Re: Political participation for whom? [cr-95/9/10]


Sender: •••@••.••• (Don Porter)

On Sep 14, 1995 01:11:18, 'Cyber Rights <•••@••.•••>'

>Sender: Heidi Howard <•••@••.•••>
>In discussions of universal access, I have rarely heard anyone say that
>it would be a bad thing if everyone who wanted to get info from the
>internet could do so- the question is therefore, What does universal
>access mean, in scope?

That is a key question that I also haven't seen much discussion about. And,
assuming it can be answered to general satisfaction and agreement, you then
have to go on to ask how much providing the agreed upon level of universal
net access will cost and who's going to pay for it.

If the cost to provide it should become substantial, I can forsee some
taxpayers starting to grumble about "net loafers and cheats" the way some
of them now do about people on welfare. At some point, there'd probably be
calls for some sort of "netfare reform". <g>


Sender: •••@••.••• (Off the edge )

>...(and then we still need to worry about unique id's).

    This got me thinking. How could we validate one vote per one netizen? And
look at all those netizens, some of them are not even 18. In fact, there is a
good chance alot of them are not 18. But is this bad? Why don't we lower the
voting age on the net? After all, if nobody knows your a dog, nobody knows your 
13 year old holding your own on this mailing list.

Matt Conart


Introduction from moderator:

Since the question of electronic voting has generated a lot of
discussion, I thought people would enjoy reading the following article
that examines several issues.  The author, Marilyn Davis, has written
a program that permits voting on mailing lists.



Electronic Voting in Elections

A few years ago, electronic voting in elections was considered to be
inherently fraught with opportunity for error and fraud.  (See "Risks
in Computerized Elections" by Peter G. Neumann, Communications of the
ACM, Nov. 1990, p. 170.)  At that time, the prevailing paradigm was
that, to insure a secret ballot, electronic votes must be tallied and
not stored.  In electronic voting there is no paper and no real ballot
so it is impossible to do a definitive recount.

In the last few years, Philip Zimmermann's Pretty Good Privacy
program, and the government's fiasco with the Clipper Chip have
demonstrated that, with encryption, privacy is possible on the net.

Now that we can ensure our privacy, we can each keep an electronic
ballot online.  No one can see or modify this electronic ballot except
the voter.  A "vote-server" computer program passes over all the
stored electronic ballots to calculate the tallies and report
statistics.  Because the ballots are kept, the voters can check their
ballots and be sure they haven't been tampered with.  And because the
ballots are kept, there is at least as much opportunity for a recount
as there is with hard copy.

It is of utmost importance and germane to the privacy issue that
our ballets are NOT kept on a few central computers but are
distributed and kept close to the voters' homes.  The best
architecture is to have one ballot-keeping machine for every few
hundred voters, the number to be determined from experience.  Each
ballot-keeping machine, by virtue of the same vote-server that stores
the ballots and calculates the local statistics, shares those
statistics (but NOT the votes) with the other ballot-keeping machines
to produce regional and global tallies.

Fortunately, this distributed architecture is already built.  The
strategy of embedding a vote-server into existing BBSs and newsreaders
and shipping the statistics over existing email routes, cheap as it
is, produces the perfect architecture.

To ensure one ballot per person, at least to the extent that that is
ensured now, each voter wishing to vote electronically asks the
Registrar of Voters for a nameless voucher.  This act removes the
voter from traditional polling.  The voter gives the voucher to the
system administrator, or "sysop", of a ballot-keeping BBS.  The sysop
gives the voter an anonymous login with permission to participate in
the official election.

The sysop sends the vouchers to a central authority to receive his
online community's "weight" in the statistics pool.  Each community's
weight, i.e. the number of people in the community, is posted publicly
online.  Also, each community's average vote on each item in each
election is posted so that anyone can calculate statistics beyond the
local level.  At the local level, the online community can devise any
and many schemes to check that their publicized weight and average
votes are correct.

Keeping our votes close to home this way makes it possible for us each
to personally know the person who is responsible for maintaining our
ballot-keeping machine and software.  This provides an additional
layer of security and a new opportunity for community involvement.

In an online vote, the polls can be open for days or weeks before
election day.  People can vote at their leisure and change their votes
when a new scandal is exposed.  The server won't divulge the tally
until the vote closes.  Continual voting like this stimulates
discussion and eliminates the electronic log-jam that results from
single-event electronic polling.

The Vote-Server

There is only one vote-server: "The Clerk".  It is the vote-server
behind the scenes of "eVote" which is software for discussion-driven
direct democracy.  It's cheap, available now, and perfect for the job.
Handling "private" "hidden" votes, the type needed for elections, is a
tiny subset of The Clerk's capabilities.

