Direct Democracy - My presentation in Nottingham

Heyhey... after a year of hard office work, it's like the good old times again: my blog seems to contain mostly notes of various conferences I've been to :-) (By the way, I also had an interesting trip to Dublin last week, maybe I'll write about that later.)

On Wednesday night I'm off to Notthingam, where I'm attending a seminar titled "The political economy of peer production" organised by the Nottingham Trent University. Excited as I am I became a bit grandiose and chose as my subject the introduction of a system of direct democracy. In other words, I've been thinking I should replace all the current democratic governments we have.

Doing that is not a problem, but presenting the idea in 30 minutes is certainly not possible. So attached I've made available the slides I intend to present and also the full text of 14 pages that explains the system in more detail.

Update: I realised I had not attached a Creative Commons license to the PDF files, so now I did that. I also uploaded the original format OpenOffice files in case somebody would like to excercise their right to edit or re-use my work.

As there was some very bright people attending the seminar, I was not surprised that I got some very good comments on the talk:

Stefan Merten and George Dafermos both expressed their dissatisfaction at the talk since they didn't see much of Free Software in it. In particular Stefan sees that governance of Free Software projects is post democratic and if we want to have better governments we should strive for such systems instead of mere improving towards a better democracy. This was in fact my original intention. However, nation states turn out to be different from Free Software. The key is that a nation is a scarce and physical resource and you cannot fork it. The ability to fork is crucial in maintaining balance in a benevolent dictatorship and without it we cannot directly copy the governance models of Free Software to nation states. This model is therefore inspired by Free Software, but it is not the same model.

Commenting on this discussion Hervé Crosnier pointed out that we can distinguish 2 kinds of communities: choice communities and destiny communities. Free Software communities are the former, we can choose to join or leave them, whereas in nations you are born and you cannot easily change to another community.

Andreas Wittel made a positive comment in something like "When I saw your title I wasn't very interested, I mean do we want Direct Democracy, of course not. But now that I've heard the talk I am very interested, it seems like a good system."

Analysing the voting protocol proposed, mainly with Paul Hartzog, we made some good insights: A clueful reader will notice, that the protocol actually provides a continuum from current representational democracy to plain direct democracy. In one extreme all voters will just specify a default vote and forget about the system the next 4 years. This is equivalent to current representative democracy systems. On the other hand it is possible that everybody uses their secret votes to vote directly on the issues, in which case the system collapses to a pure direct democracy. In practice the system would be a combination of both, and the balance will fluidly move between these two extremes.

Out of these discussions with Paul I also got an idea for a better name for the system: Delegated Direct Democracy.

Many commenters had ideas how to pilot this systems within small local communities, Facebook or Drupal Voting module. That is of course exactly how to set the ball in motion, which was omitted from this talk (point five). Until now my main concern has been that a cryptographically secure algorithm for this voting protocol doesn't yet exist, so I've been reluctant in pushing this forward. In small pilots on Facebook and so this is not an issue, but since my final motivation is to apply the system to governing real nations or local communities, the technology would have to be really secure. But since I am optimistic that a good cryptographical algorithm can be devised (the system isn't that different from contemporary e-voting) I actually got some inspiration to perhaps implement this some day. (As if I will ever have the time to really go forward with it!)


In general I think I succeeded in presenting something that was entirely different from what everyone else is doing, yet seemed to interest the audience. That was my intention too: making a genuine contribution and perhaps being ahead of my time.

Presenting this idea and the feedback I got inspired me to spend some time reading up on recent developments in e-voting cryptographic research. It is now about 4 years ago I last did that, so it was time to see whether there has been progress.

I picked up where I finished 3 years ago:

"Receipt-free Homomorphic Elections and Write-in Ballots," Alessandro Acquisti. Technical Report 2004/105, International Association for Cryptologic Research, May 2, 2004.

Based on my amateurish understanding of the various algorithms out there, this one felt like it is closest to actually solving all the problems e-voting has to face (with security and practicality). Indeed there are at least 2 recent papers who seem to have concluded the same:

"Surveying and Improving Electronic Voting Schemes" Jonathan D. Goulet, Jeffrey S. Zitelli, Sampath Kannan, 2005.

"A framework and taxonomy for comparison of electronic voting schemes" K Sampigethaya, R Poovendran, Computers & Security, Elsevier 2006.

In fact the "framework and taxonomy..." article is a superb overview of practically all of the proposed e-voting schemes to its date. It also functions as a good introduction to the whole topic, although if you are completely new to the topic it might be a bit too much in one bite.

