would be electing our officials and not just ordering mystery novels or other light entertainment. The standard Internet voting system would require each voter to have a "digital certificate," an advanced type of account number that is capable of "digitally signing" any document generated by a computer, including an Internet ballot. During the digital signing process, the ballot would be encrypted so that it cannot be read (or altered) while in transit to the "virtual polling place" (the server used by the electoral jurisdiction). When it arrives at the official server, this powerful computer would retrieve the voter's "public key" from a trusted Certificate Authority and use it to decrypt the encrypted ballot. If the ballot file decrypts coherently, the official server will know two things: it was sent by the person who signed it, and it has not been tampered with since he or she signed it. Authenticated identity and non-tampering are the two most important things that need to be established by the Internet voting system. The use of digital certificates to generate digitally signed ballots makes it possible to determine both the identity of the sender and the integrity of the ballot to a degree of certainty far exceeding that which what now exists with the often almost-informal means used for brick-and-mortar voting. The other important and necessary feature in an Internet voting system is a way to ensure the anonymity of the ballots’ content so that no voter can be associated with the way he or she voted. The standard Internet voting system of 2002 will achieve this by first authenticating the voter's identity, removing his or her name from the list of voters eligible to vote in that election, stripping his or her identifying information off the file, then sending the file to the tabulation server for aggregation and counting. On Election Day ... or Days That is how the technology will work, but what about the experience of going to the ballot box? By 2000, state Departments of Motor Vehicles will issue driver’s licenses and state identification cards on "smart cards," credit-card-size objects with a computer chip and electronic memory inside them. Pre-loaded on these smart cards will be each person's unique digital certificate. These digcerts also will be sent by e-mail from the DMV to the computer(s) of everyone who asks for them. The smart cards will now be in the hands of everyone eligible to vote, since they will be generated and provided, at no additional cost, to everyone who has any form of state identification. During the election period (starting two weeks before Election Day and ending at 8 p.m. on that day), voters with access to the Internet will visit the election site (at, say, http://www.votesite.net), and enter their names and addresses. This will allow the system to determine their precincts and to generate and deliver personalized electronic ballots that correspond to their places of residence, and include all the candidates and ballot measures that voters in that district are entitled to vote on. The actual voting process will take less time than it does now. By clicking in a box next to a candidate's name, or by clicking on the candidate's name itself, the voters will make their selections. Similar clicking will allow the voters to express a "Yes" or "No" preference on each ballot measure. Voters can skip around, return to any section, or change their votes. When they are finished making their choices, they click on the "Finished" button, which causes the system to display all their selections for their review and approval. They can still make changes to any of the items. When the voters are satisfied with their choices, they click on the "Submit" button, and that's it. A "digital ballot" file containing their selections is then created and "digitally signed" by their digital certificate and sent to the electoral server. There, using the voter's public key, it is de-crypted, the voter's name is removed from the list of voters eligible to vote in that election, all identifying information is stripped off, and it is sent to the tabulation server, where it will be counted. What about those left behind? There are two groups that might be left behind by the adoption of digital voting: communities (including nations) with little penetration of technology and individual voters without access to computers. For entire states that lag behind in the transition to electronic voting, the consequences may be dire. Because the digital-voting infrastructure also enables e-commerce at a high level, jurisdictions that tarry while others move forward will suffer the inevitable effects of being unable to compete effectively, economically, culturally and in terms of quality of life. What about voters without computers in jurisdictions with electronic voting? They will go, as they always have, to their local polling place. There, they will enter a voting booth containing an "Internet Voting Appliance" (IVA)©, a specialized laptop computer that contains a slot for a smart card, a touch screen for input and a wireless Internet connection for transmitting ballots. The process here will be essentially identical to that experienced by voters who use their own computers at work or at home -- access to a Web site is access to a Web site, however achieved. Once the proper ballot appears on the IVA, the mobile voters will make their choices just as their at-home or at-office counterparts will do. When they are finished making their selections, they, too, will click on the "Submit" button, signaling the IVA to use the digital certificate on their inserted smart cards to digitally sign their ballots. The ballots submitted from home, office and polling place will be stored during the voting period on the electoral server. The final results will be known within seconds of the ritual clicking of the "Calculate Totals" icon on the control terminal at the office of the election administrator. No more waiting around all night for concession speeches and for victory parties to begin. Democracy will be on Internet time. The choice for officials and voters then, is clear. Dare the electronic electoral edge, or be left behind. Give citizens access to voting through the most powerful communications tool ever devised, or see political-participation rates drop so low that any claim to being a democracy will be laughable. Our choice now is reminiscent of and is part of the larger set of choices referred to by the Raymond Massey character at the end of the 1936 film version of H.G. Wells' "Things to Come": "Which shall it be? The universe ... or nothing? Which shall it be?" Marc Strassman is the executive director of the Campaign for Digital Democracy and the president of The Internet Voting Company. (Article written for IntellectualCapitol.com and published on the site the 6th May 1999).
|