Solving the problem of having secret ballots online

I stumbled upon democracyOS (OS = Open Source, not Operating System) which advertises itself as:

DemocracyOS brings collaborative decision making and easy governance to communities and organizations of all sizes

There isn’t really that much in-depth information about it that I could find (there is a manual, but the site they uploaded it to is just a royal pain in the ass to read).

There is another tool that is in development and use since 2009, called LiquidFeedback which is developed by the Public Software Group and used by the german pirate party, although it led to some controversy because each statement and vote can be attached to its author (that was the intention though).

The main problem with a software like LiquidFeedback is the fact that you can’t really use them to hold elections if you want to make use of secret ballots (which is absolutely necessary in a democracy). At least the administrator of the server could match the votes/statements to the users. There are a couple of things though that are easier, allow for a more direct democracy than our current analog model (delegation of your vote, more involvement in the decisions taken by your community, more transparency)

Now, with the centralised server removed from the equation, I still don’t think it is possible to have secret ballots online. With the traditional way voting is done, I’ll get a card in the mail informing me of the date and place of the general election for example. On the day of the vote I give them my card, show my ID and I get the ballot. This is the point where the connection between my name and the vote I’m casting ends.

You still need a system to make sure everyone has only one vote and only people that are allowed to vote can cast one (over 18). Let’s say that everyone still gets a card with a unique code in the mail that is used to log into the “SAFE voting app”, so only the people allowed to vote can log in and cast a vote. At least until the election is over, you a need list with all the codes that are allowed to vote, which can only come from the institution that send out the letters with the codes.

Would it be possible to separate the vote that was cast from the code that was used to verify the login? If so, that shouldn’t be something that is related to an centralised system, or is it? Also, you need to mark the code as already used after the vote was cast to prevent the code from being used again. If you can’t separate the codes from votes than at least the institution has a way to match the votes to the codes and therefore to the names. I don’t want to rely on a promise that the institution that sends out the codes has no way to match the code to the names after they were send out.

So, what do you guys think, would that be possible? Having secret ballots online?