Blockchains and Voting – Rebuilding Citizens’ Trust and Confidence in Government

As recent events have reminded us, trustworthy election systems are essential to a functional representative democracy. Almost as necessary are the public perceptions of these systems. Ideally, the systems should be so transparent and reliable that it is difficult to imagine how they could possibly be compromised. This ideal may be possible in small instances where all the participants are collocated in one place and are able to observe all the proceedings, but not in a large and diverse country. However impossible the ideal is, steps can be taken to improve both the actual and the perceived reliability of our election systems.

For example, in November’s election, claims were made that there were unexplained instances where tabulations of votes for one candidate or another suddenly jumped either upwards or downwards without explanation. Similar claims were made in 2016 but by the other major party. Without delving into the merits of these claims, the mere fact of their assertion damages the perception of election reliability. In fact, even before the onset of the 2020 post-election turmoil, Gallup polls showed that only 59% of the public had confidence that the votes would be accurately tabulated. Refuting such concerns in public perception can be difficult since current election technology is something of an obscure “black box”. Who is to say that someone did not hack the database, subtracting or adding votes to one candidate or another?

We are aware that penetration of even ostensibly security-conscious organizations such as the DoJ and the State Department occurred over an extended period last year due to the compromise of the SolarWinds Orion software that they depend on. For voting, upwards of 150 million ballots were cast in November, so we must depend on computers and databases to tabulate the vote. But how can we depend on them for something so important?

Perhaps trying to move the entire voting process online is beyond current security technology, but that does not mean that improved technology cannot help in certain, targeted areas.

We need to do better. So what do we want in an election system? Here are some suggested criteria.

1. Auditability – The ability to go back to original sources and confirm that individual votes were correctly tabulated into the final result.
2. Privacy – The ability to cast a ballot such that no one else can tell how I voted.
3. Observability – The ability for the public or its representatives to see the components of the election system in the process, and to call out deviations from accepted behaviors.
4. Accessibility – The ability for all authorized segments of the population to be able to cast their votes without hindrance.
5. Enfranchisement – The facil ability to become authorized in accordance with the law.
6. Authorization – The ability to allow only permitted ballots to be cast. Typically, this is one vote per authorized voter.
7. Integrity – The assurance that the data has not been modified or lost. We need this at all stages of the election process.

1. Ballot collection
2. Vote transmission
3. Storage
4. Tabulation

Some of these criteria oppose each other, creating tensions and challenges. For example, the need for privacy must be balanced against observability. And citizens must be able to cast their votes without hindrance (accessibility), but not if they are not yet of legal age to do so (authorization).

So how can blockchain technology help improve performance against these criteria? There are several online voting technologies that make use of blockchain technology, but these uniformly come under fire from security experts who have studied them. Perhaps trying to move the entire voting process online is beyond current security technology, but that does not mean that improved technology cannot help in certain, targeted areas. For example, let us examine storing votes on a blockchain ledger.

Blockchain technologies are basically databases that have certain common strengths and weaknesses. We can give explanations behind these characteristics in another article. Meanwhile, for the current topic, let’s consider the implications of storing votes on a blockchain against the criteria we proposed for election systems.

Taking into account the weaknesses of blockchain technology, we propose that votes be recorded to the blockchain ledger in substantial blocks, rather than piecemeal in individual or small batches of blocks. This will keep the volume of writes within bounds that a blockchain can efficiently handle. Perhaps all votes from a precinct are written at once. For mail-in votes, they could be bundled and recorded to the ledger in scan batches.

To distribute trust, the blockchain validator nodes should be “permissioned”, that is they should each be run and maintained by a trusted, yet independent organization. For example, each county in a state would run a node. An individual rogue administrator of a node would not be able to change the contents of the ledger. In fact, the blockchain can be configured so that a super-majority of nodes would need to cooperate in order to change ledger contents. Such a conspiracy would inevitably be exposed.

With these provisions, writing votes to a blockchain become viable. Evaluating against the election system criteria, what benefits would then accrue? First, as votes are scanned or reported by precinct, votes are stored in a public database. They are immediately visible to all, and cannot be changed. If a correction must be made, it will be done by having the precinct write a new, superseding transaction to the ledger. In this case, both the old and the new transaction will be permanently recorded, providing a huge degree of transparency and auditability.

Speaking of auditability, as is currently the case with most systems, personally identifiable information should not be recorded on the blockchain ledger. Instead, each ballot contains a unique identifying number on it, perhaps in a barcode. This number is part of the cast vote record (CVR) that is stored on the blockchain. When anyone, be they the individual that cast the vote, a political party, or a formal auditor wants to verify a vote, the CVR will be readily retrieved from the publicly accessible blockchain and verified. An authorized auditor will be able to also retrieve the original ballot to confirm that the vote was properly recorded. In addition, any changes to a vote in the immutable blockchain ledger will be apparent.

Reviewing the purported problems with the recent election, where there were claims of vote tabulations changing without reason, a public blockchain ledger record of the votes would provide the ability to either refute or confirm such claims. The distribution of trust among independently maintained nodes would provide reassurance against rogue operatives changing the ledger. The immutable nature of the ledger would make attempted manipulation after votes are recorded apparent. And the public nature of the ledger would allow excellent transparency for all parties involved. Such a system would help restore public trust.

– Dr. Michael Bailey, Blockchain Solutions Architect, Paramount Software Solutions.

Speak with our experts [email protected]