Tagged OSET Foundation

State Certification of Future Voting Systems — 3 Points of Departure

In advance of this week’s EVN Conference, we’ve been talking frequently with colleagues at several election oriented groups about the way forward from the current voting system certification regime. One of the topics for the EVN conference is a shared goal for many of us: how to move toward a near future certification regime that can much better serve state election officials in states that want to have more control, customization, and tailoring of the certification process, to better serve the needs of their local election officials.

Read more

Election Standards, Day 2

The second day of the annual meeting of the Voting System Standards Committee was Friday Feb. 6. I’m concluding my reporting on the meeting with a round up of existing and proposed standards activity that we discussed on day 2. Each item below is about an existing working group, a group in formation, or proposed groups.

Election Process Modeling

This working group isn’t making a standard, but rather a guideline: a semi-formal model for the typical or common processes for U.S. election administration and election operations. The intent here is to document, in a structured manner, the various use cases where there needs to be data transfer from one system, component, or process to another. That will make it much easier to identify and prioritize such cases where data interoperability standards may be needed; from there, folks may choose to form a working group to address some of these needs.

This group is well along under the leadership of LA’s Kenneth Bennett, but still it’s a work in progress. I’ll be reporting more as we go along.

Digital Poll Books

This just formed working group, led by Ohio’s John Dziurlaj, will develop a standard data format for digital poll books. The starting point is to define a format that can accommodate data interchange between a voter registration system and digital pollbook — for example, a list of voters, each one with a name, address, voter status (e.g. in person vs. absentee voter). The reverse flow — all that plus a note of whether each voter checked in to vote, when, etc. — is included as well of course, but there are some other subtler issues. For example, it’s not enough to simply provide the data in that reverse flow; you need to also include data that ensures that the check-in records are from a legitimate source, and not modified. Without that, systems would be vulnerable to tampering that causes some ballots to be counted that shouldn’t, and vice versa. Also, not every pollbook does its job based on purely local pollbook records. Some rely on a callback to a central system that co-ordinates information flow among lots of digital pollbooks, and there are several hybrid models as well.

Also, there are privacy issues. In the paper world, every pollbook record was legally a public document, without including what we would now call “personal identifying information” (PII). More recently, with strong voter ID requirements, a voter check-in needs to include a comparison of a presented ID number (such as a driver’s license number) with the ID number that’s part of a voter’s registration record. Today, such ID numbers are often included in e-pollbook data, but that’s not ideal because each e-pollbook becomes a trove of PII at risk. In the upcoming data standards work, we may be able to include some optional privacy guards, like a way to store PII in cryptographically hashed form, to protect privacy but still enable a valid equivalence check — just the same way that stored-password system do.

Voting Methods Models

This newer group, led by Laura Massa-Lochridge, is also creating not a standard but a guideline to be used as a “standard” reference for other work. In this group, the focus is on the various individual approaches to voting on a ballot item and counting the votes. A familiar one is “vote for one” where the candidate with the most votes is the winner. Also familiar and well understood is “vote for N out of M”. Further, each of these has different semantics; for example, some vote-for-one contests have no winner when no candidate reaches a threshold, thus triggering a run-off. Familiar to some, but not so well understood, is “instant run-off”. In fact there different flavors of IRV, and in some cases it is not actually obvious which one is wanted or used in a particular jurisdiction. From there we get into heavy-duty election geek-dom with ranked choice voting and single transferrable vote.

The goal of this working group is to develop a formal mathematical model specifying precisely what’s meant for each variation of each voting method, with consensus from all who choose to participate, with process, oversight, and validation from an official international standards body. The result should be a great reference for elections officials and legislators to refer to, instead of (as is common now) simply referring to voting method by name, or by writing a counting algorithm into law.

Voting Machine Event Logs

This standard is nearly done, thanks to the leadership of NIST’s John Wack. It deserves more than a bit of explanation because it is a great example of both how the standards work, and the value of standard open data.

