• no fraud nor errors occur inside each polling room
• no fraud nor errors occur in the way polling rooms results are tallied up
• votes are absolutely secret
• the public verify the above points

ClearVoting, in presence of democratic checks, fulfils all the above points, thus it is a voting system suitable for democracy.

1. security is based on the lack of networks and on the use of ClearSoftware
2. security is guaranteed only by the active monitoring of people
   • when the software is produced and distribuited
   • when the software is installed on the kiosks of each polling room
   • when the software is run during election
3. the use of local counters to keep score of the votes received by each candidate in each polling booth allows not to store any data about voters. The lack of secret data means that no encription is required
4. the LAN that connects the managing booth with its polling booths (all within the same polling room) is used only to activate them to accept votes. Such activation is done by poll workers, using their managing boot, only when in front of the polling booth stands an elector that has been identified and authorized to vote. After a vote has been cast the polling booth must be reactivated by poll workers, so that no elector can illicitly vote more than once
5. no votes nor local counters are ever transmitted during voting
6. no local counters are visible from outside their polling booth, not even to the managing booth
7. the final transmission of the results of each polling room to the Internet has no problems related to vote secrecy as it consists of the cumulative results of whole polling rooms
8. since results of each polling room are published on the Internet, anybody can verify they are the same made public at each polling room when voting closed. Such control can be done by parties' representatives
9. electoral results of each polling rooms can be verified counting by hands the VVBP printed (and stored) in it. Such count can be done
   • in all polling room. In this way electronic results are not taken in account and ClearVoting is used only as a ballot papers printer.
   • in some polling rooms. In this case it is wise that polling rooms to be manually counted are choosen after the election close, when electronic results are all published. In this way any fraud (if any) is already done and thus it can surely be detected by the manual count

1. Since the voter does not complete the paper ballot with his/her own handwriting, the votes expressed are always valid. This is important, as apart from increasing the number of voters who contribute to the final result, it ensures there are no more void ballots, void votes, blank ballots and contestable ballots:
   • the non-existence of blank ballots means that the classic intrigues that transform them into valid votes are no longer possible.
   • the non-existence of void votes and void ballots means that the classic intrigues that transform valid votes into void votes, thus depriving unaware voters of their right to vote, are no longer possible.
   • the non-existence of ambiguously completed ballot papers eliminates the necessity for interpretative discretion in guessing the real wishes of voters and so eliminates contestable ballots, which are possible with the classic paper system.
2. of all the software running on polling booths the only part in which there could be hacks or tricks is the voting software (yellow) because all the rest (light blue) is Open Source software choosen by the bipartisan technical commission and downloaded from the Internet. Since the voting software is coded in a high-level, widely-known, interpreted programming language, many people (parties, orgs, ...) can analyze and debug it. Since the source code is interpreted and not compiled, we are certain that it will be one that actually runs during real voting.
   
3. of all the software running on managing booths the only part in which there could be hacks or tricks is the managing software (yellow) because all the rest (light blue) is Open Source software choosen by the bipartisan technical commission and downloaded from the Internet. Since the managing software is coded in a high-level, widely-known, interpreted programming language, many people (parties, orgs, ...) can analyze and debug it. Since the source code is interpreted and not compiled, we are certain that it will be one that actually runs during real voting.
   
4. in case of failure of a polling booth it can simply be replaced with a new one. Votes collected by the failed booth are not lost since poll workers count the VVBPs stored inside the ballot box of the failed booth
5. in case of failure of a managing booth it is replaced with a new one withouth any harm since managing booths don't store votes
6. the transmission of polling rooms results to the Internet can also be done online provided that the connection of the managing booths to any external network is visible (done by cable and not wireless) and it is always unplugged during voting. Poll workers and public opinion must verify that the network cable is plugged into the managing booths only after they have made public their results. If we can't rely on such 'democratic control' acting on all polling rooms, then it is better not to use any external link and transmit results offline (by computers not connected to any booth, by fax, by phone, by paper official statements...)
7. ClearVoting doesn't have the list of eligible electors of each polling room (for an obvious problem of privacy during the distribution of the media). Nor is ClearVoting connected to any external network (for an obvious problem of security). Neverthelss the list of eligible electors is necesary in each polling room. If a computer is to be used for such purpose, then it must be not connected to any booth of the polling room because this is the only way to be sure that nobody can ever manipulate polling rooms’ results.
8. votes are absolutely anonymous because no reference to their voters is ever stored by ClearVoting. Neverthelss collecting the name of electors who actually voted is necessary (e.g. it can prevent a voter to vote more than once). If a computer is to be used for such purpose, then it must be not connected to any booth of the polling room because this is the only way to be sure that nobody can ever manipulate polling rooms’ results.