Schneier on Security
A blog covering security and security technology.
« Breaking Microsoft's PPTP Protocol |
| Peter Swire Testifies on the Inadequacy of Privacy Self-Regulation »
August 7, 2012
Verifying Elections Using Risk-Limiting Auditing
Interesting article on using risk-limiting auditing in determining if an election's results are likely to be valid. The risk, in this case, is in the chance of a false negative, and the election being deemed valid. The risk level determines the extent of the audit.
Posted on August 7, 2012 at 7:14 AM
• 11 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
That's very interesting and with both politicians and the electorate both very familiar with the details of statistical sampling and inference I'm sure it will be widely accepted and adopted.
The Bush vs. Gore ballot in Florida in 2000 was, statistically speaking, a dead heat. The electoral system does not allow for this outcome and insists on a numerical advantage to establish the winner. Until a draw is accepted as a legitimate result we will always have stupid vote counting problems to deal with.
The only way it could be adopted would be if a sane, intelligent, rational, benevolent dictator took control of our nation and mandated it.
But then, if that happened then we wouldn't have elections anymore. I guess it's a Catch-22.
"Using 20 store-bought ten-sided dice, Rivest and Stark rolled out a 20-digit number. (73567556725160627585, for those keeping score at home.)"
Does that save against breath weapons and subverting the democratic processes? Or is it just half-damage?
@Dr. I. Needtob Athe - or it could just be decided by an auction, like the ones for 3G spectrum.
Instead of the election being decided by who spends the most $$ on ads - they could simply pay and have the money go straight to the voters.
With the bill for the campaign looking like $6bn and around 130M voter turnout that's $45 each.
Now, that's more like it-- an approach to verification that's technology-agnostic overall. (Though of course the devil is in the details of the process, which will have to adapt to the specific technology being used in each instance.)
> "While 6,573 total votes were recorded in this particular contest, the Wagner team scanned a total of 6,809 ballots, while Napa County recorded 7,116 votes cast in the election as whole. (Not every voter in the election chose to vote in this particular contest.) In short, there were over 300 ballots missing. While that seems problematic, the margins stayed more or less the same."
So they found evidence which suggests fraud - a ballot box went missing. But it doesn't suggest it strongly enough to prove anything, so they went ahead and certified the election anyways.
@jimrandomh - I think that's the point of the statistical analysis.
The unthinking audit rules simply says "ballots went missing = election invalid" but is a crude and expensive test so you can only do it to a pointlessly small sample (1%) of ballots at random.
This analysis says, 300 ballots went missing but it's (statistically) unlikely that they had any effect on the result.
Unless, of course, the missing ballot box was not randomly chosen.
Proportional voting would avoid the problems of winner-take-all. Some states, I believe, are changing their rules for presidential voting so that all their College of Electors votes are cast in favor of which candidate gets the biggest popular vote in the nation.
Several states have provisionally changed their rules to do so, with the changes actually taking effect once enough states to provide a majority in the Electoral College have made the same rule change.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.