Every voting system has components for casting or counting ballots, and U.S. requirements for them include the requirement to do some logging of events that would provide researchers with data to analyze in order to assess how well the components operate, how effectively voters are able to use them, or so forth. Every product does some kind of logging, but each one’s log data format is in a different, proprietary format. So, VSSC has a data standard for log data, to enable vendors to provide logs in a common format that enables log analysis tools to combine and collate data from various systems.

So far, not the most thrilling part of standards work, but necessary to ensure that techies can understand what’s going wrong — or right — with real systems in operation. As many are aware, the current crop of voting system products do seem to misbehave during elections, and it’s important for tech assessment to learn whether there really were any faults (as opposed to operator error) and if so what. However, the curious part of this standard is not that provides a standard format for data common to pretty much every system (that’s why we call them common data formats!) like date/time, event code, event description, etc. Rather, the curious part is that it doesn’t try to provide a complete enumeration of all common events. Sure, most systems have an event that means “Voter cast the ballot” or “Completed scanning a ballot” but one vendor may call this “event 37” and another “event 29”.

Why not enumerate these in the standard? Well, for one thing ,it is hard to get a complete list, and as systems add more logging capabilities over time, the list grows. We want to issue the standard now, and don’t want to bake into it an incomplete list. (Once a standard is issued, it is some work to update it, and typically a standards group would prefer to use their efforts to standardize new stuff rather than revise old standards.) So the approach taken is different. It’s typical of many of the standards we’re working on, which is why I want to explain it for this standard. The approach is to have a particular part of the data format that’s expected to be filled by an event identifier that could be one of a canonical list defined elsewhere. It’s like the standard is saying “this ID field is just a string, but systems can choose to fill it with a string that’s from some canonical list that’s beyond the scope of this standard.” Also, the data format allows for a sort of glossary to be part of a dataset, to enable a dataset to essentially say “you’re going to see a bunch of event 37’s and in my lingo that means voter cast a ballot.”

The intent of course is that systems that conform to the standard will also choose to use this canonical list, which can grow over time, without requiring modifications to the standard. That’s nice but it begs the question: who maintains this list, and how does the maintainer allow people to submit additions to it? Good question. No answer yet, but that’s not a barrier to using the standard, and the early adopters will in essence start the list and figure out who is going manage it.

Event Logs for Voter Records

This is a topic for a to-be-formed working group, focused on issues very similar to those of the Event Log group described above, but for events of a voter records systems. The type of events we’re talking about here are things like: voter registration request rejected (including why); voter’s address change accepted; voter’s absentee ballot accepted for counting; voter’s provisional ballot rejected (and why); voter checked in to vote in person; and so on. The format will likely be pretty similar to the other event log format, and much of the discussion will be similar to above groups: whether there is a complete enumeration of actions or objects; whether to rely on external canonical lists; how to not expose PII, but allow a record can uniquely identify the voter in question (so that we can recognize when multiple events were about the same voter).

What types of interoperability would this support? Automated reporting, and data mining in general — again, larger issue — but one example is that is would support automated reporting that compares military voters to other voters in terms of voting outcomes: numbers and percentages of voters who voted absentee vs. in person, absentee voters who ballots where counted vs. rejected and if so why …

This type of reporting is already required of localities and states to the Federal government, and it is currently very burdensome for many election officials to create. As a result, one of the enthusiastic supporters of this nascent effort is a recently appointed EAC Commissioner who until recently was a state election who was official grumpy over the burden of this type reporting, but is now on the Federal commission requiring the reporting. So you can see that although not the most thrilling human endeavor, standards work can have its elements of irony. 🙂

Cast Vote Records 

Another topic for a to-be-formed working group, this is about how to extend the existing .2 standard (election result reporting) to describe just the votes recorded from a single ballot, together with other data (for example an image of a paper ballot from which the votes were recorded) that would be needed to support ballot audits. The whole larger issue of ballot audits is … larger; but you can read more about it in past posts here (search for “audit”) or elsewhere by a web search on “risk limiting audits elections.”

Ballot Specifications

Another topic for a to-be-formed working group, this is about how to extend the existing .2 standard’s description of ballot items (contests, candidates, referenda, questions, etc.) that is currently limited to what’s needed for results reporting.  The extensions could be limited to extensions needed to display online sample ballots, but could extend much further. Some of us have a particular interest in supporting “interactive sample ballots” which is, again, a larger issue, but more on that as the work unfolds.

