Author Topic: Buisness Carried Forward: Motion about the Remote Voting procedure  (Read 9628 times)

0 Members and 4 Guests are viewing this topic.

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
This forum is for the discussion of the following motion carried forward for discussion.  Would a Moderator please made this a sticky topic until after the next meeting?

Motion to follow this procedure for Remote Voting:

We shall follow this procedure for remote voting verification until the Membership passes a new procedure or a set of Bylaws are installed which provide a remote voting verification process.

Remote Votes:
Shall be accepted for this meeting in two written formats.
  • 1) A non-ambiguous vote-by-vote reply from the Staff member's known account to either the current meeting's announcement thread, or optionally a more appropriate thread if defined during the meeting before voting.  Such a definition shall be included in the minutes.
  • 2) A hard copy of the same information as #1 that is signed by the Member, and mailed no less then 3 business days from the meeting to the following: The Secretary, The President, and the Publicity (Communications) directors.
Votes are subject to Membership review, and contention by the Staff member in cases where they believe they may have been tampered with.

During the meeting, for ease of tally the following shall occur:
A count of all votes from Members within the room.  The tally of all votes types and abstentions shall be recorded in the minutes.
A verbal or text reply in whatever remote session is occurring, which shall be recorded, including the Staff member's name, and what their vote is.

The decision shall be valid instantly if there is a clear passing level within just the Members in the room, and after all remote votes have been tallied or declared invalid due to failure in communications in all other cases.

I believe this procedure would be sufficient to properly validate the integrity of all votes for the time being.  However I could be wrong, and there may be better methods, this was just the most simple air-tight procedure I could formulate that morning after realizing it was an issue.

Please discuss any aspect of this motion you wish, including alternatives to it.  I will try to respond to general questions and questions directed at me or about the motion.  I am also willing to help critique any competing motions.
« Last Edit: February 12, 2008, 09:28:33 pm by Mr_Phelps »
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline AnimeMatrix

  • Chibi
  • ***
  • Posts: 315
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #1 on: February 12, 2008, 05:30:35 pm »
Wait, wait, wait- are you making a motion on the forums about remote voting? I am horribly confused as to the point of this thread (then again, I'm generally confused about life in general...)

Besides, since only the staff are able to vote, shouldn't this go in the "Staff" forum?

And what is remote voting anyway?

Offline rictheron

  • Sailor Scout
  • **
  • Posts: 181
    • http://www.geocities.com/dark_star0
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #2 on: February 12, 2008, 05:46:10 pm »
  I, personally, have several problems with this.
 
    1st, a lot of assurance as to the authenticity of identity would be lost in either case as, even from listed address or log on there is no method for assuring that said person really is the one making the vote.  Example, proper staff person walks out of the room during a vote to use the restroom, while they are gone friend sends a reply.  Example, person with access info for other people sends multiple votes under different identities.  Also this places a presumption of identity behind the votes of those that post to the thread.  Those shall be identifiable after the vote is actually held by everyone, making their vote far more visible in the public eye which can skew the results from what they could vote in a meeting.  Unless they are deleted, which would be a bad option as it would remove any proof of vote.

  2nd, it creates two seperate areas of voting, those on the thread could only see the other voters on the thread and those in the meeting could only see the other voters in the room.  Again this can change the results. 

  3rd, those who are remote voting are far more likely to miss pre-voting discussion.

  4th, this would delay the validity of any vote by several days without providing immediate proof of result.  In a meeting, everyone can see exactly how many are voting and for what they are voting and the vote is immediately followed by a result.  To delay the validity for several days means that the result will not be known in the same conditions under which the vote was actually held and the end result of votes must be taken on faith.

  5th, the delay in the validity of any vote would also delay any actions or progressive measures which would be taken as a result of that vote.  Depending on the subject matter of the vote, this could prove disasterous to time dependent subjects.
Jess Shelton
2008 Operations Director
2007 Assist. Operations Manager/Yojimbo Manager
2006 Assist. Yojimbo Manager
2005 Yojimbo Manager
2003-2004 Security
Credentials: senior Physics Major at PSU,Edu minor, Store Manager, Instructor, Security

Offline AnimeMatrix

  • Chibi
  • ***
  • Posts: 315
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #3 on: February 12, 2008, 06:14:45 pm »
So I looked up online what remote voting is and I must say, this leaves a bad taste in my mouth for the exact reasons rictheron said. Unless we can shell out the thousands of dollars that the US does for mail-in ballots and security in remote voting (which I don't foresee anytime soon),  I don't see a secure and viable way of doing this. Besides, not having remote voting encourages people to come to our general meetings so they can see the Board in person and they can input their 2 cents in person. It's just more personable that way I think.

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #4 on: February 13, 2008, 04:29:47 am »
Remote voting like this is needed as a direct result of the possibility of Skype meetings.  Mailing in a hand-signed vote (Signature comparison to registration form) should be good enough, as should a contestable online post.

If you don't have sufficient trust in the security of your computer while you are away, that is what locking the screen/account is for.

As far as not being able to make it to the meetings, some people have work, and can only take so many days off.  I hadn't even thought of addressing them with this until after the meeting.  It does not suffice, but at least with a recorded audio record they would hear the discussion.

Then I started thinking, just this morning actually, that with the votes being delayed, absolutely nothing will happen at meetings.  However, the last two meetings, just about everything has been delayed until the next meeting anyway.  Not much happens besides discussion and voting on old matters.  It feels likely that the entire format we have for our Membership meetings is no longer fitting the requirements of the Membership.  That however is a very radical change.

Such a radical change should surely be discussed.  However it is well beyond the intent of trying to provide a verifiable voting process for Skyping voters.

I've so far addressed two of the three groups of concerns I've seen raised for this.

The third is that it's unfair for some staff to have their names listed and others not.  That is true and was there for expedience.
However, what if we did all voting in the 'remote' style?  Then everyone would be equal.

If we are all voting remotely, what does that reduce meetings to?  I see a meeting then, as someplace to present status updates, have discussions, and propose things to vote on.  If you look at the requirements for that, these forums do a better job of providing a way for people to do that then a place they have to commute to, take time off work to get to, or spend other personal resources to get to.

There are some better, if more complex ways, of authenticating remote votes entirely. GPG/PGP signing of things comes to mind.

There is also the question of tampering, especially via direct database access.  However that should mostly be resolved with full review by anyone.

Alternately, can anyone think of better ways of allowing those who Skype in to vote?
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #5 on: February 13, 2008, 10:19:33 am »
I'm only opposed to it in that, it places the burden of vote authenticity on the board, and not the vote caster. But that's just my "knee jerk" reaction. I, for one, don't want to be the person that invalidates a vote, then has to inform that person why, then face the wrath that ensues. If we collected SSNs, and other identity confirming information when a person signed for staff, then it might make things easier (code word maybe?), but that would then completely disallow ANY absentee staff registrations since we would need to confirm the authenticity of at least one document in it's entirety.

I don't believe the Skype meetings were an attempt to get more people on the "floor" but rather to open discussion further beyond the room. Which is why the skype option was not an framed as a (eventual) replacement for physical meetings. I would assume there would be a form of "consent" involved with a skype meeting that says "I know that by attending this meeting via remote, I am forfeiting my right to vote on any issues that may arise".

