BOX 2.1
Absentee Voting

In many places, absentee voting couples a number of mechanisms in order to achieve authentication, authorization to vote exactly once, and the confidentiality of the ballot itself. The voter’s identity is checked by way of a signature, both at application time and on the outer envelope of the ballot itself. A suitable entry in some sort of recordkeeping system is used to record that this person has already been issued a ballot. But the ballot itself is sealed inside an inner, anonymous envelope; this envelope is not opened until after it has been separated from the outer, authenticated (and nonanonymous) envelope. The two events are separated temporally and spatially. Despite the authentication of the voter (by means of the signature), a measure of privacy protection is achieved through a combination of the two envelopes and rigid procedures.