Currently there is no encryption in The Clerk.  Encryption is easy to
add, as are all things, because The Clerk is object-oriented.

The Clerk's architecture provides yet an extra layer of security in
that The Clerk is compiled before the template for the ballots is
made, and probably before it is known who the candidates will be.  The
ballot template is made by The Clerk when an online user specifies
what we are voting on.  The same Clerk builds the ballot template,
packs the votes into the ballots, and calculates the statistics.  If
the list of items for vote changes, the ballot template changes on the
fly.  This means that today the vote for Charlie is stored in byte 8
of the ballot but tomorrow it may be in byte 6.  This is a nightmare
for a would-be saboteur.  A saboteur with the source code could
theoretically follow his candidate's storage byte but the saboteur's
code would be an order of magnitude more complicated than The Clerk's
code and executing it would slow down the system, probably noticeably.
The Clerk is complicated already because it continually compacts and
reorders the data to keep efficient.

All this means that as long as there's no encryption in The Clerk,
there is a slightly plausible excuse for keeping the source code a
secret.  But once we add encryption, that changes.

When there is encryption, and probably even before, I will lobby and
vote to release The Clerk's source code but it is beyond my authority
to actually release it.  The first principle of democratic tool
development, the principle to which holy allegiance is my yoke, is,
"Never make a decision that can instead be made democratically."  When
we are practiced at online decision-making, all decisions regarding
the development of the system, the spending of profits, and the
enforcing of The Clerk's patent will be made democratically online,
including the decision to release the source code.

Discussion-Driven Direct Democracy

Discussion-driven direct democracy is provided by embedding eVote into
the software that runs the discussions on the BBSs and newsreaders.
Each time new text is contributed, the contributor of the text is
asked by eVote, "Do you want to take a vote on this item?" If the
answer is "yes", the contributor specifies the type of vote and eVote
handles the details.  The composing of the vote question, the polling
of the community, and the reporting of statistics all take place

This is profoundly more democratic than any process previously called
"democracy".  It's more democratic than a traditional town hall
meeting.  Like a town hall meeting everyone has equal opportunity to
bring up new issues, discuss and vote.  But unlike town hall meetings,
online democracy is limited to text discussions.  We have nothing to
judge but the idea and the presentation: no color, no posture, no
accent, no style, no charisma.

Because eVote is backed by The Clerk, a database server, we can each
query the system to see how each other voter voted, just like a show
of hands in a live meeting.  Non-anonymity is essential for consensus
development.  Consensus evolves when the dissenters in a show of hands
are required to state their reasons for dissension, then there's
another show of hands, then more discussion, then another show of
hands, etc.  Online democracy facilitates continual polling and
continual discussion. It is the perfect vehicle for consensus

The Future

This world is at the turning point.  Now is the time to discover the
mechanism that enables the meek to inherit control of the earth.  The
answer is upon us and inevitable: discussion-driven direct electronic
democracy.  This new medium is the tool for a new civic organization
where every person has equal political power.  When equal partnership
is the societal model, equal partnership will become the social model
and we will like each other and get along a lot better.

The first poll (Macworld, Oct. 1994) to ask us what we want from the
Infobahn found that the most desired facility is online voting in
elections.  Even though the voting application has received no media
attention, fully 50% of those polled declared themselves to have high
or extremely high interest in online elections; 67% have at least
moderate interest.

Because we are a "democracy", building an electronic election facility
is inevitable.  Now that a fancy vote-server and a distributed
architecture exist, it is as cheap and more sensible to implement a
facility for discussion-driven direct democracy AND electronic
elections than to implement a facility for electronic elections alone.

It's a miracle that we will have built our perfect direct democracy
facility by working in unconscious cooperation.  It is God's work,
God's miracle.  As we learn to cooperate consciously online, we'll
work our own miracles.

Marilyn Davis

Frontier Systems  ---------------------  eVote - online voting software
3790 El Camino Real, #147
Palo Alto, CA 94306 USA                  Marilyn Davis, Ph.D.
(415) 493-3631 --- •••@••.••• ---  Principal Software Engineer

Please try the eVote Demo: connect to (415) 49-eVote (that's 493-8683),
from 10am to 5pm PST, weekdays, and log in as "eVote".

 Posted by --  Andrew Oram  --  •••@••.••• --  Cambridge, Mass., USA
                 Moderator:  CYBER-RIGHTS (CPSR)

    World Wide Web:

You are encouraged to forward and cross-post messages and online materials,
pursuant to any contained copyright & redistribution restrictions.