Common Identifiers and OCD

Lastly, we also discussed more of the common identifier issue that I reported on earlier in day one. It turns out that this is another instance, thought slightly more complicated, of the issue facing a number of standards that I described above: semantic interoperability. In the .2 standard, we don’t want to bake into it an incomplete list of every possible district, office, precinct, etc. — even though we need common identifiers for these if two datasets can be interpreted as referred to the same things.

So, again, we have the issue of a separate canonical list. However, in this case, the space is huge, and the names (unlike event types) wouldn’t be self-identifying; and the things named could have multiple valid names. So there will no doubt be large directories of information about these political units, using common naming schemes. But to avoid these becoming a large muddle, we do have a smaller problem of smaller canonical lists, for example, a list of the names of all the types of district used in each state. With that, we could use existing naming schemes in a canonical way.

The most promising (by consensus of those working on standards anyway) naming scheme is that of the Open Civic Data project, including IDs of exacting this sort. The scope for OCD-IDs is broad: defining a handle for pretty much any government entity in any country, so that various organizations that have data on those entities can publish that data using a common identifier, enabling others to aggregate the data about those entities. It’s much broader than U.S. electoral districts. However, it’s already in use, including U.S. electoral districts. However, as I described above, the fly in the ointment is that plethora of types of electoral district; for a common unique name, you need to include the type of district, for example, the fire control district in CA’s San Mateo County that’s known as Fire District #3.

OK, so what, who, how will this registry, or directory, or curated list — whatever you might call it — get created and managed? Still a good question, but at least we have some clarity on what needs to be done, and maybe a bit of the how, as well. Stay tuned.

If we had this missing link (a canonical scheme for names of U.S. electoral districts) then we could use OCD-IDs (or extensions of FIPS geo codes for that matter) as an optional but commonly used and standards-based approach for constructing unique identifiers for electoral districts. Organizations that choose to use the naming scheme could issue VSSC.2 datasets that could be aggregated with others that also use the scheme. And then, people could have a much easier time aggregating those election result datasets to get large scale election results. At the risk of fore-shadowing, that’s actually a big deal to data-heads, public interest groups, and news organizations alike, as eloquently explained by a speaker at the next annual conference, which was this week in DC.

Coming Soon

At that conference — NIST/EAC Future of Voting Systems Symposium II — will be the topic of my next few reports!

— EJS

 

Election Standards – Part Two

Last time I reported on the first segment of the annual meeting of the Voting Systems Standards Group (VSSC) of the IEEE. Most of that segment was about the soon-to-be-standard for election definition and election results (called VSSC.2). I recapped some of the benefits of data standards, using that as an example.  Much of the rest of day one was related to that standard in a number of ways. First, we got an update on the handful of major comments submitted during the earlier review periods, and provided input on how to resolve these finalize the standard document. Second, we reviewed suggestions for other standards that might be good follow-on efforts.

What’s in a Name?

One example of the comments concerned the issue that I mentioned previously (concerning aggregation), that the object identifiers in one VSSC.2 dataset might have no resemblance to identifiers in another dataset, even though the two datasets were referring to some of the same real-world items described by the objects. We discussed a couple existing object naming standards for election data, FIPS and OCD-IDs. FIPs is a federal standard for numeric identification for states, counties, townships, municipalities, and related minor civil divisions (as well as many other things not related to elections).

That’s useful because those types of real-world entities are important objects in election definitions, and it’s very handy to have standard identifiers for them. However, FIPS is not so useful because there loads of other kinds of real-world entities that are electoral districts, but not covered by FIPS. In fact, there are so many of them and in such variety, that no one really knows all of the types districts in use in the U.S. So we really don’t have a finished standard naming scheme for U.S. electoral districts. We also discussed the work of the Open Civic Data project, specifically their identifier scheme and repository, abbreviated as OCD-IDs.

