Pluralistic: 12 Apr 2021

Today's links

Fraud-resistant election-tech (permalink)

Despite the (ill-informed) assurances of people who should know better, there is no way to run a secret, anonymous, secure ballot over the internet. It's a science fantasy, like faster-than-light drives or time machines. It's a thought experiment, not a plan.

Elections are actually easy: paper ballots, hand-marked and hand counted in sight of scrutineers from opposing parties. But thanks to a highly consolidated vote-tech sector with plenty of money to spend, Americans have been convinced that this can't work for America.

It's a bizarre and innumerate proposition: America has more people, so it will have more ballots, so it can't count them by hand.

Uh, folks?

Canada and the UK don't consolidate all their ballots to a single counting-house where, like, eight people tally the nation's votes.

The votes are counted at the polling place. America has more polling places than Canada, but there's no reason it can't have the same ratio of polling places – and ballot counters – to voters as Canada does. To a first approximation, that's already true.

The American concern for electoral fraud is forever in tension with the American exceptionalist insistence on using dumpster-fire vote-tech sold by litigious grifters who sue the critics who blow the whistle on their awful security.

Thus it is that, year after year, security researchers – like the merry crew at Defcon's annual Voting Village – publish reports of jaw-dropping incompetence in vote-tech systems, each revealing how little progress has been made since the last.

To the extent that anyone serious about this stuff believes in electoral automation, the one technology they're willing to admit might someday be made secure is the "ballot marking device," a machine that fills in your ballot in a way that facilitates automatic counting.

But BMDs are still hugely controversial: even if you solve the problem of making sure that the machine-readable part and the human-readable part say the same thing (a Very Big Problem), there's a stubbornly intractable problem lurking right behind it: human factors.

In real-world situations and under laboratory conditions, people just don't carefully check their ballots, and the best interventions we have to encourage ballot-checking don't perform very well.

Now, an innovative BMD design from Professor Juan Gilbert of the University of Florida demonstrates a very clever technique and promising approach for increasing the likelihood that a voter will notice if their ballot is mis-marked.

The Transparent Voting Machine is a clear plastic box that shows you your ballot immediately after it's marked, and requires you to touch the spot directly over the place where your selection appears. Intuitively, this sounds like it should work, and experimentally, it does.

In his seminar presentation to Princeton's Center for Information Technology Policy, Gilbert discusses his user studies, where he was able to substantially increase the likelihood that voters would both detect and report irregularities in their ballots.

In his writeup of the seminar, Princeton's Andrew Appel does the math on these studies and concludes that with Gilbert's technology, ballot mismarking would be detected if it occurred above the 0.5% mark: a major improvement over existing designs.

But Appel also follows up with some important caveats: about the physical security of a BMD, the sociology of pollworkers, and what a secretary of state should do if the winning margin is within 0.5%.

BMDs aren't useless. They can be a boon to accessibility, transcending barriers of disability and language fluency. But they're incredibly hard to get right, and the industry that produces, sells and services them is characterized by incompetence and bullying.

America loves vote-tech, but vote-tech is pretty iffy on American democracy. Gilbert's design is incredibly clever and vastly superior to the existing technologies, and if it were adopted, it would be preferable to everything in use today.

That is an admittedly low bar. And meanwhile, people all over the world continue to mark their paper ballots with golf pencils and put them in boxes so that the nice poll-workers can count them by hand later that day.

Big Tech's secret weapon is switching costs, not network effects (permalink)

Today in Wired UK, my op-ed: "Why it’s easier to move country than switch social media" – an argument that the real power of social media comes from switching costs, not network effects.

Debates over market concentration in social media lean heavily on "network effects," the idea that social media services increase in value as their user-base grows, because the more users they have, the more likely it is that the people you want to talk to have accounts.

But I argue that this misunderstands the technical underpinnings of networked computers – specifically, the role that interoperability plays.

The problem with a focus on network effects is its fatalism: once a system is large enough, it attracts users, and the more users it has, the more users it attracts.

A critique that focuses on network effects concludes the race is for permanent, winner-take-all dominance.

But once you throw interoperability into the mix, the race changes. An interoperable social media ecosystem doesn't just neutralize network effects, it reverses them.

