And with voting machines there is no verifiable oversight.
You just kind of have to trust that the software that is running on the voting machine is actually correctly tallying your vote, and not doing shenanigans behind the scene. Even if the code is open source, and everyone knew how to read code, you cannot reasonably guarantee that that is the software that is running inside the black box that is a voting machine.
With paper voting you can observe the entire process from start to finish. There are no black boxes which just spit out an answer that you simply have to trust.
The machine can print a human and machine readable copy. Then feed that into another machine after verifying and you have two independent digital counts that can verify each other. You also have the paper that can be manually counted if you need to be extra sure.
This is what we had for a few years. Now the first step is replaced by manual bubbling. Still have the scan for the instant digital count though.
The whole system is built on trust. With regular voting, we trust that there are enough people counting and validating each voting box that there won’t be much tampering. Each group only has to validate their own box, and so the trust required for it is not that high. We also know that each physical vote introduced in the box is there.
With machine voting, even if you use local machines that give results to humans, which then are inputted in a bigger database for counting, the entity doing the initial count for the district “box”, is singular, and there is no way to manually check unless there’s a bunch of humans watching every anonymous “ballot” of that box are registered correctly. You can’t really do that when the ballot is an “anonymous” input in a machine, there’s no paper trail verifiable by the small trusted human group we used to trust.
Even if there are a bunch of machines, trust is lost. Now imagine the actual useful proposals where you can vote from the phone Yada yada. Trust is completely lost.
The only way to be able to validate is for your vote to have an ID, that you and only you know is yours, and for each vote ID to be public. That way each individual person can validate that their vote is being correctly counted in their district, and trusted individuals can correctly corroborate that the amount of imputed votes makes sense with the amount of people registered to vote in that district.
That puts at risk that people without tech expertise wouldn’t know how to validate or even store their secret ID so others don’t know it’s them, and that we would need to trust the government that they don’t store a database of ID - citizen.
And yeeeeeess, blockchain based ledgers would be good for nonce (secret ID) based voting, but even if that tech works well, socially is still hard to implement as stated before.
And now you have moved the problem.
Now you need to verify that the verification machine is also running the software you want and has also not been compromised. And you need to do this for every single voting machine in use, all of them.
With trillions of dollars riding on the result of an election, the motive for a group/nation to interfere is immense. Attacks against digital systems scale incredibly well, changing a handful of votes is barely different from changing all of them. This is not the case with physical votes, the more votes you want to change the more people you have to involve, and the likelihood you are caught goes up.
On your point about printing off a human readable copy that can be verified manually, you have now invented the worlds most expensive pencil. You’ll always want to verify the manual copy, so why bother with the computer one?
A fun fact about why pencils are used in voting in the UK is due to paranoia about pens being replaced with ones containing vanishing ink. There is no evidence this exists or has ever been done, but it demonstrates the levels some countries work at to ensure that all votes are accurately counted, and probably so.
On your point about printing off a human readable copy that can be verified manually, you have now invented the worlds most expensive pencil. You’ll always want to verify the manual copy, so why bother with the computer one?
This way the state can count the votes quickly and if there are any audits they have a physical analog to compare. Honestly if the state just randomly audits 1 county per election to check for issues they will catch anything weird going on and save a tremendous amount of time and money.
If the audit discovers something weird they can then count up all the paper ballots and fix the software.
Additionally in 2024 the UK had 28,809,340 votes cast. The US had 158,427,986 votes cast.
Why does the state need to count votes quickly? Votes should be counted accurately, not quickly.
Total number of votes cast doesn’t really change anything, because total number of counters and witnesses can also be increased relatively. The USA has a 5 times larger population than the UK but that doesn’t mean it takes 5 times longer to count.
And with voting machines there is no verifiable oversight.
You just kind of have to trust that the software that is running on the voting machine is actually correctly tallying your vote, and not doing shenanigans behind the scene. Even if the code is open source, and everyone knew how to read code, you cannot reasonably guarantee that that is the software that is running inside the black box that is a voting machine.
With paper voting you can observe the entire process from start to finish. There are no black boxes which just spit out an answer that you simply have to trust.
The machine can print a human and machine readable copy. Then feed that into another machine after verifying and you have two independent digital counts that can verify each other. You also have the paper that can be manually counted if you need to be extra sure.
This is what we had for a few years. Now the first step is replaced by manual bubbling. Still have the scan for the instant digital count though.
The whole system is built on trust. With regular voting, we trust that there are enough people counting and validating each voting box that there won’t be much tampering. Each group only has to validate their own box, and so the trust required for it is not that high. We also know that each physical vote introduced in the box is there.
With machine voting, even if you use local machines that give results to humans, which then are inputted in a bigger database for counting, the entity doing the initial count for the district “box”, is singular, and there is no way to manually check unless there’s a bunch of humans watching every anonymous “ballot” of that box are registered correctly. You can’t really do that when the ballot is an “anonymous” input in a machine, there’s no paper trail verifiable by the small trusted human group we used to trust.
Even if there are a bunch of machines, trust is lost. Now imagine the actual useful proposals where you can vote from the phone Yada yada. Trust is completely lost.
The only way to be able to validate is for your vote to have an ID, that you and only you know is yours, and for each vote ID to be public. That way each individual person can validate that their vote is being correctly counted in their district, and trusted individuals can correctly corroborate that the amount of imputed votes makes sense with the amount of people registered to vote in that district.
That puts at risk that people without tech expertise wouldn’t know how to validate or even store their secret ID so others don’t know it’s them, and that we would need to trust the government that they don’t store a database of ID - citizen.
And yeeeeeess, blockchain based ledgers would be good for nonce (secret ID) based voting, but even if that tech works well, socially is still hard to implement as stated before.
And now you have moved the problem. Now you need to verify that the verification machine is also running the software you want and has also not been compromised. And you need to do this for every single voting machine in use, all of them.
With trillions of dollars riding on the result of an election, the motive for a group/nation to interfere is immense. Attacks against digital systems scale incredibly well, changing a handful of votes is barely different from changing all of them. This is not the case with physical votes, the more votes you want to change the more people you have to involve, and the likelihood you are caught goes up.
On your point about printing off a human readable copy that can be verified manually, you have now invented the worlds most expensive pencil. You’ll always want to verify the manual copy, so why bother with the computer one?
A fun fact about why pencils are used in voting in the UK is due to paranoia about pens being replaced with ones containing vanishing ink. There is no evidence this exists or has ever been done, but it demonstrates the levels some countries work at to ensure that all votes are accurately counted, and probably so.
This way the state can count the votes quickly and if there are any audits they have a physical analog to compare. Honestly if the state just randomly audits 1 county per election to check for issues they will catch anything weird going on and save a tremendous amount of time and money.
If the audit discovers something weird they can then count up all the paper ballots and fix the software.
Additionally in 2024 the UK had 28,809,340 votes cast. The US had 158,427,986 votes cast.
Why does the state need to count votes quickly? Votes should be counted accurately, not quickly.
Total number of votes cast doesn’t really change anything, because total number of counters and witnesses can also be increased relatively. The USA has a 5 times larger population than the UK but that doesn’t mean it takes 5 times longer to count.
And again, accuracy is more important than speed.
You can have both