More on that in the report from Day 2, but to make a long story short, the consensus was that the VSSC.2 standard was just fine without a unique ID scheme, and that a new standard specifically for standardized IDs was not a large need now.

Supporting Audits

That’s one possible new standard, related to the .2 standard, that we considered and deferred. Two others got the thumbs up, at least at the level of agreement to form a study group, which is the first step. One case was pretty limited: a standard for cast-vote records (CVRs) to support ballot audits with an interoperable data standard. To only slightly simplify, one common definition of a CVR is a record of exactly what a ballot-counting device recorded from a specific ballot, the votes of which are included in a vote tally created by the device. Particularly helpful is the inclusion of a recorded image of the ballot. With that, a person who is part of a typical ballot audit can go though a batch of ballots (typically all from the same precinct) and decide whether their human judgment agrees with the machine’s interpretation, based on the human’s understanding of relevant state election law.

Support for audits with CVRs is a fundamental requirement for voting systems, so this standard is pretty important. It’s scope is limited enough that I hope we can get it done relatively quickly.

More to Come

The other study group will be looking at the rather large issue of standardizing an election definition, beyond the level of the .2 standard. That standard is very useful for a number of purposes (including election result reporting) but intentionally limited to not try to be a comprehensive standard. The study group will be looking at some use cases that might guide the definition of a smaller scope, that could be a timely a right-sized step from .2 toward a truly comprehensive standard. My personal goal, which I think many share, is to look at the question of what else, besides what we already have in .2, is needed for an election definition that could support ballot layout at least at the level of sample ballots. I like that of course, because we already documented the TrustTheVote requirements for that when we developed the sample-ballot feature of the Voter Services Portal.

Onward to day 2!

— EJS

PS: For more on the Voter Services Portal …  production version of VSP in Virginia is at https://www.vote.virginia.gov and the demo version is described at PCEA’s web site http://www.supportthevoter.gov and http://web.mit.edu/vtp/ovr3.html with an interactive version at http://va-demo.voterportal.trustthevote.org

Free at Last: We Earn Our 501(c)(3) Tax Exempt Status

I am pleased to announce to our readers that the IRS has granted our 7-year old organization full unbridled tax exempt status under section 501(c)(3) of the Internal Revenue Code as a public charity.  This brings to a close an application review that consumed over 6 years—one of the longest for a public benefits non-profit organization.  Our Chief Development Officer, Gregory Miller has already offered his insight this morning, but I want to offer a couple of thoughts from my view point (which I know he shares).

By now, you may have seen the WIRED Magazine article that was published this morning.  Others here will surely offer some additional comment of their own in separate posts.  But it does set the context for my brief remarks here.

First, to be sure,  this is a milestone in our existence because the Foundation’s fund raising efforts and corresponding work on behalf of elections officials and their jurisdictions nationwide has been largely on hold since we filed our original IRS Form 1023 application back in February 2007.

The Foundation has managed to remain active through what self-funding we could afford, and through generous grants from individuals and collaborating organizations that continued to support the “TrustTheVote™ Project” despite our “pending” status.

A heartfelt “thank you” to Mitch Kapor, Heather Smith and Rock the Vote, Alec Totic, Matt Mullenweg, Pito Salas, the Gregory Miller family and the E. John Sebes family (to name a few of the those who so believed in us early on to offer their generous support).  The same thanks goes to those who wished to remain anonymous in their support.

In addition to our being set free to move full speed ahead on our charter, I think this is interesting news for another reason: this project, which has a clear charitable cause with a compelling public benefit, was caught up in an IRS review perhaps mostly for having the wrong words in its corporate name.

Our case became entangled in the so-called “Bolo-Gate” scandal at the IRS Exempt Division.  And we unintentionally became a poster child for be-on-the-lookout reviews as such applied to entities involved in open source technology.

In sum and substance, our case required 6 years and 4 months for the IRS to decide.  The Service ultimately dragged us into our final administrative remedy, the “conference-of-right” we participated in last November, following their “intent to deny” letter in March of last year.  Then it took the IRS another 220 days to finally decide the case, albeit in our favor, but not before we had a] filed close to 260 pages of interrogatory responses, of which 182 were under affidavits; b] developed nearly 1,600 pages of total content; and c] ran up a total bill for legal and accounting fees over those years in excess of $100,000.

