Interesting People mailing list archives
convenience vs risk -- US public elections by email and beyond
From: David Farber <dave () farber net>
Date: Fri, 2 Feb 2007 17:19:57 -0500
Begin forwarded message: From: Ed Gerck <egerck () nma com> Date: February 2, 2007 3:19:49 PM EST To: Ip Ip <ip () v2 listbox com>, David Farber <dave () farber net> Subject: convenience vs risk -- US public elections by email and beyond [Dave: these aspects will benefit from IP'rs feedback. Thank you.] The social aspects of ease-of-use versus security are well-known. People would rather use something that works than something that is secure but hard to use. Ease-of-use trumps risks. What is less recognized, even though it seems intuitive, is that convenience (even though costlier and harder to use) can also make people ignore risks. Convenience trumps ease-of-use, which trumps risks. For example, people will often send a cell phone text message that requires dozens of button-clicks, costs money and is less secure (US Rep. Mark Foley case)... than do a one click, free phone call. We all use regular email even though it is totally insecure -- because it's convenient. Convenience has a lot to do with "personal comfort". It is often more comfortable to send a text message or email than call and actually speak with the person. That you can do it on your own time, or save time, is a very important component for personal comfort. A convenience store, for example, sells items that saves the consumer a stop or separate trip to the grocery store. What happens when convenience is ignored? If convenient ways are not available? Let me note that opposition to any type of e-voting has led to public elections in the US being carried out via regular email in 2006. It may be hard to imagine why opposition to e-voting would in any way make adoption of email voting more likely. It happens because voting is useful and voters want to vote. Therefore, voters will find ways that are not safe but convenient and available ...if more convenient and safe ways are blocked. We already discovered that for the system to be usable is more important than any security promises that might be made. Security innovation has often improved usability -- for example, even though public-key cryptography is hard to use by end-users, it represented a major usability improvement for IT administrators. Usable security is a major area of innovation today. We are discovering that convenience is an even stronger force to bring about innovation. How about paper voting? It does not prevent large-scale fraud, which has been a complement to paper elections for over a century, and is not convenient. Lacks personal comfort, personal use of time. Lack of convenience (not lack of security) will, eventually, kill paper voting. Regarding voting, our future is pretty obvious. Online voting will be mainstream, and is already here in the public and private sectors. But, to be secure, it should not happen with regular email, e-commerce web sites, or current "trust me" e-voting machines (DRE). The socially responsible thing to do regarding voting is, thus, to develop online voting so that it is secure _and_ easy to use. It already has the top quality that paper voting and e-voting machines (DRE) cannot have: convenience. But the real-world voting security problem is very hard. Voting is an open-loop process with an intrinsic "vote gap", such that no one may know for sure what the vote cast actually was -- unless one is willing to sacrifice the privacy of the vote. A solution [1], however, exists, where one can fully preserve privacy and security, if a small (as small as you need) margin of error is accepted. Because the margin of error can be made as small as one needs and is willing to pay, it is not really relevant. Even when all operational procedures and flaws including fraud and bugs are taken into account. The solution is technologically neutral but has more chances for success, and less cost, with online voting. Which just adds to the winning hand for online voting, led by convenience. I would like to invite your comments on this, to help build the trust and integrity that our election system needs -- together with the convenience that voters want. Personal replies are welcome. I am thinking of opening a blog for such dialogue. Moderators are welcome too. Best, Ed Gerck [1] Based on a general, information-theory model of voting that applies to any technology, first presented in 2001. See http://safevote.com/doc/VotingSystems_FromArtToScience.pdf Provides any desired number of independent records, which are readily available to be reviewed by observers, without ever linking voters to ballots. ------------------------------------------- Archives: http://archives.listbox.com/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- convenience vs risk -- US public elections by email and beyond David Farber (Feb 02)