In the past, we've tried to deal with this notion... mainly for elections, and voting via proxy. It usually just came down to "it's a hell of a lot easier for everyone to just say "no proxies". *sigh*

Again, just my thoughts on this. And yes, they obviously are influenced by the fact that I would be one of the persons authenticating votes cast in this manner.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #6 on: February 13, 2008, 10:23:03 am »
Remote voting like this is needed as a direct result of the possibility of Skype meetings.  Mailing in a hand-signed vote (Signature comparison to registration form) should be good enough, as should a contestable online post.

See, there's the rub. This would completely disallow any staff registrations turned in via other people (absentee).
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #7 on: February 13, 2008, 11:48:46 am »
You are actually correct, once again, that draws us towards something of more then just a temporary solution.  What you're really asking is to establish trust (in a cryptographic sense).  The best way of doing that as it stands now is to authenticate digital keys (or plain signatures) by a few witnesses who also sign them.  Hopefully these witnesses include at least one director (who recognizes the person they hired).

There's probably a better search term for that... I don't really have the time to get it now though, a quick google search didn't yield the type of result I was looking for...
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline Lily

  • Sailor Scout
  • **
  • Posts: 51
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #8 on: February 13, 2008, 12:25:52 pm »
And there's the rub. Even in a meeting, it's possible that the person accepting the staff application didn't witness the signature. I give my own example from this weekend.

I was recruited to apply for staff at the Masquerade. After talking and emailing with some board members, I decided to do so, copy and pasted the PDF form and emailed it, without signature or $$, to Michael A. (Due to work conflicts, I didn't think at the time that I would be able to make Sunday's meeting, and wanted to have *something* on file :) )

It turned out that I was able to make the meeting, albeit late (about 3:00). At some point, I flagged Tara down, got a *real* staff app., filled it out while sitting in the auditorium, signed it, and turned it back (with $$) to Tara. She then turned it in.

I talked to at least 5 board members while I was there, including some who were at the dance.  But technically, it's an unwitnessed signature, if you wanna get picky about it. I say this to illustrate, not to call my staff membership into question :)

It's an interesting dilemma.


Con Suite Manager 2008

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #9 on: February 13, 2008, 12:58:23 pm »
yeah... it's a big headache. =P Which is why we've generally run screaming from the issue. And it's ultimately why there are so many weird hoops you have to jump through online when someone needs to verify identity (example being efiling your taxes... you use your SSN, and previous years AGI as authentication you are who you say you are).

Ultimately, we'd set up some type of pin/security question, that would authenticate the person is who they say they are, and basically say "If you share this information with anyone, you risk immediate termination". Because ultimately, all we're talking about here is authentication, not the ability to assure that one person doesn't assume the identity of another by acquiring said credentials (If I know your account number, and PIN, I can log into your bank account, and do whatever). Likewise, if I live with another staff member (wow, go figure), it would not be difficult to gain access to their credentials and act on their behalf.

This is why I don't do IT work for Banks. Ever. Them and Hospitals are my two rules. =P
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline rictheron

  • Sailor Scout
  • **
  • Posts: 181
    • http://www.geocities.com/dark_star0
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #10 on: February 13, 2008, 06:15:19 pm »
if we are talking about Skype meetings and the intent is to have hubs where people congregate then why not just assign an official designate staff coordinator running each hub?  When a vote is held in the general meeting those staff at the hubs vote the same way with their votes being counted by the coordinator and transmitted immediately to the secretary for an immediate count?  Only at hubs of course.
Jess Shelton
2008 Operations Director
2007 Assist. Operations Manager/Yojimbo Manager
2006 Assist. Yojimbo Manager
2005 Yojimbo Manager
2003-2004 Security
Credentials: senior Physics Major at PSU,Edu minor, Store Manager, Instructor, Security

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #11 on: February 13, 2008, 10:14:44 pm »
hmmm... that might just work. Of course, I think we would need to establish these official hubs as a board (or at least, I would have to make sure I trusted the "coordinator"). Hmmm... we'd probably also want to limit the hubs to a certain number, and density.

I think this is a good idea... and certainly takes the burden off the board. As a tracking measure, we can also have people sign a sheet at these "hubs" saying how they voted on the given motion, to later be sent to the secretary for records. Sure, it's still signature based, like above, but at least in this case, we're establishing a 3rd party observer. Might even be reasonable to ask said "coordinator" to not vote themselves, to establish a freedom of bias in relaying votes. I think this warrants further discussion. Any other thoughts?
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #12 on: February 14, 2008, 12:21:03 am »
Ultimately, we'd set up some type of pin/security question, that would authenticate the person is who they say they are, and basically say "If you share this information with anyone, you risk immediate termination". Because ultimately, all we're talking about here is authentication, not the ability to assure that one person doesn't assume the identity of another by acquiring said credentials (If I know your account number, and PIN, I can log into your bank account, and do whatever). Likewise, if I live with another staff member (wow, go figure), it would not be difficult to gain access to their credentials and act on their behalf.

This is why I don't do IT work for Banks. Ever. Them and Hospitals are my two rules. =P

Still not good enough.  You are basing the authentication on a shared secret only the end user knows.  Even assuming the end user is perfect, this means that the authenticating side needs to know the shared secret and keep it as well.  In the best case scenario this would likely be a hash, which can be brute forced, or worse, intercepted if sent in cleartext or spoofed if sent in pre-digested form.

Further then that, how do you authenticate the information after it has been stored?  For that the full solution is to digitally sign* the data.

if we are talking about Skype meetings and the intent is to have hubs where people congregate then why not just assign an official designate staff coordinator running each hub?  When a vote is held in the general meeting those staff at the hubs vote the same way with their votes being counted by the coordinator and transmitted immediately to the secretary for an immediate count?  Only at hubs of course.

In this case it would be possible for a hub to collude, especially a smaller (likely remote) one, to fake additional members being present.  Still not perfect verification.

hmmm... that might just work. Of course, I think we would need to establish these official hubs as a board (or at least, I would have to make sure I trusted the "coordinator"). Hmmm... we'd probably also want to limit the hubs to a certain number, and density.

I think this is a good idea... and certainly takes the burden off the board. As a tracking measure, we can also have people sign a sheet at these "hubs" saying how they voted on the given motion, to later be sent to the secretary for records. Sure, it's still signature based, like above, but at least in this case, we're establishing a 3rd party observer. Might even be reasonable to ask said "coordinator" to not vote themselves, to establish a freedom of bias in relaying votes. I think this warrants further discussion. Any other thoughts?

Staze, this isn't about who you trust.  For a truly secure system you must assume that no one is trustworthy, and worse that they know all your procedures. That's why it has to be designed to be validatable (is this even a word?) by any interested party.

The reason the signatures work is that anyone can compare inked copies.  However those are still vulnerable to things like pantograph forgery.  There's also the fact that it's very difficult for non-experts to determine that a signature hasn't been so forged, especially if a more elaborate copying system is used.


I think this will probably be the third time I've said it, but I'll phrase it differently again.  The motion I made was a quick, simple, likely good enough for a start, stopgap.  It was especially intended to reach minimal functionality without prior setup.  It will probably still be good enough for a short term solution, but it is by no means foolproof.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #13 on: February 14, 2008, 01:38:28 am »
Michael.

I think the simplest solution is the one you are ignoring: No remote votes. It's simple, clean, and doesn't risk any possibility of foul uses.