We’ve definitely learned some things about how to handle a tax exempt application process for an organization trying to provide public benefit in the form of software technology, although frankly, we have no intentions or interest in ever preparing another.

But there is a story yet to be told about what it took for us to achieve our 501(c)(3) standing—a status that every single attorney, CPA, or tax expert who reviewed our case over the years believed we deserved.   That noted, we are very grateful to our outside tax counsel team at Caplin Drysdale led by Marc Owen, who helped us press our case.

I am also deeply relieved that we need not raise a legal defense fund, but instead can finally start turning dollars towards the real mission: developing accurate, transparent, verifiable, and more secure elections technology for public benefit rather than commercial gain.  Its not lost on us, nor should it be on you, how we could’ve spent the money we need to pay to our lawyers and accountants on advancing the substantive cause of the TrustTheVote Project.

So, now its time to focus ahead, get to work, and raise awareness of the TrustTheVote Project and the improvements it can bring to public elections.

We’re a legitimate legally recognized 501(c)(3) tax exempt public benefits corporation.  And with that you will begin to see marked changes in our web sites, our activities.  Stay tuned.  We’re still happily reeling a bit from the result, but wrapping our heads around what we need to do now that we have the designation we fought for 6 years to have in order to fund the work our beneficiaries — elections jurisdictions nationwide — so deserve.

Please join me in acknowledging this major step and consider supporting our work going forward.  After all, now it really can be tax deductible (see your accountant and lawyer for details).

Best Regards,
Christine M. Santoro
Secretary, General Counsel

A New Voice

Hello –

My name is Christine Santoro, the Foundation’s General Counsel.  Although you probably have never heard from me before (well, at least read my writing here anyway), I am responsible for the legal machinery underneath the OSDV Foundation and TrustTheVote Project.  We’ve heard from our readers that they would like to read more from us on issues of law and policy concerning elections and voting technology.  So, I’ve decided to start voicing my thoughts and musings on topics of interest to our readership ranging from election law to issues of technology policy related to voting systems and machinery.

I look forward to sharing my thoughts with you, and more importantly, reading your comments and feedback and engaging in a conversation.  If you have anything in particular that you would like us to talk about let me know.  Talk to you soon.

The D.C. Pilot Project: Facts vs. Fictions – From Our Viewpoint

The TrustTheVote Project of the Open Source Digital Voting (OSDV) Foundation achieved another important milestone two weeks ago this morning, this time with the District of Columbia Board of Elections and Ethics, although not without some controversy.  The short of it is, and most important to us, the Foundation has been given the opportunity to put real open source elections software into a production environment for a real public election.  But it turns out that milestone is struggling to remain visible.

[Note: this is a much longer post than I would prefer, but the content is very important to explain a recent announcement and our role.]

I’ve waited to launch a discussion in this forum in order to let the flurry of commentaries calm on the news.  Now we need to take the opportunity to speak in own voice, rather than the viewpoint of  journalists and press releases, and provide insight and reality-checks from the authoritative source about what we’re up to: Us. For those of you who have not read any of this news, here is a sample or two.  The news is about the District of Columbia is implementing a Pilot program to digitally deliver ballot to a group of qualified overseas voters, and accept digitally returned ballots from them.  (Actually, D.C. already has accepted digitally returned ballots via Fax and eMail.)  So, the headline might be:

District of Columbia to Launch Pilot Program to benefit Overseas & Military Voters with Digital Distance Balloting Solution Using Open Source Software from Non-Profit Voting Technology Group.”

I believe that is as simple and factual as it gets, and IMHO a fair headline.  However, here are two alternative headlines, depending on your view, interests, or issues:

  1. Open Source Voting Project Succeeds in Production Deployment of New Transparent and Freely Available Elections Technology.”
    -or-
  2. OSDV Foundation Advances Misguided Cause of Internet Voting, Despite Well Settled Dangers, Putting Election Integrity at Risk.”