If someone offers a Facebook competitor that lets you talk to Facebook users, that also doesn't spy on you, then Facebook isn't a walled garden anymore, it's an all-you-can-eat buffet for competitors who can offer better-than-FB to every FB user.

We can get that interop in lots of ways. A social media platform might offer it on its own (as Twitter has promised to, with Project Blue Sky); or a government might mandate interop (as is under discussion in the UK, US, and EU).

But there's a third way: Competitive Compatibility, AKA Adversarial Interoperability: that's when new services plug into the existing ones without their permission or even against their wishes, using bots, scraping, reverse-engineering, etc.

There's a comcom story in the history of every tech giant – it's how Google, Apple, Microsoft, etc attained scale in markets dominated by incumbent large firms – and the only reason comcom has fallen by the wayside is that the big tech firms have kicked the ladder away.

When you add comcom to the interoperability mix, the whole equilibrium shifts. History shows us that when governments order companies to open their systems, they can subvert these orders, redesigning them so the mandated interfaces cease to connect to the parts that matter.

Companies do this because government mandates are slow and complex and can be undermined with bad-faith arguments and stalling tactics. But with comcom in the mix, there is an immediate and (from the cheater's perspective) undesirable response to shenanigans.

With comcom in the mix, any new service whose service is nerfed by a tech giant that screws with its mandatory interfaces can immediately switch to bots, scraping and reverse-engineering – replacing the managed interface with a chaotic guerrilla war.

This is the kind of fight that users hate, and will blame the big companies for, as they are challenged to prove they aren't bots, have their usage mistaken for scraping, and lose contact with their off-service friends.

With comcom, shenanigans drives users off the service, rather than locking them in.

If your analysis of Big Tech starts and ends with network effects, the game is already lost. All we can do is hope that decades of antitrust litigation will result in breakups…eventually.

My grandmother fled the USSR after WWII, and lost contact with her entire family. She didn't even know if her parents and brother in Leningrad had survived for years. She abandoned everything she owned and nearly everyone she loved, forever.

Her family stayed behind because of switching costs – not just the logistical difficulties of obtaining permission to leave and sponsorship abroad, but the cost of leaving behind everything and everyone.

The architects of the Berlin Wall claimed that it wasn't keeping East Germans in, they claimed it was keeping bad guys out of the DDR.

Today, Zuck claims we can't interoperate with Facebook is to keep privacy-violators and other rule-breakers out – not to keep his users in.

Meanwhile, I've emigrated from Toronto to San Francisco to London to Los Angeles. I kept my stuff. I kept my family. I can move back if I change my mind. Low switching-costs enabled those moves.

Thinking about Big Tech in terms of network effects leads to despair. Thinking about interop and switching costs shows the way out.

Mr Zuckerberg, tear down that wall.

(Image: Delaina Haslam, CC BY)

Podcasting How to Destroy Surveillance Capitalism (permalink)

This week on my podcast, the second part of a five (?) part serialized reading of my 2020 One Zero book HOW TO DESTROY SURVEILLANCE CAPITALISM, a book arguing that monopoly – not AI-based brainwashing – is the real way that tech controls our behavior.

The book is available in paperback:

and DRM-free ebook :

and my local bookseller, Dark Delicacies, has signed stock that I'll drop by and personalize for you!

Here's the podcast episode:

And here's part one:

And here's a direct link to the MP3 (hosting courtesy of the Internet Archive; they'll host your stuff for free, forever):

And here's the RSS feed for my podcast:

This day in history (permalink)

#10yrsago New Zealand to sneak in Internet disconnection copyright law with Christchurch quake emergency legislation

#5yrsago Walmart heiress donated $378,400 to Hillary Clinton campaign and PACs

#5yrsago Goldman Sachs really only has to pay half of its settlement for world-destroying financial fraud

#1yrago AMC is going bankrupt

#1yrago Foxconn's potemkin "Innovation Centers"

Colophon (permalink)

Currently writing:

  • A cyberpunk noir thriller novel, "Red Team Blues." Yesterday's progress: 1312 words (58411 total).

Currently reading: Analogia by George Dyson.

Latest podcast: Past Performance is Not Indicative of Future Results
Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla