Tagged election reform

Blockchains for Elections, in Maine: “Don’t Be Hasty”

Many have noted with interest some draft legislation in Maine that mandates the exploration of how to use blockchain technology to further election transparency.  My comment is, to quote one well known sage, “Don’t Be Hasty”. First, though, let me say that I am very much in favor of any state resolving to study the use of innovative tech elections, even one as widely misunderstood as blockchains. This bill is no exception: study is a great idea.

However, there is already elsewhere a considerable amount of haste in the elections world, with many enthusiasts and over a dozen startups thinking that since blockchains have revolutionized anonymous financial transactions — especially via BitCoin — elections can benefit too. But actually not a lot, at least in terms of voting. As one of my colleagues who is an expert on both elections and advanced cryptography says, “Blockchain voting is just a bad idea – even for people who like online voting.” It will take some time and serious R&D to wrestle to the ground whether and how blockchains can be one of (my count) about half a dozen innovative ingredients that might make online voting worth trying.

However, in the meantime, there are plenty of immediate term good uses of blockchain technology for election transparency, including two of my favorites that could be put into place fairly quickly in Maine, if the study finds it worthwhile.

  1. In one case, each transaction is a change to the voter rolls: adding or deleting a voter, or updating a voter’s name or location or eligibility. Publication — with provenance — would provide the transparency needed to find the truth or lack thereof of claims of “voter roll purging” that crop up in every election.
  2. In the other case, each transaction is either that of a voter checking in to vote in person — via a poll book paper or digital — or having their absentee ballot received, counted, or rejected. I hope the transparency value is evident in the public knowing in detail who did and didn’t vote in a given election.

In each case, there is a public interest in knowing the entirety of a set of transactions that have an impact on every election, and in being able to know that claimed log of transaction records is the legitimate log. Without that assurance of “data provenance” there are real risks of disinformation and confusion, to the detriment of confidence in elections, and confusion rather than transparency. Publication of these types transaction data, with the use of blockchains, can provide the provenance that’s needed for both confidence and transparency. Figuring out the details will require study — Don’t Be Hasty — but it would be a big step in election transparency. Go Maine!

— EJS

A Response to POLITICO: Election Infrastructure as Critical Infrastructure

Below is a letter prepared by co-founders Gregory Miller and John Sebes sent to Tim Starks and Cory Bennett of POLITICO, who cover cyber-security issues.  A formatted version is here.  The signal-to-noise ratio on this subject is rapidly decreasing.  There seems to be some fundamental misunderstandings of the challenges local election officials (LEOs) face; the process by which the equipment is qualified for deployment (albeit decrepit archaic technology by today’s standards); what the vulnerabilities are (and are not); and why a designation of “critical infrastructure” is an important consideration.  We attempt to address some of those points in this response to Tim’s otherwise really good coverage.

Tim Starks
tstarks@politico.com
Morning Cybersecurity Column
POLITICO
1000 Wilson Blvd, 8th Floor,
Arlington, VA, 22209

RE:      11.August Article on Whether to Designate Election Infrastructure as Critical Infrastructure

Greetings Tim

I am a co-founder of the OSET Foundation, a 501.c.3 nonprofit election technology research institute in the Silicon Valley.  I’m writing in response to your article this week in Morning Cybersecurity:

ANOTHER VIEW ON ELECTIONS AS “CRITICAL INFRASTRUCTURE” –
Maybe classifying the election system as part of the nation’s “critical infrastructure” isn’t so wise.

We’ve been on a public benefit mission to innovate electoral technology since 2006.  We’re a group of tech-sector social entrepreneurs bringing years of experience from our former employers like Apple, Facebook, Mozilla, Netscape, and elsewhere to bear on innovating America’s “critical democracy infrastructure” —a term we coined nearly a decade ago.

We’re working with elections officials across the country to develop a publicly owned democracy operating system called ElectOS™ in order to update and upgrade America’s voting systems with innovations that will increase integrity and improve participation for 1/3rd the cost of today’s aging systems.  ElectOS will innovate voting machinery the way Android® has innovated smart phones and mobile devices.  Both are freely available (oropen source”), and like Android, we believe ElectOS will one day enjoy a flourishing commercial market to sustain its continued innovation, deployment, and support.

We’ve been studying the challenges of election administration infrastructure for a decade.  So, we read with great interest your article regarding another viewpoint about making a critical infrastructure designation for our nation’s deteriorating, obsolete, and vulnerable voting infrastructure.  There are elements of your article we agree with (and more specifically comments of Cris Thomas), and there are points that we disagree with because they reveal some misunderstanding of the realities of election administration and the processes of managing the machinery today.  Thus, we were compelled to write you and share these clarifications.