If you follow our work or have read our statement on these topics before, then you recognize the headline #1 is where our interests and intentions are focused. Over the past two weeks, though, we’ve received plenty of feedback that some believe that headline #2 is the real and unfortunate news, undermining the efforts of those who tirelessly work for elections integrity. Well, that is not what we intended to do. But we do need to do a better job at communicating our goals, as the facts unfold about the project. So, let me back up a bit and start  an explanation of what we are really doing and what are real intentions are.

But first let me make the following statement, repeating for the record our position on Internet voting:

The Open Source Digital Voting Foundation does not advocate the general use of the public Internet for the transaction of voting data.  The technical team of the TrustTheVote Project strongly cautions that no Internet-based system for casting, let alone counting, of ballots can be completely secure, nor can a voter’s privacy be ensured, or the secrecy of their ballot protected.

We do not recommend replacing current voting systems by adopting Internet Voting systems. However, we think that there may be a use case in which Internet-based ballot return may be the only course of last resort for rapid delivery of a ballot in time to be counted. That case is the very limited situation of an overseas or military voter who believes that they may be disenfranchised unless they rely on a digital means to return their marked ballot, because physical means are not timely or not available. That is the situation that we genuinely believe is being restrictively addressed in the D.C. Pilot project that we are participating.

And to be crystal clear: OSDV’s role is supplying technology.  The District’s Board of Elections and Ethics is running the show, along withe the District’s I.T. organization. But why did we chose this role? The success of the TrustTheVote Project is predicated on accomplishing three steps to delivering publicly owned audit-ready, transparent voting technology:

  1. Design;
  2. Development; and
  3. Deployment.

Design.  We are employing a public process that engages a stakeholder community comprised of elections officials and experts.  We cannot design on our own and expect what we come up with will be what will work.  It is, and must be, a framework of technology components in order to be adoptable and adaptable to each jurisdiction that chooses to freely acquire and deploy the Project’s work. None of the TV Framework specifically addresses any transport means of ballot data.   The Framework voting systems architecture includes accessible ballot marking (“ABM”) devices, optical scanners for paper ballot marked by hand or ABM, and tabulators.  The Framework elections management services architecture includes EMS components, poll books, and ballot design studio.

Development.  We are employing an open source method and process, somewhat modified and similar in structure to how the Mozilla Foundation manages development of their open source software – with a core team that ensures development continuity and leadership, complemented by a team of paid and volunteer contributors.  And the development has to be open, to go along with the open design process, and open testing, delivering on the commitment to building election technology that anyone can see, touch, and try.  We’re developing for the four legs of integrity: accuracy, transparency, trust, and security.

Deployment. But “open source” at the Foundation is also about distribution for deployment.  As we’ve said before, the  OSDV Public License, based on our “cousin’s” license, the Mozilla Public License, meets the special needs of government licensee.  And in so doing we avail the source code, and where required, resources (in exchange for a development grant to the Foundation) to make the necessary refinements and modifications to enable the adopting jurisdiction to actually deploy this open source technology.  The deployment will generally be managed by a new type of commercial player in the elections technology sector: the systems integrator who will provide qualified commodity hardware, with the Project’s software, and the services to stand it up and integrate it with other jurisdiction’s IT infrastructure where required.

Motivation
One critic has asked, “Why would you agree to support any project that uses the Internet in elections or voting?”  Our motivation for working with the District of Columbia is all about the third “D” – Deployment.   All of our efforts are merely academic, unless stakeholders who have contributed to the specifications actually adopt the resulting open source technology as an alternative to buying more proprietary elections technology, when the opportunity arises to replace or enhance their current solutions.

Now, what about that “Internet” element?

The District of Columbia Board of Elections & Ethics (B.O.E.E) was in search of a solution to enhance their compliance with the MOVE Act.  Of course, people in many election jurisdictions were asking:

If I can deliver the blank ballot and reduce the cycle time for qualified overseas voters, then why shouldn’t we go all the way and facilitate digital return of the marked ballot?

