Privacy

The proposed EU Chat Control regulation exemplifies institutional tensions between supranational regulatory ambitions and member state constitutional frameworks; Denmark’s ministerial level advocacy for permanent mass message scanning confronts German constitutional barriers, the European Court of Human Rights precedent establishing encryption as a fundamental right, and the European Parliament’s prior rejection, creating conditions for a substantial institutional crisis should the regulation advance toward implementation.

We present a system for running auditable and verifiable elections in untrusted environments. Votes are anonymous since the order of candidates on a ballot sheet is random. Tellers see only the position of the candidate. Voters can check their vote. An election is auditable using blockchain log. Threshold-encryption, which is used to implement the quorum, prevents a deadlock from occurring if a minority of candidates or observers tries to sabotage the election. Candidates and observers can indicate that the election was free and fair by exposing their keys, which are used by the system to decrypt each vote. Ballot sheets are encrypted by onion routing, which has a layer with the key of the election instance, so it’s impossible for a quorum to decode the results before they have announced their decision by exposing their keys. A register of voters ensures that only verified voters can vote without compromising their identity. If there any doubts about the identity of a voter, their vote can be excluded from the election, if a quorum agrees. This system is designed to scale from one instance to a distributed system that runs over an unlimited number of instances, which can be achieved using cloud instances or smartphones belonging to voters or tellers.

This article provides a guide for installing a local DNS resolver that enforces DNS-over-TLS to a randomly selected publicly available upstream server. The setup described respects DNS response consistency by enforcing DNSSEC if it is supported by the DNS zone, encrypts DNS traffic, and uses DNS servers from different providers. The second section of this article addresses the question of privacy.