[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Comment-Mac] privacy and voting

The MAC is to be commended on an excellent set of proposals.  I have 
only one comment, concerning the following point:

  "8.  Privacy concerns should be foremost in the collection,
  safeguarding and use of a Member's data.  Except as may be required
  by applicable law, no Director, officer or Member of ICANN shall be
  permitted to use such personal data for commercial or other private
  purpose nor shall any Member's individual vote be made public."

There is an unavoidable trade-off between privacy and public trust, 
and I think the concern about privacy here, though understandable, 
is overblown.

Consider one extreme: you say nothing at all about the members; you
post candidate information, announce the vote, collect ballots, and
then announce the results.  It is difficult for the public to tell if
the votes were even counted, or if there was even a membership who
voted.  It is also very difficult for a member to verify that the
vote was counted correctly, or that their vote was recorded
correctly.  Under such circumstances conspiracy theories will

In order for a vote to be trusted, there has to be trust in the
mechanism.  Given the international character of the membership, the
already existing widespread miasma of distrust, and the different
cultural/political expectations, it will be very hard to come up with
a secret ballot system that everybody thinks is fair and trustworthy. 
It is a hard problem, an acceptable solution will involve significant
expense, and even then people won't trust it. 

OTOH, if you give up some of the privacy, you get in return a very 
much more robust, open, and trustworthy system:  

It is my opinion that voting, at least initially, should be done by
email roll-call votes, with all the individual votes posted on a
public web site.  This is essentially equivalent to a roll-call vote 
in the US congress, or a show of hands in a small organization.

There are several reasons for this:

1) public roll-call votes are very much more resistant to voter 
fraud than secret ballots.

2) email is the cheapest, most ubiquitous form of online 
participation, and certainly almost every at large member of ICANN 
will have email access.

3) an international email vote will be *very* much less complex and
*very* much cheaper than equivalent paper-mail voting.

4) public posting of the individual votes means that the world can
verify the count.  Also, any voter can look at the web page and
verify that his or her vote was tallied correctly.  This almost
totally eliminates several possibilities for voter fraud.

The argument for secret ballot is that it eliminates the possibility
of retaliation for a vote.  It also prevents certain social strains,
for example, when you vote against someone you are friendly with.  
But, on the other hand, legislative bodies have open roll-call 
voting, and they deal with these problems every day.

So I'm not sure that these problems are worth the cost of maintaining
a secret ballot.  Many, many organizations get along fine with
roll-call, or show of hands, voting, and ICANN could do so just as

In summary, while in theory a secret ballot is preferable, in
practice the benefits are not that great, and to me the robustness
and simplicity of an online rollcall vote are substantially more
important.  After things settle down, and people have more confidence
in how things are run, a secret ballot may be a good idea.  But 
initially, I think votes should be public.

Kent Crispin                               "Do good, and you'll be
kent@songbird.com                           lonesome." -- Mark Twain