| Popis: |
Elections differ not only between, but also within, countries. Some elections have very simple voting rules and ballots. For instance, in the parliamentary elections in Estonia or Germany, voters can select 1-out-of-n candidates. Other elections, like parliamentary elections in Luxembourg and Belgium or local elections in Germany, have very complex voting rules and huge ballots. These elections combine different voting rules, namely select k-out-of-n, weight and rank candidates, and therefore pose a challenge to both voters and electoral officials. Hence, in such elections voters are likely to spoil their vote unintentionally, due to the complex voting rules. In addition, the tallying process is very time intensive and likely to be error prone, because of the combination of complex voting rules and huge ballots. In order to address such challenges and improve the situation for both voters and electoral officials, in particular with respect to the local elections in Hesse/Germany, the EasyVote electronic voting scheme was proposed. EasyVote focuses on polling station elections and its central idea is to use an electronic voting device that does not store votes, but rather prints out a summary of voter's selections on a DIN-A4 paper ballot (a paper audit trail). The ballot consists of a human- and a machine readable (a QR-Code) component. Further, electoral officials tally the ballots semi-automatically by scanning the QR-Code of each ballot and verifying that its content matches the human-readable component. However, before EasyVote can be used in legally binding elections, various open research questions need to be addressed. The goal of this dissertation is to pave the way for the use of EasyVote in legally binding elections. To achieve this goal, this dissertation addresses five open research questions, which are introduced below. While the second and fifth question are EasyVote specific, the remaining ones are relevant to all electronic voting schemes/systems that share similar concepts with EasyVote. 1. Are voters concerned about vote secrecy related to the use of QR-Codes and, if so, how to address such concerns effectively? 2. What is an optimal ballot design that enables voters to understand the impact of their selections and to verify their voting intention easily? 3. What are optimal verification instructions that make voters most likely to verify that their ballot matches their intention? 4. What is an optimal verification setting that makes electoral officials most likely to detect potential discrepancies between the human- and machine-readable ballot components? 5. Are the vote casting and tallying processes usable and, if not, how to improve their usability? The findings indicate that voters do have secrecy concerns in association with the use of QR-Codes. However, the findings suggest that the threat appraisal approach of the protection motivation theory, is a viable approach to address and significantly allay such concerns. Furthermore, the findings reveal that the ballot design, which highlights the voter's direct selections in orange, represents an optimal design for voters to understand the impact of their selections and to verify their intention easily. In addition, the findings show that just in time verification instructions, which are pre-printed on the reverse of the ballot, have a significant effect on voters with respect to verifying their ballot and detecting discrepancies. The findings also indicate a significant increase with respect to detecting discrepancies when electoral officials read voters' direct selections out loud, while verifying that the human-readable ballot component matches the associated QR-Code. Moreover, the findings suggest that the implemented EasyVote prototype has a high perceived usability. In summary, these findings reveal that EasyVote is likely to be recommended and that a malicious or faulty behaviour of an electronic voting device, which might violate the integrity of the election result, would be detected with very high probability. |
