I wouldn't do any of those things, especially the first. In the US at least we've a tradition of secret ballots so that nobody can coerce voters or punish them based on the way they vote. It works because nobody can see how they're voting while in the booth, and after they deposit their ballot there's no way for anyone else to prove they voted (or didn't vote) a particular way. With the voter taking away a verifiable copy of how they voted, you make it possible for outsiders to pay cash based on the way someone voted, or to require someone to show them they voted for particular candidates to, for example, get a promotion at work. Having anything like a serial number that could be tied to a voter's identity (eg. poll-worker writes down which ballot serial number was given to which person as they're handing out ballots) is bad for the same reason, it potentially allows an outsider to determine how a particular person voted.

I'd require printed ballots, but I'd make sure they didn't have anything on them that could be tied back to the voter's identity and that they went into a ballot box not home with the voter. That continues to make buying or coercing votes less effective because the buyer/coercer has only the voter's word to go on and no way to verify it.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11336/32598#32598