So, now we have a real example of election administrators rigging an election.
And it’s the 2023 Hugo Awards.
I’ve mentioned the Hugo Awards voting system before, because there’s a lot to like in how they’re set up. As the linked post there discusses, I particularly like their “No Award” tweak.
But it turns out that they’re very weak against being manipulated by a motivated insider.
The problem turns out to be secrecy.
Like a lot of voting systems, the Hugo system values ballot and administrative secrecy. Presumably, the modern obsession with secrecy came about as a response to candidates offering rewards (or making threats) to get voters to vote in particular ways. If no one can know anything about the actual ballots, then that method of corrupting an election is blocked.
They do require that some data about the process be published, but the deadlines are well after it would be too late to do anything about it and there’s no enforcement mechanism anyway.
This means you have to completely trust the election administrators, and in this case that trust was broken pretty badly.
Secrecy just leads to too much temptation, apparently.
Some administrators will inevitably fudge things to get the outcomes that they want. So we need to make sure elections aren’t run in secret and that the data and processes involved are visible to everyone.
With any personally-identifiable information removed, of course; we do need to at least try to preserve the block against buying or forcing votes.
So any trustworthy election needs to be as transparent as possible; to do that, you need:
- at least 1 (preferably 2) independent overseer, with full view of all data and processes as they happen
- post-election publication of all non-personally-identifiable data and full reports on all administrative decisions
That spreads out the trust from just the administrators while the election is underway, and (mostly) eliminates the need to trust anyone in reviewing the election after the fact. (It helps if you can arrange to have the overseers be truly independent and with conflicting motivations; this reduces the possibility of collusion.)
So, how would that work for the Hugo Awards?
The Awards are controlled by a loose group called the World Science Fiction Society (WSFS), who delegate the administration of their awards to the organization licensed to operate that year’s Worldcon convention. The Worldcon group has very free rein to do whatever they like within the bounds of the WSFS constitution, though they are required to publish synopsis-level data about the awards processes.
This system has basically no oversight, and can compel basically no transparency.
It’s a bad system, but it can be fixed.
Since the Worldcon is operated by independent groups (often in different countries) each year, it has a built-in pool of possible overseers.
Having the groups from the previous and following years’ Worldcons oversee the current year’s voting is a fairly small change; it would mostly be a matter of the current year’s administrators mirroring raw ballot data and email discussion list posts to the overseers as it is received by the administrators’ servers. The overseers would be responsible for reviewing the data and decision-making processes as they were happening, and raising any issues privately (or publicly, if the current administrators don’t address them adequately).
Each group, the administrators and both overseers, would then publish their full data sets, minus any personally-identifiable information, after the election is completed and the awards have been given out.
This still leaves a small possibility of collusion, but without a robust and ubiquitous infrastructure for cryptographic signatures (and abandoning secret ballots) it’s not really possible to eliminate collusion entirely.