We hope our comments are helpful going forward as you continue to cover this important topic, especially in light of the current election season and the delicate issues being raised by at least one candidate and other media.  Good on you for covering this. Below please find our (hopefully helpful) contributions to your effort.  Relevant portions of your article appear indented in blue.

In recent days, a growing chorus of experts and policy makers have backed a proposal to give elections the same level of federal security protections that the government already grants other so-called critical infrastructure, such as the power grid or financial industry.

First, we believe it’s important to be very clear on what elections infrastructure are we talking about?  We should be discussing voting technology operated by Local Election Officials (“LEOs”), and not web sites and eMail servers run by political NGOs.

Sure, the recent attacks on NGOs are a wake-up call for a variety of potential attacks on real Election Infrastructure (“EI”) and peripheral targets.  But the Critical Infrastructure (“CI”) designation should be for core EI; that is, voting machines and the election administration software and systems that manage voting machinery.

But an old school hacker who was part of the L0pht collective says such a change might do more harm than good.  “Classifying voting computers as critical infrastructure is going to cause a lot of headaches at the local level,” Cris Thomas, aka “Space Rogue,” tells MC [MC = “POLITICO Morning Cybersecurity”].

Critical Election Infrastructure (“CEI”) is not very different than other locally managed CI.  Not all CI is big corporate IT like financial transaction processing systems, or government-operated systems like the ATC, or quasi-public technology like the power grid operated by a variety organizations, but subject to many government regulations.  By contrast, we already have CI that is local, including local government operated.  For example, there are small local water utilities and municipal water treatment organizations.  Local first responders’ infrastructure is CI as well.  So, there is plenty of precedent for giving a CI designation to locally managed assets.

Because elections, even national elections, have been historically treated as a local event; having a federal designation as critical infrastructure will fundamentally change how we have handled our elections for the last 240 years.

CEI designation will not cause a fundamental change in the current situation where U.S. elections are a local matter.  Mr. Thomas is mistaken on this one point.  Local election organizations will have the same responsibilities, plus some new ones for managing CI.  But a county election administrator will still manage elections the day after or even the year after a critical infrastructure designation.  That cannot, should not, and will not change.

Thomas, now a strategist at Tenable Network Security, says the idea misses the point: We need to remain focused on the security concerns of the current system, which fall into two areas. First, many manufacturers are not testing the systems well enough before selling them to municipalities, often using off-the-shelf hardware and software with minimal security and using things like default, hard-coded passwords.

Of course, the existing voting machines have technical security issues—and at the risk of reading like we’re overly defending vendors, what computing system has none?  And of course, it’s also true that a CI designation won’t change these products’ default security posture.

at the same time, the local government certification agencies seldom have the time, resources and knowledge to properly test these computers for vulnerabilities, …

The same is true regarding certification process, although Mr. Thomas is mistaken about that process itself.  There are notlocal certification agencies,” but rather Federal and State organizations that certify the systems local (county) election jurisdictions are authorized to use. Nevertheless a CI designation will not increase the rigor of the certification process, and it won’t increase the capability of LEOs to do technical scrutiny of their own.

and often just accept a manufacturer’s claims of security.

We must also take exception on Mr. Thomas’s last comment.  The idea of certification sometimes amounts to “just accepting vendor security claims” —cannot be, and is not the case.  Although the current certification process isn’t as strong as we’d like, and though nearly all stakeholders want improvement, there are already clear requirements for vendors to demonstrate compliance with security related requirements.  On the other hand, misleading vendor claims about security can sway LEOs when selecting a certified system (and the choices are down to three vendors).

[T]he result is a system that our entire democracy depends on, which is run with minimal, easily bypassed security.

Sure, but its a mistake to focus solely on technical security problems of voting machines, particularly since these systems are not going to be replaced with better technology immediately upon a CI designation.  In the near term, the impact of CEI will be more on people and process, and less on technology itself.  LEOs will need help to build organizational capacity and expertise to manage physical assets as critical infrastructure, with physical security, personnel security, increased operational security processes, and the ability to demonstrate that a variety of kinds of people and process controls are actually being followed rather than merely mandated.

So, improvements in the human aspects and processes are the immediate value of a Critical Election Infrastructure designation.  Such a designation would need to clearly state that our local election officials (LEOs) are custodians of not just critical infrastructure, but infrastructure that is critical to our national security.

That’s never been a responsibility for LEOs, and many LEOs will be dismayed that they will be called upon to operate in ways that they never imagined would be important.  It will require long-term capacity building.  In the short term, there are many improvements in people and process that are possible, although unlikely unless there is a high sense of urgency and importance.  The designation of election infrastructure and critical infrastructure, however, can help create and maintain that urgency.

A better approach, Thomas says, is to increase funding for the National Voluntary Laboratory Accreditation Program run by NIST and the U.S. Election Assistance Commission.