It's either that, or allow remote votes with no authentication under the assumption that both parties on an issue would equally abuse the system. =P

And of course it's about who I trust. Without forcing people to get their votes notarized, or a lawyer to sign off on them, you cannot have a system with a true 3rd party neutral confirmation of authenticity. A digital signature is still based upon a secret known by the owner of that signature, which can easily be shared with another. You would have to implement some form of 2nd or 3rd key to really have any way of preventing that (biometrics would be a good way of doing it... like, typing patterns, etc).

You're ultimately asking for something that's untenable without some serious thought. I personally would object to your initial proposal for the reasons I outlined above, and you seemingly agreed with. But, it's not ultimately my call, but rather the boards (and staff), since this would require a major change in procedure for the meetings.

If this is entirely based upon the premise of skype joinable meetings existing, then I highly suggest we call into question the sustainability and logic of those, rather than looking for ways to give those that join via skype equal powers to those that attend in person.

Anyone know how they handle votes at shareholder meetings if someone tries to call in a vote?

http://www.law.duke.edu/journals/dltr/articles/2004dltr0008.html

Seems like a good abstract.

I'm still keeping an open mind about this... but it's seriously turning into a quagmire.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #14 on: February 14, 2008, 03:37:28 am »
Michael.

I think the simplest solution is the one you are ignoring: No remote votes. It's simple, clean, and doesn't risk any possibility of foul uses.
...
And of course it's about who I trust. Without forcing people to get their votes notarized, or a lawyer to sign off on them, you cannot have a system with a true 3rd party neutral confirmation of authenticity. A digital signature is still based upon a secret known by the owner of that signature, which can easily be shared with another. You would have to implement some form of 2nd or 3rd key to really have any way of preventing that (biometrics would be a good way of doing it... like, typing patterns, etc).

Your first point is true, but rather defeats most of the purpose for remote attendance.  Pretty much only input on discussions is then the reason to do so.

Oh, I also stumbled upon the right search terms Web of Trust that describe the answer.  In that case the association of an individual to a public key, with a secret private key counterpart (the kind only governments and giant mega-corps would have the funds to even attempt cracking within reasonable (years with software, I suspect unknown but still a bit of time with custom hardware)).  The Wikipedia article is quite clear, though I might need to expound on what a key-signing party really means.

The way we'd do a key-signing party would be to collect all of the following information in the same place at the same time.
  • All normal staff registration information.  (Name, Address, Some other contact info...)
  • The unique ID (fingerprint) of a key (which the user says represents them.)
  • Some identifying documentation, like a driver's license.

With all that information in one place, like say at a Membership meeting, anyone who finds that information is valid may then write down something uniquely identifying the staff member (like a forum name), and the fingerprint of that key.

Later, with access to their trusted computer, they get the public key and verify it also identifies that member.  They then use their secret key to produce a signature that can be verified with their shared public key, and send it to the key-server(s) and/or the member in question.


With a web of trust like that in place, identities can be established and carried forward.

Any secret message (like an actual vote or a checksum for a vote) can be signed with the secret private key and verified (decoded) by the shared public key.  Which means anyone with access to that public key can verify that message.  Thus, anyone may validate each of the messages, and in so doing validate the vote as a whole.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #15 on: February 14, 2008, 04:04:15 am »
Anyone know how they handle votes at shareholder meetings if someone tries to call in a vote?

http://www.law.duke.edu/journals/dltr/articles/2004dltr0008.html

Ok, skimmed the summary too (trying to avoid parts I already hold the same views on, like phone voting/etc).  I think my prior post also properly addressed my view on the topic of actually authenticating a vote.  Leaving one very nice area of the article for discussion in this post.

What is a meeting, and more importantly, why do we have it?  I would argue that the key-signing party thing could happen at outreach and other general events in dispersed areas.  So the need to actually meet in person for that is also largely coverable through other areas.  Here are the benefits of a meeting:
  • A forum for discussion among a body.
  • The opportunity for confrontation with different opinions and reaction to motions (suggestions).
  • Allowing consensus with a smaller portion of the body?

The costs of an in-person meeting, I think we all know well.  I'll even list a few reasons why some cannot attend meetings.
  • Time away from local friends and family.
  • Time out of recreation.
  • Time away from work (and money/other vacation opportunity, if you can get it.)
  • The cost of getting to and from the meeting.
  • The far harder to define cost of having to do something during a specific timeslot.

I don't know if there are any benefits you can think of that are not listed above, I'll try to reply for those if they aren't covered by the below listed resolutions.

The discussion and confrontation parts are inter-related.  An excellent way of addressing this is to require discussion.  For the third somewhat dubious benefit, the trade-off between time and discussion occurs.  Therefore it is my opinion that at least the following levels of discussion should exist.
  • Normal: A week or two of discussion in the forums, followed by a week to get votes in (electronically or via paper, with electronic preferred)
  • Extreme Circumstances: One or two days for discussion, one to three days for voting, depending on reaching an elevated requirement based upon a percentage of the whole body.
  • Emergency: Continuous discussion and vote tabulation of the latest published votes live, until an elevated requirement of votes above Extreme Circumstances is reached.  (For when you absolutely positively have to impeach someone before they fire the nukes...)

This would move us to an all remote meeting architecture.  I think many would benefit from it.  Ah, one other thing.  Status updates (progress reports) would still occur, but their timing would have to be prescribed outside of the meeting architecture, and some parts of them may even be live if automation is in place.  Though in general quite likely a mid-quarter, and quarterly status update.  (8 status updates per year.)

One more thing, there's no reason a given issue could not be processed through all status levels at once, however I would strongly suggest that the higher level options require that each voter approving it validate that it is that type of circumstance requirement.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline rictheron

  • Sailor Scout
  • **
  • Posts: 181
    • http://www.geocities.com/dark_star0
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #16 on: February 14, 2008, 08:15:54 am »

Still not good enough.  You are basing the authentication on a shared secret only the end user knows.  Even assuming the end user is perfect, this means that the authenticating side needs to know the shared secret and keep it as well.  In the best case scenario this would likely be a hash, which can be brute forced, or worse, intercepted if sent in cleartext or spoofed if sent in pre-digested form.

Brute forced?  Intercepted?  Have there been rumors about a secret band of ninja spies trying to crack our top secret plans again?  Seriously, I mentioned possibility of mistakes or misunderstanding as a problem.  But claiming that someone would brute force a member of our staff for a code word to vote at one of our so very Top Secret general meetings?  We are not the Pentagon and do not have to worry about the same type of security breeches that would happen there.  We're just talking about being sure someone voting is a staff member for 30 seconds at a time.  There is no need to treat our voting and staff verification like it was ENIGMA.

if we are talking about Skype meetings and the intent is to have hubs where people congregate then why not just assign an official designate staff coordinator running each hub?  When a vote is held in the general meeting those staff at the hubs vote the same way with their votes being counted by the coordinator and transmitted immediately to the secretary for an immediate count?  Only at hubs of course.

In this case it would be possible for a hub to collude, especially a smaller (likely remote) one, to fake additional members being present.  Still not perfect verification.

 Again, discussing mistakes.  I would ask you not to question the honorable intentions of our staff but suggesting they would 'collude'.  Particularly not without some pretty firm evidence.  If they are staff then they have my trust and while I can't read their minds, I'd think they have the trust of the rest of the board and the staff as a whole.  Mistakes in counting however, would be the reason for the coordinator.

hmmm... that might just work. Of course, I think we would need to establish these official hubs as a board (or at least, I would have to make sure I trusted the "coordinator"). Hmmm... we'd probably also want to limit the hubs to a certain number, and density.

I think this is a good idea... and certainly takes the burden off the board. As a tracking measure, we can also have people sign a sheet at these "hubs" saying how they voted on the given motion, to later be sent to the secretary for records. Sure, it's still signature based, like above, but at least in this case, we're establishing a 3rd party observer. Might even be reasonable to ask said "coordinator" to not vote themselves, to establish a freedom of bias in relaying votes. I think this warrants further discussion. Any other thoughts?

Staze, this isn't about who you trust. 

Actually, Micheal, it is EXACTLY about who he trusts.  Who he trusts, who I trust, who the board trusts, who the staff trusts.  Which should be all of us.  The point is not if we trust their credibility and honorable intentions but rather their capability to run a hub like that.

The reason the signatures work is that anyone can compare inked copies.  However those are still vulnerable to things like pantograph forgery.  There's also the fact that it's very difficult for non-experts to determine that a signature hasn't been so forged, especially if a more elaborate copying system is used.

Perhaps we need a staff handwriting examiner and we could pay for a laser ink emission analysis device to assure that there are no forgeries.


Your first point is true, but rather defeats most of the purpose for remote attendance.  Pretty much only input on discussions is then the reason to do so.

I would suggest this is incorrect, MOST of the purpose for remote attendance is to allow staff, volunteers, and attendees who would like to hear the updates and discussions that occur at the meetings (as opposed to minutes or After Action Reports by involved parties) but are unable to come all the distance.  The capability of voting is an additional benefit if it could be worked out.

The way we'd do a key-signing party would be to collect all of the following information in the same place at the same time.
  • All normal staff registration information.  (Name, Address, Some other contact info...)
  • The unique ID (fingerprint) of a key (which the user says represents them.)
  • Some identifying documentation, like a driver's license.

I honestly do not have words strong enough to express my shock and dismay at this.  Fingerprint keys?  Online PIN access codes? Identifying documentation?  You need less to vote for the President of the United States!  This is not key-signing, this is licensing and bonding.  It is also WAY over the top, asking staff to submit fingerprints?  Do you understand the implications of us keeping fingerprint records of our staff?

Any secret message (like an actual vote or a checksum for a vote) can be signed with the secret private key and verified (decoded) by the shared public key.  Which means anyone with access to that public key can verify that message.  Thus, anyone may validate each of the messages, and in so doing validate the vote as a whole.

  The complexity of this idea is simply astounding, and I don't mean that as a good thing.  This convention has always been about friends, about fellow anime lovers working together to put on a convention for more anime lovers.  This is a fan run convention.  This is a non profit fan run convention.  Treating like state secrets or a Fortune 500 worried about corporate espionage and making everyone submit to the above is just about the surest way I have ever heard to kill Kumoricon.

  More over IF a remote voting system comes into play it should be as close to the voting system used in the General Meetings themselves in the interest of fair play, equal treatment, and replication of voting environment.  If we vote by a show of hands in the General Meeting itself then the vote in the remote voting should be as close as possible to that same system so the mind behind the voting is thinking about the same subjects.  Having the person at the GM thinking "I want this issue to pass" while the person at the remote site thinking "Should I vote?  I entered a PIN, they could tell exactly what I voted?  Will I get in trouble? Will someone intercept it?  Will someone brute force me?" is not going to provide an equal place from which people can vote. 

Keep it simple, keep it trustworthy, or simply drop it, I say.
Jess Shelton
2008 Operations Director
2007 Assist. Operations Manager/Yojimbo Manager
2006 Assist. Yojimbo Manager
2005 Yojimbo Manager
2003-2004 Security
Credentials: senior Physics Major at PSU,Edu minor, Store Manager, Instructor, Security

Offline Hawkeye

  • Catgirl
  • ****
  • Posts: 578
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #17 on: February 14, 2008, 07:22:49 pm »
Evans, as someone who has worked with various board members over the years (including Staze for several years now) and Shelton for years as well.  I agree with every point they have both made, you have to not only have a high level of trust in your staff members, but to implement the types of security measures you speak of, it would cost more than you think and possibly more than the con is willing/able to spend.  From a different point of view, I do not like remote voting for the reason it opens up a person for identity theft, no matter how many security measures you take.  I've had that happen to me and it was pure hell to battle.  Besides, as much as I love working with the con, I don't want to have to go to such possible extremes as needing to give out my social security number.  If I had to choose between taking that risk, no matter how small, and not voting, I'd rather not vote.  I think most everyone else would agree with me on this.  Again on the matter of trust, just because I allow a recruit onto the yojimbo squad, or because Shelton allows someone on the Ops department, does not mean we trust them completely.  With that in mind, how can we truly keep everyone on track, how can we truly determine who's trustworthy and who isn't?  Besides, if you're not staff, what right do you have questioning any of us on our intentions?  That's not your job, that is the responsibility of the directors and the board.
« Last Edit: February 14, 2008, 07:32:27 pm by Hawkeye »
"Now I'll show you how real vampires do battle!"


Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #18 on: February 14, 2008, 09:50:53 pm »
Response to outstanding objections:

Brute Force: An attack method based on compromising the mathematical integrity of a problem (like breaking the secret prime factors in a key system based on that.), usually accomplished by vast parallel storage and/or processing.  I'm not talking about water-boarding or thugs here.

Interception: Centralized systems (Like Web Sites) are most vulnerable at the site level.  I'm trying to design a system here that not even someone with inside access and knowledge can compromise.

Collusion to deceive: I'm not saying it would happen, I'm saying I want to make sure it is not possible and eliminate any benefit in doing so.

Trust: Yes exactly.  It's about who everyone individually trusts.  When designing for security you trust no one, and no group; unless there is absolutely no other choice.

The way we'd do a key-signing party would be to collect all of the following information in the same place at the same time.
  • All normal staff registration information.  (Name, Address, Some other contact info...)
  • The unique ID (fingerprint) of a key (which the user says represents them.)
  • Some identifying documentation, like a driver's license.

I honestly do not have words strong enough to express my shock and dismay at this.  Fingerprint keys?  Online PIN access codes? Identifying documentation?  You need less to vote for the President of the United States!  This is not key-signing, this is licensing and bonding.  It is also WAY over the top, asking staff to submit fingerprints?  Do you understand the implications of us keeping fingerprint records of our staff?

It is clear you completely misunderstand.

The 'Fingerprint' of a key is the common term used for a (hopefully unique or at least close enough to unique for you to select the proper key from a short list of matches) mathematical checksum, basically a nickname, for the actual data of the cryptographic key.  I am NOT talking about anything biometric here.  (I'm actually opposed to biometrics, See Mythbusters, and movies involving severed body parts for why.)

I actually read the article linked, and if I didn't understand a term I looked it up.  Please do the same, or alternately, ask what it is if the term is not known to you.

As for the complexity in doing this, nearly all of this is handled by the quite nice general computing devices we're currently using to post here.

Cost / Software:
Many email clients already integrate the capacity for using PGP/GPG messages, and there are plugins for others.

How we'd typically use it though is signing either un-named streams of text (Like clipboard/edit window contents, which is probably the more common use today) or actual files.  The message (original text/file) can be left in the clear for a signature, or embedded anyway (forcing the use of something like PGP/GPG to read it at all), or actually encrypted with someone else's public key, making it so that only they can read it.  There are more complex ways of allowing multiple other parties read a document.