Well, there’s a host of reasons why one shouldn’t do that.  For one quick example: our valued strategic technology partner collaborating with us on data standards, the Overseas Vote Foundation, not only offers digital blank ballot delivery, but  also have renewed their courier services through the assistance of the US Postal Service and FedEx to ensure that the Military voters’ marked ballots can, in fact, make it back in time.   But on the other hand, there is an unfortunate reality that once the digital path is open, OVF, US Mails, or FedEx notwithstanding, jurisdictions will explore leveraging the Net; its happening already in several locations.  That does not make it right or preferable, but it does make it a reality that we need to address.

So, the District at least – at our encouragement dating back to March in Munich – heard our encouragement to explore options, but they did have some requirements.

Specifically, they wanted to conduct a Pilot of a solution that might be a better alternative to accepting returned marked ballots as eMail attachments or Faxed marked ballots exclusively for their overseas and military voters.  And particularly unique to their requirements was – to our delight – a fully transparent open source software solution with unbridled ownership of the resulting source code for all elements of the Pilot solution.  That, of course, is in complete harmony with our charter and mission.

Again, for those readers who know us, and understand our motivations and position on the Internet issue, you can understand our acute focus on the opportunity to deploy open source elections administration software in a real election setting. In the after-glow of this real possibility, and drilling into the details of how the ballot design studio could work for this, we realized we needed to get back to grappling with this digital ballot return detail of the Pilot project.

Initially, we were definitely concerned about how to approach this aspect of the Pilot, since we’ve been clear about our position on the use of the Internet.  But to be frank, with the prospect that the District could simply turn to commercial proprietary Internet voting systems vendors, we felt we had to help find an alternative open source approach for the limited purpose of this Pilot. We encouraged the B.O.E.E. to find an alternative means to digitally return the ballot, but neither by deploying Internet voting products, nor by continuing to rely on Fax or eMail attachments in the clear.  In return, they asked for our help in figuring out how they could implement a solution that worked with real ballot and attestation documents as digital artifacts, which could be transported on an encrypted channel.  This could be better than eMail to be sure, but still using public packet-switched networks.

We turned to several of our technical advisers and convened a meeting to discuss how B.O.E.E and OCTO could approach a digital vote-by-mail Pilot to explore this approach to improving on eMail attachments or Fax’d returns.  The meeting was frank, open, and rather than continuing the rhetoric of avoidance, we witnessed a bunch of stalwarts in information security express concerns, suggest points of mitigation, and brain storm on the possibilities.  And several were kicked around, but tossed aside for want of either acceptable user experience, cost limitations, or operational practicality.  A straw man solution was framed and members of the Core Team went off to refine it knowing that there were aspects that they simply could not address with this Pilot.  Perhaps the most important Pilot parameter: this could not and would not be an exercise to completely assess and determine solutions to all of the known vulnerabilities of securing a voting transaction over a public network.

But it was agreed that a “digital vote-by-mail” process – with the known vulnerabilities and constraints – could be a “worked example” that simply was not what proprietary commercial vendors are selling. And, it was realized that such a solution could not and should not claim any victory in improved security or privacy – no such reality can exist in this solution.

And folks, that is simply and honestly the extent to which we were and are treating this: a “worked example” to serve as a vehicle for voices on all sides of the argument to train their attention in assessing, testing, and determining the viability of such an approach strictly for those overseas and military voters.

One could say the Foundation took a calculated risk: that in order to achieve the larger goal of deploying open source elections technology into a real production environment (a first, and hopefully ground breaking step), we would have to accept that our Stakeholder, B.O.E.E would use the Internet to transport a ballot and attestation document pair using the best possible techniques currently available – HTTPS and standard encryption tools.  And at some measure, at least they had chosen not to pursue a commercial proprietary Internet voting solution, given their steadfast requirement of open source software and maximum transparency.

To my activist colleagues I offer this: we’re giving you a worked example on which to build your arguments against digital transport.  Please do so! We’re with you, believe it or not.  Very frankly, I’d be happy to support some initiative to severely restrict the use of public packet switched networks for transacting voting data.

