Both MS Word and PDF have leaked redacted/removed information in the past. Wasting paper given the severity of some of these leaks is minimal cost.
With software you either need vetted and approved, very expensive software, or you have to accept a much higher error rate, because the operator cannot verify the results of the process with certainty.
An election doesn't need to be tamper-proof we just need to be able to detect tampering well enough to make tampering a loser's game.
[0] https://www.atlasobscura.com/articles/pointing-and-calling-j...
So, not only do you have the energy-investment thing noted in the/a sibling comment, you have the issue that there's no giant "THIS IS AN IMAGE" or "THIS HAS TEXT IN IT" that you can just Look At and know that yeah the document is okay. There's no lowest-common-denominator provability thing. You have to hyperspecifically know what to look for (render to image) then know how to verify whether it's an image or not.
And... how do you verify if it's an image? I don't have any PDF authoring/editing software on this machine, so the only thing I can think of is checking the Undo menu for "convert to image" or similar.
Under the hood, you created a new document, rasterize the original document page by page as JPEG, and insert the JPEGs back to the new document.
You can even create a fake "printer", that outputs a PDF with rasterized images as pages, so you don't have to teach the office clerks to anything extra.
To me, it seems to be indistinguishable from printing and scanning.
PS: It's pretty easy to verify if the page contains nothing but an image, programmically, especially if you also wrote the software that rasterize it in the first place.