My conclusion is that the cryptographers are doing a good job pushing the envelope, but online e-voting is a hard nut to crack, and we probably are not quite there yet. In addition the proposed Delegated Direct Democracy system has some requirements of its own, making it more complex than a typical contemporary election is:

  1. Ideally, we'd want to use Single Transferable Vote (or some similarly sophisticated scheme). Unfortunately, while the family of Homomorphic voting protocols seems to be the best solution overall, their main tradeoff is that they do not easily support very complex voting methods - basically "1 out of n" or "m out of n" is what they can do. However, with STV you'd want to be able to make an ordered list out of the options. This is equivalent to picking "1 out of n!" and it is unclear whether Acquisti's or anyone elses scheme scales that well.
  2. The algorithm should support potentially millions of candidates (each voter potentially is also a candidate).
  3. AND it must support the possibility of voting for a candidate OR directly on the issue. (This is just millions + n!, but still worth noting)
  4. The concept of default vote is new compared to contemporary elections and must be supported. The good thing about homomorphic schemes is that it is possible to replace your own vote later with a new vote, so they would in fact support the default vote (just too bad they may not scale to our needs otherwise). This probably means that mix-net based (hidden voter) types of algorithms are unusable, because it is not clear that one would be able to replace the default vote once it is sent through the anonymising mix-net. (Although one could think of a hack where the default vote is stored somewhere safe, then sent through the mix-net at the time of the vote, if the voter didn't vote anything yet.)
  5. A final requirement that is not unique to Delegated Direct Democracy but that I haven't seen discussed anywhere in the academic articles is that of the system being "future proof". The homomorphic systems have an Achilles heel in that voters are posting their votes in encrypted form but in public. (Also some mix-nets would suffer from this, through their verification algorithms.) This means that once the NSA successfully implements a quantum computer, they will be able to see how all of us voted in all past elections. Thus a scheme where votes cannot be publicly tied to the voter even in encrypted for do have an edge here.

So in summary: The current situation seems to be interesting, but all solutions have their tradeoffs. Homomorphic schemes are good, but limited in the form of ballot and (probably) scalability. Mix-net based solutions would provide essentially a free-form ballot, but are not as practical to implement and wouldn't seem to (at least straightforwardly) support the concept of the default vote.

It seems like a good idea to let the cryptographers have another 3-10 years and see if they can come up with even better solutions, but the progress is there so there is reason for optimism.

Just one more comment. I realised that the method proposed for write in votes in Acquisti is actually usable to overcome the problem with STV voting scaling to n!. The thing is that even if STV in itself results in n! possible ballots, the amount of different permutations is also bounded by the number of voters (which is typically less, a maximum of hundreds of millions). So there is no need to enumerate all n! possibilities for a ballot, instead voters would send in their STV choices as write-ins through an anonymous channel, and when voting authorities map the proposed ballot to a number in the homomorphic scheme, the voter votes for that number. This way the maximum number of different ballots is just the number of voters, and would in practice be far less.

Seems like all this could be doable after all?

Add new comment

The content of this field is kept private and will not be shown publicly. Cookie & Privacy Policy
  • No HTML tags allowed.
  • External and mailto links in content links have an icon.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
  • Use [fn]...[/fn] (or <fn>...</fn>) to insert automatically numbered footnotes.
  • Each email address will be obfuscated in a human readable fashion or, if JavaScript is enabled, replaced with a spam resistent clickable link. Email addresses will get the default web form unless specified. If replacement text (a persons name) is required a webform is also required. Separate each part with the "|" pipe symbol. Replace spaces in names with "_".
About the bookAbout this siteAcademicAccordAmazonBeginnersBooksBuildBotBusiness modelsbzrCassandraCloudcloud computingclsCommunitycommunityleadershipsummitConsistencycoodiaryCopyrightCreative CommonscssDatabasesdataminingDatastaxDevOpsDistributed ConsensusDrizzleDrupalEconomyelectronEthicsEurovisionFacebookFrosconFunnyGaleraGISgithubGnomeGovernanceHandlerSocketHigh AvailabilityimpressionistimpressjsInkscapeInternetJavaScriptjsonKDEKubuntuLicensingLinuxMaidanMaker cultureMariaDBmarkdownMEAN stackMepSQLMicrosoftMobileMongoDBMontyProgramMusicMySQLMySQL ClusterNerdsNodeNoSQLodbaOpen ContentOpen SourceOpenSQLCampOracleOSConPAMPPatentsPerconaperformancePersonalPhilosophyPHPPiratesPlanetDrupalPoliticsPostgreSQLPresalespresentationsPress releasesProgrammingRed HatReplicationSeveralninesSillySkySQLSolonStartupsSunSybaseSymbiansysbenchtalksTechnicalTechnologyThe making ofTransactionsTungstenTwitterUbuntuvolcanoWeb2.0WikipediaWork from HomexmlYouTube