We agree in principle, but this is not mutually exclusive with Critical Infrastructure.  Clearly, there is room for improvement, and NIST and EAC have important roles.  With Critical Election Infrastructure, their roles would need to enlarge, but reasonably so.

We also agree that more funding for these organizations’ election integrity efforts are necessary, but doing so is not an either / or decision in consideration of other aspects of CEI.  If Election Infrastructure is truly “critical” then several things must occur, including, but not limited to the additional support for NIST and EAC that Mr. Thomas is encouraging.

Here are three examples of improvement that a Critical Election Infrastructure designation would enable —though additional funding and expertise would be required.

  1. Do not connect anything relating to ballots, counting, voter check-in, etc. to the Internet, ever—and in many cases no local wireless networking should be allowed.  With CEI, using an Internet connection is no longer a convenience or shortcut in the grey area of safety—it’s a possible vulnerability with national security implications.
  2. Physically secure the election back-office systems.  The typical election management system (EMS) is a nearly decade old Microsoft Windows based application running on Personal Computers no longer manufactured, that are as easy to break into (“black hack”) as any ordinary PC.  Yet, they are the brains of the voting system, and “program” the voting machines for each election.  So put them in locked rooms, with physical access controls to ensure that only authorized people every touch them, and never one person alone.
  3. Perform physical chain of custody really well (i.e., for machines, paper ballots, poll books, precinct operations logs, —everything), with measurable compliance, and transparency on those measurements.  It’s just not reasonable to expect LEO Operations to do excellent physical chain of custody routinely everywhere, if these physical assets are not classed as CI.  They’re not funded or trained to operate physical security at a CI level.  So, there is plenty of room for improvement here, including new responsibility, resources, training, and accountability.  All of this may be low hanging fruit for improvement (not perfection) in the near term, but only if the mandate of CEI is made.

We hope this is helpful.  We’re glad to discuss issues of election integrity, security, and innovation whenever you want.  The co-founders have been in the technology sector for three decades.  Both have worked on critical infrastructure initiatives for the government.  The OSET CTO, John Sebes has been in digital security for over 30-years and is deeply experienced with the policy, protocols, and tools of systems and facilities security.  Our Advisory Board includes former US CTO Aneesh Chopra, digital security expert and CSO of Salesforce.com, Dr. Taher Elgamal, global expert on elections systems integrity, Dr. Joe Kiniry, DHS Cyber-Security Directorate Dr. Douglas Maughan, and several former state election officials.

Respectfully,

Gregory A. Miller
Co-Founder & Chief Development Officer

Showtime: OSET/TrustTheVote Project Appearing at DNC Convention Strategic Forum Event

(This is a x-post from Ms. Voting Matters’ announcement on the OSET Institute’s corporate site.)

We are totally excited about an amazing opportunity tomorrow, Tuesday July 26th, to appear at an event as part of the Democrat National Convention.

The only thing that would make this truly complete is if the Republican National Convention had also invited us (we asked, and although we’re pleased to be working with several in the RNC infrastructure, making something happen was not possible.)

But the New Democrat Network (NDN) and the New Policy Institute did reach out to us and invited us to their premier Strategy Forum now being held at its 4th Democrat National Convention.  So, we’re focused on presenting to an audience estimated to exceed 1,000 per latest projections based on RSVPs as of yesterday (over 900).  This is truly an amazing opportunity for us to spread the story of our work and we’re deeply appreciative of the NDN’s invitation.

The event, “Looking Ahead: Talks on the Future of America and American Politics” is bringing together a collection of amazing thought-leaders on the future and innovation of democracy including experts such as Ari Berman, Alec Ross, Joel Gamble, Jose Antonio Vargas, and others.

The title of our presentation is: “Modernizing Our Election Technology Can Make Our Democracy Better.”

This will not be telecast, although we’re still waiting word about a webcast, video stream, or recording of the sessions.  We’ll update this as soon as we know.

However, part of our presentation will be the launch of a new 2 minute video vignette about the looming problem of obsolete voting machinery and our approach to help bring about innovation which will increase integrity, lower costs, improve participation, and rejuvenate a flagging industry with new technology to innovate the business of delivering finished voting systems. That video will be available on YouTube tomorrow afternoon, and we will add a comment to this post and update it accordingly.

OSET’s Director Citizen Outreach, Meegan Gregg, and the Foundation’s Co-Founder, Gregory Miller will deliver this “Ted-Talk” -like presentation at 12:20pm EDT at the Convention Center in Philadelphia.  It should be a great time and a huge (oops) opportunity.

PCEA Report Finally Out: The Real Opportunity for Innovation Inside

PCEACoverThis week the PCEA finally released its long-awaited report to the President.  Its loaded with good recommendations.  Over the next several days or posts we’ll give you our take on some of them.  For the moment, we want to call your attention to a couple of under-pinning elements now that its done.