GPG(Quick summary, deep linking is possible) and most interfaces for it generally being FREE (as in liberty and as in no cost).  Additionally GPG is available in such a manor for most modern operating systems, and most of those, especially the popular ones have usable graphical interfaces for it.

The actual use of it is quite simple, though an explanation as to how it is secure is slightly more complex.

That is to say, just doing the basics with it is easy.  Knowing Why that's the way the basics are done like that, and what you can do that isn't so basic, that's harder.  However that's also a requirement for making decisions about security, beyond trusting others to make the choices for you.



For specific applications I recommend for consideration as things we point the average user towards:
http://en.wikipedia.org/wiki/Gpg4win
http://www.gpg4win.org/
http://www.gpg4win.org/handbuecher/novices.html

Good starting points for background knowledge include these links:
http://en.wikipedia.org/wiki/Portal:Cryptography
http://gnupg.org/documentation/faqs.en.html
http://www.glump.net/dokuwiki/gpg/gpg_intro -- If you're not interested in using a graphical front end for it, and want raw GPG under windows.
http://gnupg.org/gph/en/manual.html -- GPG manual, I reference this for the steps and ideas involved, not the specific commands used to accomplish said steps.
« Last Edit: February 14, 2008, 10:00:15 pm by MichaelEvans »
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline rictheron

  • Sailor Scout
  • **
  • Posts: 181
    • http://www.geocities.com/dark_star0
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #19 on: February 14, 2008, 10:25:15 pm »
  You are missing the point, mr Evans.  The terminology is unimportant, the complaints are exactly the same. We are a convention.  A non profit convention run by fans and friends who are here solely because they want to help.  We are not the type of place that is going to face things like 'brute forcing' or 'interception' (And yes, I did know what they meant, so please do not talk down like that).  We simply have nothing of interest which would make anyone interested in doing this.  More over, any such occurance would be so obvious with out current staff size that there would be no lasting damage. 

   It creates a far too complex of a system for too many people for too little purpose.  If you want to put something like this on the hub systems so the coordinators input is unaltered, that at least makes more sense as it would be a verified system and would be on a limited scale.

   As to the point about collusion, again it casts doubt upon the intentions of the staff.  One thing you never want to do when trusting them to make a decision is show a lack of trust in their intentions.  We all have to work together to make this convention run, to do that we must trust.

  Trust no one. A wonderful motto for our group.

  You are right, I did not know the term 'fingerprint' in relation to keys, nor of its use as such.  So please do not talk down as though equal care or concern was not taken.

   However the major points still stand, the requirements on the staff for this system are asking a lot of them.  The complexity is high vs low actual advantage when compared to other systems.  It works on the idea that we must secure against dangers which are all but completely unlikely externally or dangers inside which call our staff into question.  It creates a completely different voting environment for those remote voters than those at the General Meeting which can skew the results and create double standards.
Jess Shelton
2008 Operations Director
2007 Assist. Operations Manager/Yojimbo Manager
2006 Assist. Yojimbo Manager
2005 Yojimbo Manager
2003-2004 Security
Credentials: senior Physics Major at PSU,Edu minor, Store Manager, Instructor, Security

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #20 on: February 14, 2008, 11:19:40 pm »
You're still operating under the idea that this is talking about having votes at a Central meeting, and other areas voting in remotely.

That thread of logic ended approximately a page ago when someone started me on the line of thought regarding why we have meetings at all, and how problematic it would be to have remote-voting.

Instead, I have been trying to determine a process that has some comparative advantages over that of the current meeting format.  Particularly one that allows for participation no matter where anyone happens to be, as long as they can get online.  As an added bonus, such a system need not require actually being there during a given moment of a given day, but rather, being online and having time to check at almost any time during a reasonable window (a week or two) of time.

Voting is something which should be looked at from a security perspective (as described in my prior posts).  Especially when an organization reaches a point that it's difficult to know everyone in it.  How will our current system cope when we have 200 or even 300 staff?  Can it even scale to 500 staff?

Have you ever used the tools I'm talking about before?  If not, you may want to try them out, to see just how difficult they are.  In fact, I'll be sure to get the Linux versions of them for my self tonight.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #21 on: February 14, 2008, 11:40:54 pm »
Can our system upscale to 300-500 staff? I would say yes. Fanime, to the south, has over 300 staff (if I recall). And as far as I know, they conduct meetings much like we do, just obviously in larger venues.

But, given that our con is going to approach the 4000 person level this year, and we're talking about being happy with 150 staff... given that growth, we're talking about an 8000-12000 person con by the time we have 300-500 staff. And I'm sure our neighbors to the north could tell us how many staff they have for a con that I believe broke 12k last year. Maybe just over 200... maybe?

So yes, I think it will scale. But, you present an interesting idea about reconsidering the ideas of meetings. The idea of time/space shifting a meeting. The only major problems I see with that are implementation (cost, etc), and the social breakdown it would lead to. Beau (BigGuy) previously mentioned in another thread how he longed for the old days of social gatherings/meetings, and how our current meetings have progressed to a more formal structure with less "hanging out and chatting". Moving to something that required no physical relocation would be a death-knoll to our fan driven nature, and instead turn us into the very shareholder meetings I mentioned previously. =/

I'd actually, at this point, recommend this thread be renamed, or the conversation relocated, because I think at this point we're no longer talking about a motion from the previous meeting, or for the next meeting, but rather a theoretical discussion of the nature of how meetings are conducted, and how they could be expanded to include those who may be half way around the world, or right next door but unable to attend a physical meeting should one even be necessary.

Thanks!
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #22 on: February 14, 2008, 11:52:25 pm »
So yes, I think it will scale. But, you present an interesting idea about reconsidering the ideas of meetings. The idea of time/space shifting a meeting. The only major problems I see with that are implementation (cost, etc), and the social breakdown it would lead to. Beau (BigGuy) previously mentioned in another thread how he longed for the old days of social gatherings/meetings, and how our current meetings have progressed to a more formal structure with less "hanging out and chatting". Moving to something that required no physical relocation would be a death-knoll to our fan driven nature, and instead turn us into the very shareholder meetings I mentioned previously. =/

I'd actually, at this point, recommend this thread be renamed, or the conversation relocated, because I think at this point we're no longer talking about a motion from the previous meeting, or for the next meeting, but rather a theoretical discussion of the nature of how meetings are conducted, and how they could be expanded to include those who may be half way around the world, or right next door but unable to attend a physical meeting should one even be necessary.

Thanks!

I've already addressed some of your points, but for the others.  I'm not saying eliminating getting together.  I'm just saying do something else besides a meeting (a BIG one with lots of boring votes etc anyway) when we do get together.  (I think I mentioned that too a few posts ago, but that might have gotten glossed over.)

As far as the thread it's self, you're correct, we've drifted in topic, some more then others.  Though this is a -closely- related topic.  Since you insist on it though, and are trying to kill conversation about the motion it's self, I'll do the less-sensible but more procedural thing, and split off a new thread about the current idea elsewhere, with a reference to this for background.

I've currently got the other information loaded up and occupying most of my frame of mind.  So I'll work on that first, then come back and try to summarize the relevant points to the motion, unless someone else does that first, then I'll comment on that summary.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #23 on: February 15, 2008, 12:23:34 am »
I'm by no means trying to kill conversation on the motion... I just thought that as per your comment earlier to Jess, your original motion was somewhat outdated because of what has some up in this thread, about trust, authentication, etc.

