Check out the new USENIX Web site. next up previous
Next: Conclusions Up: Analysis of restructuring Previous: Added

Not included

(10, 36, 39, 40, 42, 55, 60, 67, 68, 72b, 85, 87, 88, 93b, 112) were not included in the restructured requirements for the following reasons.

(36, 39, 60, 87, 88 and 112) were deemed to be outside the scope of the document. For example:

(36) ``Domestic legal provisions governing an e-election or e-referendum shall provide for clear timetables concerning all stages of the election or referendum, both before and after the election or referendum.''

This is not directly related to the design or use of e-voting systems. It would neither help a manufacturer to develop a better system, nor help a government determine whether a given system was `good' or `bad'.

(10) is ``paternalistic'' [14]. There is no reason why interface designers should attempt to ensure deliberation on the part of the voter, and attempts to do so would likely only make the interface annoying. The traditional paper ballot does not have any measures to ``...prevent [the voters'] voting precipitately or without reflection''.

The registration of candidates and voters online (40, 42) is extremely inadvisable at this time. The difficulties associated with effective authentication on the Internet are well known [13,5].

The reason for the inclusion of

(55) ``Any decoding required for the counting of the votes shall be carried out as soon as practicable after the closure of the voting period.''

is unclear, particularly in light of the presence of

(34) ``The e-voting system shall ... keep [the votes] sealed until the counting process.''

(67 and 68) refer specifically to the use of EML. While the use of open standards can be advantageous (see point 120 in [8]) it is not advisable to support a particular standard in a requirements document beyond citing it as an example.

(72b) ``The backup services shall be regularly supplied with monitoring protocols.'' is indecipherable.

The assignment of responsibility for compliance with standards is complex, and

(85) ``Electoral authorities have overall responsibility for compliance with these security requirements, which shall be assessed by independent bodies.''

risks reducing the responsibility of vendors of e-voting systems.

Since voter anonymity is a responsibility as well as a right, we should never rely on the voter to delete evidence of their vote (93b).


next up previous
Next: Conclusions Up: Analysis of restructuring Previous: Added
margaret 2006-05-25