Electronic voting should be allowed but not unless it prints out a ballot with all your selections on it so you can verify and have a real paper trail; not some bit in a database that can be changed and most likely has been changed in the past based on grand jury testimony from one of the diebold programmers. As a programmer knowing how insecure programs are I want paper for something like this.
> "Electronic voting should be allowed but not unless it prints out a ballot with all your selections on it so you can verify and have a real paper trail"
The lack of a receipt is deliberate and prevents vote-buying. A carbon copy of your vote will open as many avenues to fraud as it will close.
With everyone and their dog carrying around a camera in their pocket by means of a cell phone? Hardly. Anyone interested in selling their vote could easily take a photo of their ballot (with some identifying info added to the photo as well to show it wasn't a copy from a friend) to prove they voted the way they were paid.
Even if this theoretically did increase the chance of vote-buying, I think it's still a worthwhile tradeoff for the massive increase in accountability we get from it.
I've used this machine in another state, and it absolutely generates a paper trail. There is a rolling receipt going on the left-hand side of the machine behind glass that records every single button press you do, and scrolls out of view when you complete voting so the next guy can't see it.
It's not perfect, and not my preferred system, but it's pretty decent.
I'd prefer to keep a receipt for myself, with a randomly generated serial number on it, so at some point I could verify that the digital record of my vote #158FA134 matches the paper receipt and who I voted for.
As others have said, this is exactly how you can start buying votes. Pull any book about cryptographic voting off the shelf and this is treated as a design flaw.
Jim is not a nice man and is very demanding and abusive and goes to vote. He wants his wife to vote for X, but he suspects that she will vote for Y. Today, she can vote for X or Y and tell her husband that she voted for Y. He has no way to prove her wrong. With receipts, he can tell her, on no uncertain terms, that she is to show him her receipt afterwards. If she doesn't produce a receipt showing she votes for X, he'll beat her. With receipts she does not have a free vote, without receipts she has a free vote.
I want to buy your vote, and will pay you €10 to vote for X. Today, you can vote for who ever you want, and tell me you voted for X and demand payment. I have no way to prove you wrong. Hence vote buying is hard to do, because you can't know if you're actually buying votes. With receipts, I can ask to see your receipt, and only pay out if you vote for X. With receipts, vote buying now becomes an actual thing that I can do.
Yes, no system is perfect, and the current system does have that flaw. But "record yourself marking the paper and putting it in the box" doesn't scale. If lots of people in an area do that, someone'll figure out what's going on.
Because if you can prove to a third-party how you voted, you can sell your vote, or coerce someone else to vote a certain way.
It's one of the biggest challenges in crypto-voting systems. And there are some solutions. But we need to hammer down on the "silly people, why not just print a receipt" idea really hard.
If the receipts are anonymous, they can't prove how you voted, only that you were able to obtain a receipt. So what if we increase the supply of receipts enough to destroy the value of an individual receipt? For example, voting machines could drop duplicate receipts in a bucket that voters have access to.
But I still would like to be able to have it proven to me that the way I voted matches what the system records. To me, that seems more important, but I also cannot say that it's more important than your points. Hm.