If you still are working on something, by all means, keep the topic going. I was just going by what I read, but it may have (and seemingly was, by your tone) misinterpreted.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #24 on: February 15, 2008, 02:16:56 am »
Well, the motion its self is still valid.  It's still needed until something more complete replaces it.

Several assumptions were brought to light:
1) Some have been assuming there will be remote voting (my self included) as part of Skyping in, while others (Staze?) have assumed that there will only be voting if actually at the primary meeting location (or as was proposed here, at a location meeting special requirements (oversight?  who oversees the oversight? etc.)).

2) More complicated procedures for remote voting, or even validation of the vote being made possible by any member (or even anyone for some systems), tend to draw us away from the specifics of the motion at hand.  In fact, while a number of important things have been discussed, the original discussion was sidetracked rapidly by those other issues and possible resolutions to them.

3) Many other assumptions based on things that were discussed outside of the topic.

Here is the original post:
This forum is for the discussion of the following motion carried forward for discussion.  Would a Moderator please made this a sticky topic until after the next meeting?

Motion to follow this procedure for Remote Voting:

We shall follow this procedure for remote voting verification until the Membership passes a new procedure or a set of Bylaws are installed which provide a remote voting verification process.

Remote Votes:
Shall be accepted for this meeting in two written formats.
  • 1) A non-ambiguous vote-by-vote reply from the Staff member's known account to either the current meeting's announcement thread, or optionally a more appropriate thread if defined during the meeting before voting.  Such a definition shall be included in the minutes.
  • 2) A hard copy of the same information as #1 that is signed by the Member, and mailed no less then 3 business days from the meeting to the following: The Secretary, The President, and the Publicity (Communications) directors.
Votes are subject to Membership review, and contention by the Staff member in cases where they believe they may have been tampered with.

During the meeting, for ease of tally the following shall occur:
A count of all votes from Members within the room.  The tally of all votes types and abstentions shall be recorded in the minutes.
A verbal or text reply in whatever remote session is occurring, which shall be recorded, including the Staff member's name, and what their vote is.

The decision shall be valid instantly if there is a clear passing level within just the Members in the room, and after all remote votes have been tallied or declared invalid due to failure in communications in all other cases.

I believe this procedure would be sufficient to properly validate the integrity of all votes for the time being.  However I could be wrong, and there may be better methods, this was just the most simple air-tight procedure I could formulate that morning after realizing it was an issue.

Please discuss any aspect of this motion you wish, including alternatives to it.  I will try to respond to general questions and questions directed at me or about the motion.  I am also willing to help critique any competing motions.

Please, resume on-topic discussion.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #25 on: February 15, 2008, 08:49:35 am »
So here's a pure incentive exercise.

Who, at a meeting, is going to vote to enact this idea? The people that attend meetings physically, do so so that they can take part in the planning of the con, and therefore help direct the con toward some greater goal. By voting for this, they are in essence reducing the power of their own vote because the voting pool will grow larger.

Don't get me wrong, I'm not strictly opposed to the idea of remote voting, I'm just a nuts and bolts person (ask anyone that knows me). So I see implementation issues, etc. Also, big fan of game theory, but that's beside the point.

Purely responding to your question though... When Mike, our chair, announced we were going to try to work in Skype people to the meeting, there was NO mention (to my recollection, and the (ratified) minutes) of voting capacity. So I made no "assumption"...
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline rictheron

  • Sailor Scout
  • **
  • Posts: 181
    • http://www.geocities.com/dark_star0
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #26 on: February 15, 2008, 09:13:22 am »
  I wanted to express my apologies for the voice of some of my comments in the earlier of my posts yesterday.  My incredulity got the better of me and some of my comments were more sarcastic, negative, or possibly insulting than I had intended them.  I am sorry for how I said my piece though I still feel that the points of the argument remain as valid.  So, my apologies.
Jess Shelton
2008 Operations Director
2007 Assist. Operations Manager/Yojimbo Manager
2006 Assist. Yojimbo Manager
2005 Yojimbo Manager
2003-2004 Security
Credentials: senior Physics Major at PSU,Edu minor, Store Manager, Instructor, Security

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #27 on: February 15, 2008, 08:27:14 pm »
Purely responding to your question though... When Mike, our chair, announced we were going to try to work in Skype people to the meeting, there was NO mention (to my recollection, and the (ratified) minutes) of voting capacity. So I made no "assumption"...

Here's the thing though, there was no clear information given either way.  So we both assumed one specific way, which happened to be different.

The impression I got was that Skype would be really useful for people that live, say in Seattle or Eugene, so they don't have to drive all the way in to Salem or Portland when we hold a meeting in that area.  So that they can still participate 100% from home, that including voting.

The question of if remote voting should be allowed or not, is likely beyond the specifics of this thread, as you pointed out so well for the possibility of not having meetings as we do now.



The precise topic for this thread makes two assumptions.  First that we will continue to have meetings as we do now.  Second that we want remote voting.

I would highly suggest that anyone, even my self, motion that we explicitly state that remote voting is NOT allowed period (until rescinded by a vote of the Membership) in the case that this motion or one like it is not enacted.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #28 on: February 16, 2008, 01:50:05 am »
Michael,

Thanks very much for this post. It basically compresses the last couple pages into a nice paragraph.

Yes, I think we probably need to make an official policy one way or the other. Keeping it the way it is, as in, undefined, is not the best option.

Thanks again.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline Mr_Phelps

  • Sailor Scout
  • **
  • Posts: 140
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #29 on: February 16, 2008, 09:24:28 am »
 If I may interject here....

In my mind the Skype ability is not to allow individual people to join the meeting.  It is for remote "groups" to participate.  I still believe that the meetings should be a face to face get together within the various areas.  Thus all the folks that are in Salem or the surrounding area would meet in a central location with the ability to have some form of conference call and join in.  Ideally there would be at least one manager level staffer to lead the meeting at that sight and be the primary spokesperson for that group.  They would be tasked with notifying the main meeting when they had input into the discussions and verify any responses required of them.

As for the general elections...  that would be up to the staff to decide whether remote meeting sights should be allowed to participate.

However, the date of the general elections will be known well in advance this year and asking the staff to make it to the most important meeting we have each year is not an unwarranted request.  We could even work towards carpooling for those that are coming in from remote locations.  Making sure that we schedule it on a Saturday would also ensure that most folks have a day to recover from long roadtrips before work/school on Monday.  Michael, this would be inconvenient to you I know.  But I'm fairly sure that we should be able to work something out.

The biggest problem that I see with the general election and a Skype meeting is the general discussion period when the current candidates are excused from the room.  That period should be unrecorded to protect the identity of staff that would have to work with someone after the elections are done.

As always, it is the staff that have earned the right to participate in these elections and their voice that should be respected.  Taking away the face to face nature of this election process is not something I believe to be in the best interest of the staff or the convention.
Avatar is "Othar Tryggvassen" from GirlGeniusOnline.net

Offline Lily

  • Sailor Scout
  • **
  • Posts: 51
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #30 on: February 16, 2008, 09:52:52 am »
What happens if someone participating remotely (Skype, etc...) is nominated for Board? How should that be handled? Granted, my experience of remote technology participation at meetings is limited to having an ill City Councilor participate in a CC meeting via teleconference. That was an unmitigated disaster-not due to the technology, but to "problem exists between keyboard and chair". <smirk>
Con Suite Manager 2008

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #31 on: February 16, 2008, 03:51:20 pm »
Lily,

This has "kind of" happened in the past. We've had the case where two directors that were nominated to positions were not able to make the the general election meeting, and gave their speech, and took questions, over the telephone.