The Resource Behind the Resources

Early in the formation of what initially was referred to as the “Bauer-Ginsberg Commission” we were asked to visit the co-chairs in Washington D.C. to chat about technology experts and resources.  We have a Board member who knows them both and when asked we were honored to respond.

Early on we advised the Co-Chairs that their research would be incomplete without speaking with several election technology experts, and of course they agreed.  The question was how to create a means to do so and not bog down the progress governed by layers of necessary administrative regulations.

I take a paragraph here to observe that I was very impressed in our initial meeting with Bob Bauer and Ben Ginsberg.  Despite being polar political opposites they demonstrated how Washington should work: they were respectful, collegial, sought compromise to advance the common agenda and seemed to be intent on checking politics at the door in order to get work done.  It was refreshing and restored my faith that somewhere in the District there remains a potential for government to actually work for the people.  I digress.

We advised them that looking to the CalTech-MIT Voting Project would definitely be one resource they could benefit from having.

We offered our own organization, but with our tax exempt status still pending, it would be difficult politically and otherwise to rely on us much in a visible manner.

So the Chairs asked us if we could pull together a list — not an official subcommittee mind you, but a list of the top “go to” minds in the elections technology domain.  We agreed and began a several week process of vetting a list that needed to be winnowed down to about 20 for manageability  These experts would be brought in individually as desired, or collectively  — it was to be figured out later which would be most administratively expedient.  Several of our readers, supporters, and those who know us were aware of this confidential effort.  The challenge was lack of time to run the entire process of public recruiting and selection.  So, they asked us to help expedite that, having determined we could gather the best in short order.

And that was fine because anyone was entitled to contact the Commission, submit letters and comments and come testify or speak at the several public hearings to be held.

So we did that.  And several of that group were in fact utilized.  Not everyone though, and that was kind of disappointing, but a function of the timing constraints.

The next major resource we advised they had to include besides CalTech-MIT and a tech advisory group was Rock The Vote.  And that was because (notwithstanding they being a technology partner of ours) Rock The Vote has its ear to the rails of new and young voters starting with their registration experience and initial opportunity to cast their ballot.

Finally we noted that there were a couple of other resources they really could not afford to over-look including the Verified Voting Foundation, and L.A. County’s VSAP Project and Travis County’s StarVote Project.

The outcome of all of that brings me to the meat of this post about the PCEA Report and our real contribution.  Sure, we had some behind the scenes involvement as I describe above.  No big deal.  We hope it helped.

The Real Opportunity for Innovation

But the real opportunity to contribute came in the creation of the PCEA Web Site and its resource toolkit pages.

On that site, the PCEA took our advice and chose to utilize Rock The Vote’s open source voter registration tools and specifically the foundational elements the TrustTheVote Project has built for a States’ Voter Information Services Portal.

Together, Rock The Vote and the TrustTheVote Project are able to showcase the open source software that any State can adopt, adapt, and deploy–for free (at least the adoption part) and without having to reinvent the wheel by paying for a ground-up custom build of their own online voter registration and information services portal.

We submit that this resource on their PCEA web site represents an important ingredient to injecting innovation into a stagnant technology environment of today’s elections and voting systems world.

For the first time, there is production-ready open source software available for an important part of an elections official’s administrative responsibilities that can lower costs, accelerate deployment and catalyze innovation.

To be sure, its only a start — its lower hanging fruit of an election technology platform that doesn’t require any sort of certification. With our exempt status in place, and lots of things happening we’ll soon share, there is more, much more, to come.  But this is a start.

There is a 112 pages of goodness in the PCEA report.  And there are some elements in there that deserve further discussion.  But we humbly assert its the availability of some open source software on their resource web site that we think represents a quiet breakthrough in elections technology innovation.

The news has been considerable.  So, yep, we admit it.  We’re oozing pride today.
And we owe it to your continued support of our cause.
Thank you!

GAM | out

Crowd Sourcing Polling Place Wait Times

Long lines at the polling place are becoming a thorn in our democracy.

We realized a few months ago that our elections technology framework data layer could provide information that when combined with community-based information gathering might lessen the discomfort of that thorn.  Actually, that realization happened while hearing friends extol the virtues of Waze.  Simply enough, the idea was crowd-sourcing wait information to at least gain some insight on how busy a polling place might be at the time one wants to go cast their ballot.

Well, to be sure, lots of people are noodling around lots of good ideas and there is certainly no shortage of discussion on the topic of polling place performance.  And, we’re all aware that the President has taken issue with it and after a couple of mentions in speeches, created the Bauer-Ginsberg Commission.  So, it seems reasonable to assume this idea of engaging some self-reporting isn’t entirely novel.

