Enabling Trust In Online Voting

The question of trust needs to be addressed directly in any online or digital method, specially for voting. We all know that it takes time and effort to destroy or change a large number of paper records, while it only takes the click of a mouse to change or erase an entire digital file.

Understanding what we trust, and how, is also important to verify what may break that trust and what are the consequences. Risk considerations cannot even be made before we consider what we trust -- risk is that which breaks trust. Auditing also depends on qualifying what is trusted, to what extent, and how that trust can be verified.

How can we trust bytes? How can we trust anything digital?

To answer these questions, Safevote uses a model of trust first published by Dr. Ed Gerck during public discussions in 1997, in the Meta-Certificate Group -- today available at the MCWG site.

In simple terms, trust is understood as qualified reliance on information. An assertion of trust cannot be based on the record itself, but on information from other information channels. Gerck considers trust not as an emotion or feeling, which would be hard to quantify and use, but as something essentially communicable. In Information Theory terms, trust is defined using the concept of communication, formally, as: trust is that which is essential to a communication channel, but cannot be transferred using that channel.

This definition of trust provides a framework for understanding human trust (as expected fulfillment of behavior) and for bridging trust between humans and machines (as qualified information based on factors independent of that information). The original reference is Toward Real-World Models of Trust: Reliance on Received Information. See also "Trust Points" by E. Gerck in "Digital Certificates: Applied Internet Security" by Jalal Feghhi, Jalil Feghhi and Peter Williams, Addison-Wesley, ISBN 0-20-130980-7, pages 194-195, 1998 and additional references in the Information Center.

Comments are welcome.