While we Britons use universally-comprehensible pencil and paper for our elections, Americans have sacrificed the democratic process to corporate interests. They use machines to record and count their votes; and in deference to the power of the Almighty Corporation, any kind of reverse-engineering against the machines they use is an offence.
Some jaw-droppingly bad blunders have been made with voting machines. One often-proposed idea is to issue voters with a receipt. This is an exceedingly bad idea. There is nothing to stop the machine from accepting your vote for candidate A, issuing you with a receipt for candidate A, and then recording a vote for candidate B. You might be able to work out from examining the hardware and the software that that was what it was doing; but of course, they embody confidential trade secrets of the manufacturers.
Even if the USA were to make it law that voting machine manufacturers must publish their blueprints, schematics and software listings to allow independent scrutiny (by the tiny minority of the population who can make sense of such information), how can you be sure that the machine that accepted your vote on polling day was actually built in accordance with those plans and running that software?
Now Imagine this on a notice board in a workplace:
All workers taking time off to vote will be expected to show their receipt proving that they voted for the factory owner’s brother-in-law under penalty of dismissal.
Voter receipts do nothing to prevent the following scenario:
Suppose Candidate A receives 500 votes, B receives 390 and C receives 110. These are the actual votes, remember. The announced result, however, is A 380, B 500, C 120. (Note that those figures are not so far out as to be utterly implausible. If they wanted to get a candidate elected in the face of very strong opposition, they might have to field a few extra candidates of their own just in order to split the vote.) You voted for A. You go with your receipt to the Town Hall to check how your vote was recorded, and are correctly told you voted for A. And that’s as far as you can take the matter.
Even if all 499 of the other people who voted for A go and check, they’ll be told — rightly — that their vote was for A. And because (1) they all go in one at a time to check their vote, and (2) there are also many B- and C-voters in there, not one single one of the A-voters will be the slightest bit the wiser that there are really 500 of them, as opposed to the 380 that was announced!
You could only determine that something was amiss if all those A-voters produced their receipts for Candidate A at the same time. And in reality, the proportion of voters who will actually bother even to check their vote will be minuscule.
Sacrificing voter anonymity altogether does not prevent the following scenario:
Suppose we extend the above scenario a little, and sacrifice the secrecy of the ballot in the name of being certain that votes were counted correctly.
First, they need to compile a list of everyone and their wider social network: their friends, neighbours, family, work colleagues and so forth. This isn’t half as big a task as it sounds, what with the likes of Facebook doing all the donkey work for them.
The results are published on the Internet; subject to DRM, of course. The DRM is partly a blind. Every voter must enter their own unique code in order to see the election results. In return, they get to see everyone’s name, address and who they voted for. The results can’t be printed, nor left on display for too long (hence the part of the DRM that isn’t a blind), to guard against misuse. That should reassure the voters a little (but not much, since anybody with enough money may still be able to pick up a copy by other means.)
They can announce whatever the hell result they like (as long as it’s favourable to them and represents a plausible turnout); it need have no correlation with how people actually voted.
The clever bit: Every voter gets to see their own vote, and the votes of their social network, exactly as they were cast; however, the votes of others outside their social network are altered to make the totals up to the desired figures. (This is why it is necessary to enter a unique voter ID code to access the list: everybody needs to be shown a slightly different list. DRM is a good front for this.) So I can see online that my grandad and my mum both voted Tory, my aunt in Porthmadog voted Plaid Cymru, my ex-coal-miner uncle voted Labour and that dippy tart down the street with the blue hair voted Green Party. All these people would also see my vote recorded correctly, if they looked, and nobody is surprised.
And the only way to demonstrate any wrongdoing is to ask a lot of strangers who they voted for, which comes with its own attendant risks. (I voted for the punch in the face party, anyone?)
Voting machines are the problem in and of themselves. Hand counting by the candidates themselves, or their representatives, exploits an existing adversarial relationship. None of them trust any of the others, so the only way they can agree on a result is if it is correct.