it can also be quite secure because it's based on cryptographic signatures, and you can constrain the set you look at by the white list of a relay. i mentioned the idea of adding a feature to polls where you could specify a limited set of users that would be valid for voting on it as well, this could be a basis for organisational decisions, but you could just use the relay whitelist for this, a specialised relay that only accepts poll events, for example