The revolutionary answer to the e-voting problem

Malta may have new e-counting machines for elections. The governing Labour Party wants to distribute an electronic copy of our votes to all political parties, arguing this is the only way to double-check electronic counting. The opposition Nationalist Party thinks this will allow votes to be bought even if it seems to have agreed to it. The Democratic Party agrees. No one has proposed a solution to the problems though.

Existing political parties are missing the point.

In this article I will show how:

  • We can solve the problems and avoid sharing the votes with political parties.
  • We can have a foolproof mechanism which allows for e-counting.
  • The existing political parties are not capable of solving problems.
  • You should vote for a representative who wants to make things better.

You may think this is a tall order.

Read on.

I

I’m going to start by explaining how elections work in Malta for those of you are not familiar with it. Skip to the next section if you’re an election geek and know all about it.

In Maltese elections you elect candidates based on the Single Transferable Vote. This means that you write the number 1 near the name of your favourite candidate. Then you write out the number 2 next to the name of your second favourite candidate, and so on. You don’t have to rank all the candidates in order and can stop after the first one. This is your choice.

You place your vote, containing your choices, into a box. No one knows how you voted. Your vote is anonymous. This is a critical part of the democratic process.

When voting is over the authorities take all boxes containing votes to a central counting hall. The authorities sort the votes based on the #1 preferences. Elected candidates are those who meet the established quota of votes. This means if, say, the quota is 10,000 votes, candidates need 10,000 ballots with a ‘1’ next to their name. Usually one or two candidates get elected this way.

The counting process then takes unused votes into account. For example, candidates with 11,000 #1 votes has an extra 1,000 votes. These are re-examined for the second-, third-, etc. preferences. (We call these the “second count”, “third count” and so on.) In the end it doesn’t matter if you reach your quota of 10,000 with #1 votes alone or with a mixture of preferences. What’s important is that you get 10,000 votes, and that each vote is only used once.

I’m skipping a few steps here to keep the explanation simple.

The key points are:

  • Your vote is anonymous.
  • The most popular candidates get elected.
  • One person gets one vote.
  • Each vote gets used only once.

It’s a lengthy process.

So why the fuss with electronic counting? Won’t that speed up the counting or is there more to it than meets the eye?

II

The problem is that people don’t trust computers.

I’m making it sound like we’re all Luddites in Malta and that’s not fair.

The real concern is that people are afraid someone will hack the system. As someone who has worked in IT for 25 years I can tell you this is a legitimate concern.

Many aren’t as confident as the government. Some cynical people suggest the government might tweak the software itself to make sure it always wins.

Malta’s Electoral Commission proposed a solution2. They suggest sharing an electronic copy of all the votes with the political parties. Their reasoning is simple: the parties can count the votes by hand if they want to. They can detect any errors by replicating the whole process without electronic counting machines.

There is a bigger problem with this so-called solution which the opposition Nationalist Party and the Democratic Party have pointed out. If the parties have access to every vote what stops them from buying votes? I could do something simple like add a small flourish to the downward-stroke of my ‘1’ to show it’s my vote. The political parties would be able to identify it too.

I will be able to sell my vote. Or someone can force me to vote for a specific candidate.

My vote will no longer be anonymous.

This is not good.

In the manual system, the ballots didn’t go to the parties.

Changing this means fixing something which isn’t broken.

This is not good.

Many have thrown their hands up in the air and said, “Right, no computers then!”

Not so fast.

There is a way to solve this without violating democratic principles.

III

The interesting parts of the manual system are:

  • We know how the Single Transferable Vote works. If we don’t know, we can find out because there are clear explanations available. This calculation is what we use to decide who gets elected.
    In techie terms, we call this calculation an algorithm.
  • We know how to carry out the Single Transferable Vote. On counting day, well-trained people sort and count the votes. They’re trained on the intricacies of the Single Transferable Vote. Numerous tests take place in the run up to an election. These tests verify that the people know how this works.
    In techie terms, we call these tests test cases.
  • On counting day, the authorities and the political parties monitor the people doing the counting. Anyone can make mistakes, so we need to have checks in place. This check makes sure that the implementation of the algorithm is the same as when they tested it.
    In techie terms, we call this kind of check a checksum.

This is how we monitor the manual system.

  1. We have a verifiable algorithm.
  2. We have verifiable test cases to make sure the algorithm works as intended.
  3. We have a checksum in place to make sure the implementation of the algorithm is still correct.

How do these translate into an IT system?

IV

The algorithm is the same because it won’t change with technology. It’s written in what’s known as source code. As long as the source code matches the well-understood description of the Single Transferable Vote, there is no problem at all.

The app developers then use test cases to verify the app works as expected. The authorities can use these test cases time and time again to show the app still works as expected. Most test frameworks use a traffic light mechanism to show you if a test has failed or not. This way everyone can see the app is consistent and works as expected.

Of course there are sneaky ways to change an app so this isn’t enough. In the IT world we make sure an app is un-modified by calculating a checksum. This is a special number generated based on the app. If someone sneaks in at night and changes things, the checksum will be different in the morning. Any change – even adding a single comma to the source code – will produce a different checksum.

This is how we can monitor the electronic counting system:

  1. We have a verifiable algorithm.
  2. We have verifiable test cases to make sure the algorithm works as intended.
  3. We have a checksum in place to make sure the implementation of the algorithm is still correct.

Compare this list with the one in the previous section. You’ll notice they’re both the same.

That’s because the process has not changed. The tools we use to carry out the process change, but the process doesn’t.

So what should Malta do?

V

It’s obvious what the solution is:

  1. The source code of the app should be public.
  2. The test framework and all test cases should be public.
  3. The authorities can calculate the checksum in the presence of all political parties. On the day the counting is to start, they can re-calculate the checksum. The political parties can verify it is still the same before counting starts.

In other words, no one needs to see a copy of our anonymous vote.

The existing two main political parties didn’t come up with this simple solution because they are too focused on their own petty partisan bickering. They cannot get beyond it and realise a simple solution exists. As a result we have a fake solution that breaks the few bits of democracy we still have.

References

  1. Test runs of vote-counting machines still a cause for concern – Fenech Adami; The Times of Malta; 2019-02-27
  2. Government mulls giving parties vote data access; Borg, Jacob; The Times of Malta; 2019-02-11
  3. Political parties should not be allowed to retain scanned ballots, PD says; Hudson, David; Malta Today; 2019-03-14
  4. Single Transferable Vote; Wikipedia; (Retrieved 2019-03-17)

All references were valid and correct when this article was published. Changes to referenced websites or web pages may render some references invalid. If this is the case, please leave a comment below.


HAVE AN INTEREST, IDEA, OR AN OPINION?

Do you have an interest you’d like to tell others about? Or an opinion you’d like to share with the world? From politics to culture and sports, message us if you would like your articles published!

Click here to start!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s