After all, its kewl to imagine being able to tell – in real time – what the current wait time at the polling place is, so a voter can avoid the crowds, or a news organization can track the hot spots of long lines.  We do some “ideating” below but first I offer three observations from our noodling:

  • It really is a good idea; but
  • There’s a large lemon in it; yet
  • We have the recipe for some decent lemonade.

Here’s the Ideation Part

Wouldn’t it be great if everybody could use an app on their smarty phone to say, “Hi All, its me, I just arrived at my polling place, the line looks a bit long.” and then later, “Me again, OK, just finished voting, and geesh, like 90 minutes from start to finish… not so good,” or “Me again, I’m bailing.  Need to get to airport.”

And wouldn’t it be great if all that input from every voter was gathered in the cloud somehow, so I could look-up my polling place, see the wait time, the trend line of wait times, the percentage of my precinct’s non-absentee voters who already voted, and other helpful stuff?  And wouldn’t it be interesting if the news media could show a real time view across a whole county or State?

Well, if you’re reading this, I bet you agree, “Yes, yes it would.”  Sure.  Except for one thing.  To be really useful it would have to be accurate.  And if there is a question about accuracy (ah shoot, ya know where this is going, don-cha?) Yes, there is always that Grinch called “abuse.”

Sigh. We know from recent big elections that apparently, partisan organizations are sometimes willing to spend lots of money on billboard ads, spam campaigns, robo-calls, and so on, to actually try to discourage people from going to the polls, within targeted locales and/or demographics. So, we could expect this great idea, in some cases, to fall afoul of similar abuse.  And that’s the fat lemon.

But, please read on.

Now, we can imagine some frequent readers spinning up to accuse us of wanting everything to be perfectly secure, of letting the best be the enemy of the good, and noting that nothing will ever be accomplished if first every objection must be overcome. On other days, they might be right, but not so much today.

We don’t believe this polling place traffic monitoring service idea requires the invention of some new security, or integrity, or privacy stuff.  On the other hand, relying on the honor system is probably not right either.  Instead, we think that in real life something like this would have a much better chance of launch and sustained benefit, if it were based on some existing model of voters doing mobile computing in responsible way that’s not trivial to abuse like the honor system.

And that lead us to the good news – you see, we have such an existing model, in real life. That’s the new ingredient, along with that lemon above, and a little innovative sugar, for the lemonade that I mentioned.

Stay tuned for Part 2, and while waiting you might glance at this.

The 2013 Annual Elections Verification Conference Opens Tonight

If its Wednesday 13.March it must be Atlanta.  And that means the opening evening reception for the Elections Verification Network‘s 2013 Annual Conference.  We’re high on this gathering of elections officials, experts, academicians and advocates because it represents a unique interdisciplinary collaboration of technologists, policy wonks and legal experts, and even politicians all with a common goal: trustworthy elections.

The OSDV Foundation is proud to be a major sponsor of this event.  We do so because it is precisely these kinds of forums where discussions about innovation in HOW America votes take place and it represents a rich opportunity for collaboration, debate, education, and sharing.  We always learn much and share our own research and development efforts as directed by our stakeholders — those State and local elections officials who are the beneficiaries of our charitable work to bring increased accuracy, transparency, verification, and security (i.e., the 4 pillars of trustworthiness) to elections technology reform through education, research and development for elections technology innovation.

Below are my opening remarks to be delivered this evening or tomorrow morning, at the pleasure of the Planning Committee depending on how they slot the major sponsors opportunities to address the attendees.  We believe there are 3 points we wanted to get across in opening remarks: [1] why we support the EVN; [2] why there is a growing energy around increased election verification efforts, and [3] how the EVN can drive that movement forward…..

Greetings Attendees!

On behalf of the EVN Planning Committee and the Open Source Digital Voting Foundation I want to welcome everyone to the 2013 Elections Verification Network Annual Conference.  As a major conference supporter, the Planning Committee asked if I, on behalf of the OSDV Foundation, would take 3 minutes to share 3 things with you:

  • 1st, why the Foundation decided to help underwrite this Conference;
  • 2nd, why we believe there is a growing energy and excitement around election verification; and
  • 3rd, how the EVN can bring significant value to this growing movement

So, we decided to make a major commitment to underwriting and participating in this conference for two reasons:

  1. We want to strengthen the work of this diverse group of stakeholders and do all that we can to fortify this gathering to make it the premier event of its kind; and
  2. The work of the EVN is vital to our own mission because there are 4 pillars to trustworthy elections: Accuracy, Transparency, Verification, and Security, and the goals and objectives of these four elements require enormous input from all stakeholders.  The time to raise awareness, increase visibility, and catalyze participation is now, more than ever.  Which leads to point about the movement.

