Can Technology help protect voters’ identity and privacy? (Part 3)

Yes and No.

Yes, technology can help build a human interface where the hand off to the machine is simple and to the automated processes employed by the machine can ensure both identity and privacy issues are addressed.

No, technology can be hacked to either alter the process or the hand off if no appropriate security is deployed.

For a definitive yes, it has to be security combined with technology. The identity and privacy matters in the new world order related to any fraud can have a domino effect not limited to one individual, but many depending on how such security breach happened and whether the impact of such a security breach is widespread or limited.

When technology cannot come to rescue, there are options to continue with the status quo. I suggest a minor modification to the flap attached to the ballot envelope to ensure the privacy and identity of the voter is not compromised.

I suggest to perforate the flap in such a manner that the name and address details appearing on the left-hand side separates the signature and date of birth details appearing on the right. This perforation technique is similar to the one that is already employed to separate the flap from the ballot envelope or similar to the one that is employed to separate the ballot paper from the candidate profiles. Once the voter is properly identified with available details, establish similar processes to tear off the signature portion of the flap for shredding while retaining the address portion of the flap with a validation stamp or some other stamp appropriate to the status of the voter for further processing.

If technology could be employed to establish the QR code for address details, the QR code can be printed on the flap. This QR code can then be scanned to retrieve the name and address details to validate and even if the signature panel is stored for retention, a compromise cannot happen as the QR code cannot reveal details of the name and address for any fraudulent activity just with the availability of the signature and date of birth without a name and address. I mentioned QR code technology as an example where the address details are encrypted and the software scanning the QR code can be equipped with the necessary decrypt algorithms that only AEC has access to.

This method also helps to log the activity performed by an AEC official and helps auditing of the process in cases where a fraud is deemed to have happened.

The bottom line in technology adoption is to ensure the processes are secured and can be audited. Security is needed to stop not only the external threats, but also the internal threats. Auditing is required to trace all activities to a an individual or to a date and time and place of an activity.