We decided before the last elections that this was not something we were willing to continue (without exceptional causes), because ultimately, if someone can't make the general election, they probably aren't going to be able to make other meetings throughout the year (if you can't make the most important meeting, what says you'll make lesser meetings?).

It's a tough choice to make... just like we had to say "no" to proxy voting for the last few years, because we didn't feel it was fair to the person being elected, or the person voting (the person voting via proxy can't ask questions, or hear answers and the elected official won't necessarily hear the concerns, etc of those voting for/against).

Hope this helps. Believe you me, every year we come up on elections, several people all get massive headaches thinking about how things should work, and then figuring out contingencies incase something goes wrong. =P
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline Lily

  • Sailor Scout
  • **
  • Posts: 51
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #32 on: February 16, 2008, 04:06:13 pm »
That's what happens when you don't have history. You end up asking the "dumb" questions.  :D   And that's a completely sensible solution. I figured if I was thinking it, someone else was, too, so I thought I'd throw it out there. And actually, it wasn't such a silly question, seeing that the situation *has* occured before.
Con Suite Manager 2008

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #33 on: February 16, 2008, 08:27:52 pm »
Yeah, as I've said in other threads, that's the One meeting each year that staff would be expected to take time off and attend for sure... unless it was absolutely impossible for them to do so (approximately the level of 'you take these days off and we'll FIRE you', or at the very least several thousand in consequences.)

I am actually more for the elimination of general meetings as we have them now (covered in other threads on this forum) since we talked about why exactly we have meetings.

A lot of the topics we've been going over lately are focused breakouts from stuff that belongs in operating documents (which I think of as all being at Bylaws level, and requiring that kind of change control.).  How voting for directors occurs, how more frequent voting and policy decisions occur.  Who can be a member even effects the bias for or against various venues.

The one thing that, after experiencing it, I would not easy consider changing (it's always possible there's some argument that will make sense, but I can't think of any better way of doing it realistically.) is the Annual Meeting.

I'd really LIKE a lot of the positive things to be presented before hand, so that the meeting it's self can be almost entirely actual voting and secret discussions, with responses to them.  All other things proper prior planning can cover here in the forums.  That would optimize things so that all the critical sections (secret discussion, response to questions carried out of it, voting) were as close as possible, and all of the any order that works things could be processed before that day.

Yet we have once again digressed.

Back to the actual topic at hand:

Why voting works at the main meeting site without explicitly recording who votes for what.

Quorum is a requirement, which states that there are enough members there to verify that things are proceeding above board.  It also means that there are enough there to likely represent the overall feeling of the body in question.

When we start to allow remote sites to participate it is very likely that they will not have quorum, be it a single home user, or a group meeting in a small town.

Therefore, there is a lack of the peer-checking that Quorum inherently fulfills.

I had not yet considered, until expounding this logical thread, that the main meeting it's self may also fall short of local quorum.

Therefore, I propose a potential revision of my initial proposal.

(REVISION 2 (2008-02-16))

Motion to follow this procedure for Voting:

We shall follow this procedure for voting verification until the Membership passes a new procedure or a set of Bylaws are installed which provide a voting verification process.

Votes occurring at a location with a Quorum of a voting body in question.
  • May use any normal parliamentary procedure that counts individual votes for the collection of local votes.
  • May instead use any voting procedure defined for portions of that body that do not meet Quorum.

Votes occurring at a location lacking Quorum of a voting body in question.
Shall be accepted for this meeting in two written formats.
  • A non-ambiguous vote-by-vote reply from the Staff member's known account to either the current meeting's announcement thread, or optionally a more appropriate thread if defined during the meeting before voting.  All locations votes are accepted shall be enumerated in the minutes.  Votes may be signed cryptographically if a prior public key has been authenticated.
  • A hard copy of the local meeting's vote record with each voting member signing near each other in separated lists for each vote in question.  Such lists shall normally include Approve (for), Reject (against), and Abstain (remove from global body Quorum).
  • A hard copy of the same information as #1 that is signed by the Member, and mailed no less then 3 business days from the meeting to the following: The Secretary, The President, and the Publicity (Communications) directors.
Votes are subject to Membership review, and contention by the Staff member in cases where they believe they may have been tampered with.

During the meeting, for ease of tally the following shall occur:
A count of all votes from Members within the room.  The tally of all votes types and abstentions shall be recorded in the minutes.
A verbal or text reply from each remote site, which shall be recorded, including the remote conducting staff member's name, and what their vote is.

The decision shall be valid instantly if there is a clear passing level for the whole body in question counting just the members one room, and after all votes have been tallied or declared invalid due to failure in communications in all other cases.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #34 on: February 16, 2008, 10:09:00 pm »
I'm confused Michael. You can't legally have a vote at a meeting lacking quorum. So I'm guessing you're talking about remote voting in your motion, but it's not really defined per se (too much context from this discussion is needed to realize what the motion actually means).

This whole thing still makes my head hurt... but then, less so than proxy voting. Funny how that works.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #35 on: February 16, 2008, 11:32:31 pm »
Since the meeting is split across multiple sites, I'm altering the motion so that it's clear that there are two types of quorum (though that's more implied).

Vote Quorum - The Quorum necessary for a vote its self.
Location Quorum - By default the same as Vote Quorum, however there can be enough votes collected to meet Vote Quorum, without having enough at even one location to meet Quorum there.
« Last Edit: February 16, 2008, 11:34:43 pm by MichaelEvans »
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline babysugarbear28

  • Chibi
  • ***
  • Posts: 389
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #36 on: February 18, 2008, 02:10:57 pm »
I feel as if I need to say my piece here since this load of crock was started in a thread that I originally created and because I am a staff member that lives in the Eugene area and could potentially skype in on a meeting.

Staff members DO have lives and do to locations/work/weather/ect. we are not always able to attend all meetings with the regularity that we probably should. The whole point of skype is so that we can listen to all or most of what is going on at the Kumoricon Staff meetings if say we can not make it to Portland due to various before stated reasons and on the other hand we can say what we feel needs to be heard on our part. As voted on at a before meeting staff members that would prefer to remain unknown on recorded documents have the right to have skype turned off while they say their piece and in doing so would deprive someone who is remote voting the opportunity to hear what this person has to say, which in the end could be the grain of rice that tips the scale and helps a person choose whether or not to vote yay or nay on a subject.

Without being properly informed of the subject matter up for discussion (aka being at the general meetings themselves), I believe that it is in the best interests of the convention not to have remote voting at all. I believe that my right to vote on any matter brought up to my fellow staff memebers relies entirely upon my showing up to any said general meeting. We are given plenty of advanced notice upon the location and dates of the before said meetings and people such as I can find ways to make it to the meetings if we are resourceful. I have no intention of jumping through hoops or slowing down the voting process just because I could not attend a single meeting.

