[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Membership] [Comment-Mac] privacy and voting

Thank you for your very kind remarks on the MAC effort.

There is no question that your comments raise valid points (although I
disagree on your judgment on the importance of privacy), and a public
posting of the ballots was given serious consideration during our research
phase.  This is one of the many times when we found a conflict between two
quite legitimate needs.

One possible solution would be to permit some kind of independent audit of
the election returns (perhaps by a small volunteer committee) but how
should they be selected?  Another one was to hire an independent agent to
handle the elections (an international accounting firm, perhaps) but that
would be beyond the current budget.

We have recommended setting up a monitoring process, but did not specify
the details of who and how it would be done nor did come to a consensus on
whether the membership registration roll itself should be publicly posted.

Diane Cabell

Kent Crispin wrote:

> The MAC is to be commended on an excellent set of proposals.  I have
> only one comment, concerning the following point:
>   "8.  Privacy concerns should be foremost in the collection,
>   safeguarding and use of a Member's data.  Except as may be required
>   by applicable law, no Director, officer or Member of ICANN shall be
>   permitted to use such personal data for commercial or other private
>   purpose nor shall any Member's individual vote be made public."
> There is an unavoidable trade-off between privacy and public trust,
> and I think the concern about privacy here, though understandable,
> is overblown.
> Consider one extreme: you say nothing at all about the members; you
> post candidate information, announce the vote, collect ballots, and
> then announce the results.  It is difficult for the public to tell if
> the votes were even counted, or if there was even a membership who
> voted.  It is also very difficult for a member to verify that the
> vote was counted correctly, or that their vote was recorded
> correctly.  Under such circumstances conspiracy theories will
> flourish.
> In order for a vote to be trusted, there has to be trust in the
> mechanism.  Given the international character of the membership, the
> already existing widespread miasma of distrust, and the different
> cultural/political expectations, it will be very hard to come up with
> a secret ballot system that everybody thinks is fair and trustworthy.
> It is a hard problem, an acceptable solution will involve significant
> expense, and even then people won't trust it.
> OTOH, if you give up some of the privacy, you get in return a very
> much more robust, open, and trustworthy system:
> It is my opinion that voting, at least initially, should be done by
> email roll-call votes, with all the individual votes posted on a
> public web site.  This is essentially equivalent to a roll-call vote
> in the US congress, or a show of hands in a small organization.
> There are several reasons for this:
> 1) public roll-call votes are very much more resistant to voter
> fraud than secret ballots.
> 2) email is the cheapest, most ubiquitous form of online
> participation, and certainly almost every at large member of ICANN
> will have email access.
> 3) an international email vote will be *very* much less complex and
> *very* much cheaper than equivalent paper-mail voting.
> 4) public posting of the individual votes means that the world can
> verify the count.  Also, any voter can look at the web page and
> verify that his or her vote was tallied correctly.  This almost
> totally eliminates several possibilities for voter fraud.
> The argument for secret ballot is that it eliminates the possibility
> of retaliation for a vote.  It also prevents certain social strains,
> for example, when you vote against someone you are friendly with.
> But, on the other hand, legislative bodies have open roll-call
> voting, and they deal with these problems every day.
> So I'm not sure that these problems are worth the cost of maintaining
> a secret ballot.  Many, many organizations get along fine with
> roll-call, or show of hands, voting, and ICANN could do so just as
> well.
> In summary, while in theory a secret ballot is preferable, in
> practice the benefits are not that great, and to me the robustness
> and simplicity of an online rollcall vote are substantially more
> important.  After things settle down, and people have more confidence
> in how things are run, a secret ballot may be a good idea.  But
> initially, I think votes should be public.
> --
> Kent Crispin                               "Do good, and you'll be
> kent@songbird.com                           lonesome." -- Mark Twain