RE: Anonymity, Secrecy, Privacy

[Michael Zolotarev <michael.zolotarev@baltimore.com>]

Hi Kevin,

My understanding is that the issues you are refering to are better termed as
"secrecy" - specifically, protecting the content of the votes. "Privacy", on
the other hand, has to do with a voter's ability to cast a vote without been
sneaked upon ( i.e. nobody looking over the voter's shoulder).

Consequently (if we agree on these terms), "Secrecy" has implications on the
token structure, and "Privacy" doesn't.

<< And just in case :) - "Voter' Anonymity" is the ability to include some
info about the voter's identity into a token, without revealing the identity
to an unauthorized party >>

> -----Original Message-----
> From: Kevin Broadfoot 
> Sent: Tuesday, 26 June 2001 23:23
> To: Michael Zolotarev
> Cc: 'election-services@lists.oasis-open.org'
> Subject: RE: Anonymity, Secrecy, Privacy
> 
> 
> Hi Michael,
> 
> >Privacy:
> >Obviously privacy is a critical issue to consider when 
> talking about election process in general, as Kevin rightly 
> noted. >But I don't think that privacy issues should have any 
> implication to the tokens.
> 
> I'm not so sure.  In most jurisdictions I'm familiar with 
> privacy and data protection legislation would kick in as soon 
> as the voted ballot document was transmitted irrespective of 
> whether it was encrypted or not.  Of course the legislation 
> could be amended but as it presently stands....  
> 
> Also, in the US, in some jurisdictions I've been looking at 
> the election administrators keep digital voting history 
> records, ie. whether a voter turned up at the polling place 
> or not.  In those cases it is possible to say who voted but 
> not how they voted.
> 
> regards,
> 
> Kevin.
>   
> 
> 
> 
> 
> 
> 
> 
> 
> > -----Original Message-----
> > From: Thom Wysong [mailto:wysong@technodemocracy.org]
> > Sent: Monday, 25 June 2001 23:56
> > To: 
> > Subject: Anonymity, Secrecy, Privacy
> > 
> > 
> > 
> > Kevin,
> > 
> > This is interesting. I don't think I've heard this 
> > distinction before, so 
> > let's see if I correctly understand what you are saying 
> > (http://lists.oasis-open.org/archives/election-services/200106
> /msg00042.html).
> 
> (+) For anonymity, there is no link between voter and ballot. 
> Or, if there 
> is one at some point in the voting process, it is destroyed 
> before the 
> voting process is concluded.
> 
> (+) For secrecy, there may or may not be a voter/ballot link. 
> If that link 
> exists, however, it is not revealed - thus the ballot remains secret.
> 
> (+) For privacy, at a polling place, *who* is voting may be 
> known, but 
> *how* they vote is kept private.
> 
> You seem to be saying that the important thing is that 
> ballots be kept 
> *secret*, regardless of whether or not they are *anonymous*.
> 
> IMO, *secrecy* and *privacy* are more or less synonymous when 
> it comes to 
> how they're used with regards to electronic voting (ignoring 
> what *privacy* 
> means in a physical polling place, since that's beyond our scope).
> 
> However, as you seem to suggest, *anonymity* is only one way 
> to implement 
> secrecy/privacy.
> 
> Any thoughts?
> 
> -Thom
> 
> 
> 
> This footnote confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
> 
> 
> --------------------------------------------------------------
> ---------------------------------------------------
> The information contained in this message is confidential and 
> is intended 
> for the addressee(s) only.  If you have received this message 
> in error or 
> there are any problems please notify the originator immediately.  The 
> unauthorized use, disclosure, copying or alteration of this 
> message is 
> strictly forbidden. Baltimore Technologies plc will not be 
> liable for direct, 
> special, indirect or consequential damages arising from 
> alteration of the 
> contents of this message by a third party or as a result of 
> any virus being 
> passed on.
> 
> In addition, certain Marketing collateral may be added from 
> time to time to 
> promote Baltimore Technologies products, services, Global 
> e-Security or 
> appearance at trade shows and conferences.
>  
> This footnote confirms that this email message has been swept by 
> Baltimore MIMEsweeper for Content Security threats, including
> computer viruses.
>