As for the general meeting in which the Members of the Board are voted on. Staff who want to exercise their voting rights MUST attend this meeting for their opinion and vote to count on whom they want on the Board. As said before not ALL staff can attend this meeting due to life reasons but this is no reason for pushing them away and slapping them on the hand as one would do a naughty child.

To put this simply I believe that the right to vote is solely placed in the hands of those STAFF who are willing to make the journey, to attend the meeting, to listen to everything being said and that in doing so have a completely informed opinion of what they are voting for and this simply cannot be done through Skype/Remote Voting. Voting is for attending memebers of staff, plain and simple.

BSB28 - Official  Post Reg-Monkey

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #37 on: February 18, 2008, 06:14:50 pm »
... this load of crock was started in a thread that I originally created and because I am a staff member that lives in the Eugene area and could potentially skype in on a meeting.

For the thread you are referring to, that was originally in the staff forums.  I saw someone else suggesting what seemed like full attendance and interaction capability via Skype.  That may have been wrong, but my addition of a warning about the motion I was in the process of drafting was not.  I'm sorry for adding additional distraction to it via that reply, but didn't want you to get burned by something sensible that I'd realized we needed at the last moment and hadn't had time to properly polish yet.

Staff members DO have lives and do to locations/work/weather/ect. we are not always able to attend all meetings with the regularity that we probably should. ... the right to have skype turned off while they say their piece ...

Without being properly informed of the subject matter up for discussion (aka being at the general meetings themselves), I believe that it is in the best interests of the convention not to have remote voting at all. I believe that my right to vote on any matter brought up to my fellow staff memebers relies entirely upon my showing up to any said general meeting. We are given plenty of advanced notice upon the location and dates of the before said meetings and people such as I can find ways to make it to the meetings if we are resourceful. I have no intention of jumping through hoops or slowing down the voting process just because I could not attend a single meeting.

I agree so very much with the basis of your concerns, especially as WORK is becoming a bigger nuance in that area for me this year.   The right to be off record would be the hardest thing to add back in to an online format.  However allowing some method for anonymous replies to occur would possibly work as a substitute.  In so much as currently we do not exclude anyone from speaking or listening at any time during a General Meeting.  That would require alterations to these forums, or a different method of holding meetings.  For true anonymity something like an open proxy or the TOR network would be required.  However it would be possible to provide instructions for doing so.  If going through such a third party and not using login information it would actually be better in one aspect but worse from the perspective of it being recorded.  However that should be sufficient for insulating us from Google searches.  Any AI that might later be created that could, and would actually go to the bother of, link that back to an actual identity would be such a scary thought that it probably wouldn't even need to see any record to deduce that information.

As for the general meeting in which the Members of the Board are voted on. Staff who want to exercise their voting rights MUST attend this meeting for their opinion and vote to count on whom they want on the Board. As said before not ALL staff can attend this meeting due to life reasons but this is no reason for pushing them away and slapping them on the hand as one would do a naughty child.

I totally agree with this, and have made no suggestion at all of doing away with the Annual Meeting as we have it now.  I did consider it, but quickly rejected it.  The existing format has benefits I consider of a sufficient magnitude which simply cannot be properly reproduced or equivalents found.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline TomtheFanboy

  • Bunnygirl
  • *****
  • Posts: 4417
    • Twitter
    • Kumoricon Archives
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #38 on: February 20, 2008, 09:29:33 am »
Good lord.
WAY TO COMPLICATED.

I can think of only one reason to allow remote voting. Quorum.

If in the event that a motion is put to a vote at a general meeting and there is not enough staff present to form quorum (which is what percentage again?) then a number of remote votes will be accepted from staff not present in order to reach quorum for that vote. Remote Votes should be made using the official convention Skype service for the meeting. Staff who are voting remotely should verbally confirm their identity and have their identity and position confirmed with the director of their department.

That should be the only time we need votes from elsewhere and the person's voice on the speaker saying Yay or Nay should be good enough. Especially when the director who signed their staff form is there to confirm that it is them.

We will probably never have to fall back on this because even with skype we should always be able to meet quorum with the personnel present at the general meeting.

I am voting against this motion.
We don't need it.
Tom the Fanboy
Passion over Pedantry!
Pocky Club President 2005-2010

Offline MichaelEvans

  • Catgirl
  • ****
  • Posts: 731
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #39 on: February 20, 2008, 04:11:20 pm »
I don't actually mind this motion not passing.  Discussion on it has convinced me that other things would be better.

That being said, I still feel it must be voted upon so that it is officially rejected.

I also feel that Tom's proposal lacks sufficient security, so I would persist in motioning to disallow all remote voting unless explicitly allowed via some other procedure which is passed by the Membership.
---
Staff 2007-2010
2010-2008: Website Development (So very very much in the last month before the convention at last; Good thing I'm looking for work x.x and have the spare time ~.~)
2007: Website Administration (Mascot Voting Input, Live Schedule)

Offline JeffT

  • Administrator
  • *******
  • Posts: 1843
    • Facebook
    • Google+
    • Skype
    • Twitter
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #40 on: February 20, 2008, 09:05:51 pm »
That being said, I still feel it must be voted upon so that it is officially rejected.

Keep in mind, that the motion, if voted on and passed by staff, would have only been a recommendation in any case, so it hardly seems necessary to "officially" reject it as a recommendation.
2023: Website Development Coordinator
2020-2022: Assistant Secretary, Website Development Coordinator
2011 - 2013, 2016-2019: Secretary
2007 - 2019: Website Manager
2015: Assistant Secretary
2014: Chair
2007 - 2009: Director of Publicity
2006: Copy Editor

Offline TomtheFanboy

  • Bunnygirl
  • *****
  • Posts: 4417
    • Twitter
    • Kumoricon Archives
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #41 on: February 20, 2008, 09:49:59 pm »
Keep in mind, that the motion, if voted on and passed by staff, would have only been a recommendation in any case, so it hardly seems necessary to "officially" reject it as a recommendation.

 :D
I forgot!
I knew there was a reason I wasn't reading this thread. I don't need to vote on something that is a suggestion to the board. The suggestion has been made already. There doesn't need to be a vote.

We vote yes, well there is a Motion passed to officially make the suggestion.
We vote no, there's still a bunch of people raising their hands Yay. THOSE people are making their suggestion to the board by voting yes.

All an official vote is doing is trying to force people to have an opinion on something they don't care about. It can't even do that because we always have the choice to abstain.
This is why I try and avoid these kinds of threads, way too much effort to untangle the discussion.
Bye-bye
Tom the Fanboy
Passion over Pedantry!
Pocky Club President 2005-2010

Offline staze

  • Founder
  • Catgirl
  • ****
  • Posts: 698
    • http://www.staze.org/
Re: Buisness Carried Forward: Motion about the Remote Voting procedure
« Reply #42 on: February 20, 2008, 10:14:45 pm »
If in the event that a motion is put to a vote at a general meeting and there is not enough staff present to form quorum (which is what percentage again?) then a number of remote votes will be accepted from staff not present in order to reach quorum for that vote. Remote Votes should be made using the official convention Skype service for the meeting. Staff who are voting remotely should verbally confirm their identity and have their identity and position confirmed with the director of their department.

1/5 (20%) of registered staff. Which, at this point since we have 66 staff, means 14 staff (rounding up) would be needed to form quorum.
-Staze
Founding Member, Altonimbus Entertainment
"You mean, you'll put down your rock and I'll put down my sword, and we'll try and kill each other like civilized people?"