We believe the new energy and excitement being felt around election verification is due primarily to 4 developments, which when viewed in the aggregate, illustrates an emerging movement.  Let’s consider them quickly:

  1. First, we’re witnessing an increasing number of elections officials considering “forklift upgrades” in their elections systems, which are driving public-government partnerships to explore and ideate on real innovation – the Travis County Star Project and the LA County’s VSAP come to mind as two showcase examples, which are, in turn, catalyzing downstream activities in smaller jurisdictions;
  2. The FOCE conference in CA, backed by the James Irvine Foundation was a public coming out of sorts to convene technologists, policy experts, and advocates in a collaborative fashion;
  3. The recent NIST Conferences have also raised the profile as a convener of all stakeholders in an interdisciplinary fashion; and finally,
  4. The President’s recent SOTU speech and the resulting Bauer-Ginsberg Commission arguably will provide the highest level of visibility to date on the topic of improving access to voting.  And this plays into EVN’s goals and objectives for elections verification.  You see, while on its face the visible driver is fair access to the ballot, the underlying aspect soon to become visible is the reliability, security, and verifiability of the processes that make fair access possible.  And that leads to my final point this morning:

The EVN can bring significant value to this increased energy, excitement, and resulting movement if we can catalyze a cross pollination of ideas and rapidly increase awareness across the country.  In fact, we spend lots of time talking amongst ourselves.  It’s time to spread the word.  This is critical because while elections are highly decentralized, there are common principles that must be woven into the fabric of every process in every jurisdiction.  That said, we think spreading the word requires 3 objectives:

  1. Maintaining intellectual honesty when discussing the complicated cocktail of technology, policy, and politics;
  2. Sustaining a balanced approach of guarded optimism with an embracing of the potential for innovation; and
  3. Encouraging a breadth of problem awareness, possible solutions, and pragmatism in their application, because one size will never fit all.

So, welcome again, and lets make the 2013 EVN Conference a change agent for raising awareness, increasing knowledge, and catalyzing a nationwide movement to adopt the agenda of elections verification.

Thanks again, and best wishes for a productive couple of days.

Temporarily Missing, But Still in Action

Happy “Holidaze”

On the eve of 2012 we so need to check in here and let you know we’re still fighting the good fight and have been totally distracted by a bunch of activities.  There is much to catch you up on and we’ll start doing that in the ensuing days,  but for now we simply wanted to check in and wish everyone a peaceful and prosperous new year.  And of course, we intend that to “prosper” is to enrich yourself in any number of ways, not simply financially, but intellectually, physically, and spiritually as well… how ever you chose to do so 😉

Looking back while looking ahead, as this afternoon before the new year urges us all to do, we are thankful for the great headway we made in 2011 (and we’ll have much more to say about those accomplishments separately), and we are energized (and resting up) for the exciting and intense election year ahead.  And that brings me to two thoughts I want to share as we approach the celebration of this New Year’s Eve 2011.

1. A Near #FAIL

First, if there was one effort or project that approached “#fail” for us this year it was our intended work to produce a new open data, open source elections night reporting system for Travis County, TX, Orange County, CA and others.  We were “provisionally chosen” by Travis County pending our ability to shore up a gap in the required funding to complete some jurisdiction specific capabilities.

We approached prospective backers in addition to our current ones and unfortunately we could not get everyone on board quickly enough, and tried to do so on the eve of their budgetary commitments being finalized for other 2012 election year funding commitments, mostly around voter enfranchisement (more on that in a moment.)  We were short answers to 2 questions of Travis County, the answers to which well could have dramatically reduced the remaining fund gap requirement and allowed us to accelerate toward final selection and be ready in time for 2012.

For unexplained reasons, Travis County has fallen silent to answer any of our questions, respond to any of our inquiries, or even continue to advance our discussions.  We fear that something has happened in their procurement process and they simply haven’t gotten around to the courtesy of letting us know.  This is frustrating because we’ve been left in a state of purgatory — really unable to determine where and how to allocate resources without this resolved.  The buck stops with me (Gregory) on this point as I should’ve pushed harder for answers from both sides: Travis on the technical issues and our Backers on the funding question.

I say this was a “near #fail” because it clearly is unresolved: we know Orange County, as well as other jurisdictions, and media channels such as the AP remain quite keen on our design, the capabilities for mobile delivery, the open data, and of course the open source alternative to expensive (on a total cost of ownership or “TCO” basis) proprietary black-box solutions.  Moreover, the election night reporting system is a “not insignificant” component to our open source elections technology framework, and its design and development will continue.  And perhaps we’ll get some clarity on Travis County, close the funding gap, and get that service launched in time for next Fall’s election frenzy.  Stay tuned.

So, that is but one of several distractions that allowed this vital blog to sit idle for the last half of summer and all of the Fall.  We’ll share more about the other distractions in  upcoming posts as we get underway with 2012.  But I have a closing comment about the 2012 election season in this final evening of 2011.

