Re: What the voting experts think of barcodes

From: Karl Auerbach <karl_at_cavebear_dot_com>
Date: Wed Jun 02 2004 - 14:46:01 CDT

My take on the bar code thing:

My experience with OCR scanning has always reminded me that it is error
prone. It lacks redundancy - a blotch on the paper (the candy bar smudge
frop a voter's fingers) can make the interfere with the reading of a
character or word.

Bar codes are much more reliable - and we have multiple of 'em on the
page.

My preference is to use a machine readible font for the human-readible
portion (perhaps with the background elided to remove scanning noise) and
to retain the bar codes.

In addition, it should be made clear at all stages that the bar code is
merely a secondary rendering of the voter's intent - that the human
readable text is the primary rendering and, in all cases of conflict,
supersedes the bar code.

As for extra information in the bar codes - first off, I believe we don't
have enough room in the 1-D codes which drives me to the 2D ones. Those
do come with a significant increase in available space that could be used
for good or ill.

Given that there is lots of room on the page for stegonagraphic hiding of
other information about the voter, the extra space in the bar code doesn't
really bother me as a significant additional risk.

Alan's point about the privacy folder and the bar code is a good one -
with the edge bar codes the ballot can be scanned while the human readible
version is kept private.

As for the issue of smart cards being used to convey the voter's name to
the machine - I figure that there would be a stack of pre-written smart
cards, e.g. for a primary there would be one for democratic party, one
republican, one independent, one green party, etc. For a general election
there would simply be one stack, thus representing the fact of one ballot
configuration.

That way the voter could pick any from the stack thus breaking any linkage
between the sign-in identity and the voting machine.

There would have to be procedural and physical security to protect the
unused cards.

Another way is to write the smart card *before* the voter signs in and
identifies himself - this, however, might turn out to be procedurally
impractical.

                --karl--

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Jun 30 23:17:03 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:29 CDT