2.  The 2012 Battles on the Front-lines of Democracy Will Start at the Polling Place

Millions of additional Americans will be required to present photo ID when they arrive at the polls in four states next year.  Kansas, Rhode Island, Tennessee and Texas will require voters to prove their identities, bringing the total number of States to 30 that require some form of voter identification, this according to the National Conference of State Legislatures.

This is an issue that has reached the boiling point and we predict will set off a storm of lawsuits (and they are happening already).  It ranks very close to redistricting in terms of its impact on voter enfranchisement according to one side of the argument.  Opponents also argue that such regulations impose an unfair barrier to those who are less likely to have photo IDs, including the poor and the elderly.  The proponents stand steadfast that the real issue is voter fraud and this is the best way to address it.  Of course, the trouble with that argument is that after a five-year U.S. DoJ probe lasting across two different administrations found little (53 cases) discernible evidence of widespread voter fraud.   And yet, there are also reasonable arguments suggesting that regardless of voter fraud, there seems to be no difficulty in our elderly, disabled or poor obtaining ID cards (where required) in order to enable them to obtain Medicare, Medicaid and food stamps.

To be clear: the Foundation has no opinion on the matter of voter ID.  We see arguments on both sides.  Our focus is simply this: any voter identification process must be fair, not burdensome, transparent, and uniformly applied.  We’re far more vested in how to make technology to facilitate friction-free access to the polling place that produces a verifiable, audit-ready, and accountable paper trail for all votes.  We do believe that implementing voter ID as a means to restrict the vote is troublesome… as troublesome as preventing voter ID in order to passively enable those who are not entitled as a matter of citizenship to cast a ballot.

Regardless of how you come down on this issue, we believe it will be where the battles begin in the 2012 election season over enfranchising or disenfranchising voters begins.

And with that, we say, 2012: bring it.  We’re ready.  Be there: its going to be an interesting experience.  Here we go.
Cheers
Greg

On the NYT Article: “Voting Early, but Not So Often”

We’ve been paying attention to early voting in this election cycle, because it is both an increasing trend, and also a form of voting that has significant impact on some our next-stage election technology efforts around polling-place — or early voting place — operations and technology.

As we were told by MN SoS Mark Ritchie (reflecting on the high vote-by-mail turnout in 2008), one reason for election officials’ interest in early voting is that it may increase participation overall, but decrease reliance on vote-by-mail (VBM). VBM is another way of voting early, but one that places significant burden on local election officials (remember the “Lizard People” ballot?) that some might prefer to shift to early voting.

That made sense to me personally, but there is more than meets the eye, as reported by the New York Times: “Voting Early, but Not So Often

Apparently, the availability of early voting, by itself, appears to actually decrease total participation. However, when combined with same-day registration, the net effect is positive. But don’t take it from me, read the article and see what Professors Burden and Mayer of U. Wisconsin found out.

The connection with same-day registration brings up a tricky policy question, though. Because until recently, there was not a lot of early voting, the phrase “same-day registration” has typically been understood in the context of election day: you go to what you think is your proper polling place, fill out a voter registration form, vote (or vote provisionally) and hope that everything gets sorted out correctly in the election-day flurry and that you actually voted.  (I’ve certainly heard first hand cases where this didn’t actually work out exactly right.)  Same-day registration is a bit controversial because of some folks’ concern for abuse and voter fraud; and also because of other folks concern about proper follow-through and enfranchisement or lack thereof.

But in the context of early voting, same day registration might be less concerning on both counts, and more amenable to public transparency than your typical volunteer-run polling place — with some assistance by appropriate election technology. 🙂 That’s one reason for our interest in furthering our work on voter-registration technology, and polling-place technology, and maybe even coming up with a chocolate/peanut butter-like combo that hits the spot.

There’s certainly more to learn about what’s required, but the good news is that in this election cycle, we have many sources for that learning.

— EJS

UOCAVA Remote Voting Workshop Makes a Strong Finish

24 hours ago I, along with some others, was actually considering asking for a refund.  We had come to the EAC, NIST, and FVAP co-hosted UOCAVA Remote Voting Systems 2 Day Workshop, expecting to feast on some fine discussions about the technical details and nuances of building remote voting systems for overseas voters that could muster the demands of security and privacy.  And instead we had witnessed an intellectual food fight of ideology.

That all changed in a big way today.

The producers and moderators of the event, I suspect sensing the potential side effects of yesterdays outcome — came together, somehow collectively made some adjustments (in moderation techniques, approach, and topic tweaking), and pulled off an excellent, informative day full of the kind of discourse I willingly laid down money (the Foundation’s money no less) in the first place to attend.

My hat is off; NIST and EAC on the whole did a great job with a comeback performance today that nearly excused all of what we witnessed yesterday.  Today, they exhibited self deprecating humor, and even had elections officials playing up their drunk driver characterization from the day before.

Let me share below what we covered; it was substantive.  It was detailed.  And it was tiring, but in a good way.  Here it is:

Breakout Session – Voter Authentication and Privacy

–Identified voter authentication and privacy characteristics and risks of the current UOCAVA voting process.

–Identified potential risks related to voter authentication and privacy of remote electronic absentee voting systems. For example, the group considered:

  • Ballot secrecy
  • Coercion and/or vote selling
  • Voter registration databases and voter lists
  • Strength of authentication mechanisms
  • Susceptibility to phishing/social engineering
  • Usability and accessibility of authentication mechanisms
  • Voter autonomy
  • Other potential risks

–Considered measures and/or criteria for assessing and quantifying identified risks and their potential impacts.

  • How do these compare to those of the current UOCAVA voting processes?

–Identified properties or characteristics of remote digital voting absentee voting systems that could provide comparable authentication mechanisms and privacy protections as the current UOCAVA voting process

–Considered currently available technologies that can mitigate the identified risks. How do the properties or characteristics of these technologies compare to those of the current UOCAVA voting process?

–Started to identify and discuss emerging or future research areas that hold promise for improving voter authentication and/or privacy.  For example:

  • Biometrics (e.g., speaker voice identification)
  • Novel authentication methods

–Chatted about cryptographic voting protocols and other cryptographic technologies

Breakout Session – Network and Host Security

–Identified problems and risks associated with the transmission of blank and voted ballots through the mail in the current UOCAVA voting process.

–Identified risks associated with electronic transmission or processing of blank and voted ballots.  For example, the breakout group considered:

  • Reliability and timeliness of transmission
  • Availability of voting system data and functions
  • Client-side risks to election integrity
  • Server-side risks to election integrity
  • Threats from nation-states
  • Other potential risks

–Considered and discussed measures and/or criteria for assessing and quantifying identified risks and their potential impacts.

  • How do these compare to those of the current UOCAVA voting process

–Identified properties or characteristics of remote digital absentee voting systems that could provide for the transmission of blank and voted ballots at least as reliably and securely as the current UOCAVA voting process.

–Discussed currently available technologies that can mitigate the identified risks and potential impact.

  • How do the properties and characteristics of these technologies compare to those of the current UOCAVA voting process?

–Identified and discussed emerging or future research areas that hold promise for improving network and host security.  For example:

  • Trusted computer and trusted platform models
  • End point security posture checking
  • Cloud computing
  • Virtualization
  • Semi-controlled platforms (e.g., tablets, smart phones, etc.)
  • Use of a trusted device (e.g., smart card, smart phone, etc.)

As you can see, there was a considerable amount of information covered in each 4 hour session, and then the general assembly reconvened to report on outcomes of each breakout group.

Did we solve any problems today?  Not so much.  Did we come a great deal forward in challenge identification, guiding principles development, and framing the issues that require more research and solution formulation? Absolutely.

Most importantly, John Sebes, our CTO and myself gained a great deal of knowledge we can incorporate into the work of the TrustTheVote Project, had some badly needed clarifying discussions with several, and feel we are moving in the right direction.

We clarified where we stand on use of the Internet in elections (its not time beyond anything but tightly controlled experimentation, and there is a lacking of understanding of the magnitude of resources required to stand up sufficiently hardened data centers to make it work, let alone figuring out problems at the edge.)

And we feel like we made some small contributions to helping the EAC and NIST figure out the kind of test Pilot they wish to stand up as a guiding principles reference model sometime over the next 2 years.

Easily a day’s work for the 50-60 people in attendance over the two days.

Back to the west coast (around 3am for my Pacific colleagues 😉

Its a wrap
GAM|out

San Francisco Voting Task Force Public Hearing

Tomorrow night starting at 4:30PM the San Francisco Voting Systems Task Force is holding a Public Hearing to intake testimony and public comment on its draft prospective recommendations topics.  [Disclosure: I am a member of this Task Force, appointed by the S.F. City & County Board of Supervisors.]

We encourage everyone who can make it to attend and give us your input on these draft proposed recommendations.  This is an early stage document and does not represent any final recommendations of the VSTF.  The Agenda and description can be found here.  The location of the meeting is:

SFCitySeal1 Dr. Carlton B. Goodlett Place,
Room 34 Lower Level

San Francisco, California

If you can’t make it in person, no worries as we’re accepting written input through the 24th of February, which you can submit digitally if you wish to: voting.systems.task.force@sfgov.org or by U.S. Mails (address details on site here).

For those interested in some details; I submitted a letter to the Task Force Chair with some comments of my own on our Draft recommendations under consideration document, and you may wish to have a look at them here.

Cheers
GAM|out