I want to (re)focus the Project’s attention on the reason a few of us gave up our paying jobs some four years ago: to build a non-profit solution to restore trust in the computers used in the various processes of casting and counting votesWe don’t advocate iVoting.  We do advocate accuracy, transparency, trust, and security in the use of computers in elections and intend to keep working on that open source framework. We do believe limited Pilots are worth it for the special use case of UOCAVA voters,  if such a Pilot can fuel an intellectually honest debate and/or initiatives to resolve the concerns, or end the use of the Net altogether in this regard.  We think the District of Columbia’s Pilot is such a worked example.

OK, this went way over my intended length, but in the spirit of transparency its important we explain what’s been underway for the past several weeks from an authoritative source: Us. In the next installment on this topic, we will discuss more details on the technology we’ll provide for the District’s Pilot, and reiterate our concerns, but also consider the potential of the open source movement in public elections systems.

Thanks for reading.
Greg Miller

The Looming UOCAVA Internet Voting Debate

This is the last long post about the UOCAVA Summit underway in Munich, but in an unannounced move, below I am disclosing all of the topics and questions in tomorrow’s (apparently) much anticipated Internet Voting Debate.

I apologize to those looking for a quick (more typical) blog post on the matter.  But there is (I think) interesting stuff below.

Fact: Silly though I think it is, controversy is swirling around this event; I’ve received more “hate mail” than necessary as moderator, and I believe its important to layout what exactly my line of questioning will be, so that you, the readers, can judge for yourself if I am trying to manipulate the discourse for or against the use of public packet-switched networks for transacting ballot data from public elections.  Think of this as our continuing effort to be transparent – one of our Foundation’s driving principles

So, less than 9 hours remain before we sit down to have what I intend to be a fair and balanced discussion about the challenges and opportunities, the fears, uncertainties, and doubts, and the real and present risks of using public packet switched networks for transacting public ballot data – the so-called Internet Voting debate.

And for me, I am more than ready to put this episode of a long running debate behind me.

Its not that I am no longer interested, nothing could be further from the truth.  But I look forward to slipping back into the mix of many discussing the topic without the klieg lights and responsibility of moderating the participants of a specific debate instance.

The problem is the vitriol nature of unsolicited feedback I’ve received in the past 3 days regarding this event – which is apparently getting far more attention than we anticipated.

Hate mail – its that simple.  And it’s coming from both sides of the debate.  And that’s surprising.  Activists on both sides are convinced that the OSDV Foundation, the Overseas Vote Foundation, and I are all out to railroad the other side in a debate that appears to be tilted against their interest.

Reality distortion fields – its that apparent.  They are being cast, but only I can tell you what is absolutely in my mind and what my intentions are.  And either people can choose to believe me or not.

So with one final effort on the eve of yet another intellectual wrestling match on this, let me try to set the record clear on our intention.  And to do so, in this post I am going to disclose to all interested – in advance – the questions of the Debate planned for 0900 CET tomorrow (about 2200 EDT/0100A Pacific).

First, let me share here the participant line-up:

Moderator: myself, Gregory Miller, Chief Development Officer, OSDV Foundation

Introduction: Dr. Andrew Appel, Professor Computer Science, Princeton University

Opponents

Harri Hursti, Author: Hacking Democracy

Constanze Kurz, Engineer/Dipl. Inf., Humboldt University Berlin

Pamela Smith, President, Verified Voting

E. John Sebes, Chief Technology Officer, Open Source Digital Voting Foundation [*]

Proponents

Alexander Trechsel, Professor of Political Science and Swiss Chair in Federalism and Democracy at the European University Institute (EUI) in Florence, Italy

Christian Bull, Senior Advisor, The Ministry of Local Government and Regional Development, Norway

Thad Hall, Associate Professor of Political Science and Research Fellow, University of Utah, USA

Tarvi Martens, Development Director at SK, Demographic Info, Computer & Network Security, Estonia

Closing Remarks: Honorable Debra Bowen, California Secretary of State

About that [*] after John’s name.
Before moving to the questions, I want to comment on one of the many controversies that have bubbled up over this event.  In the 11th hour, Chantel Enguehard, Researcher and Teacher, Laboratoire d’Informatique de Nantes Atlantique rescinded her agreement to participate for this event on the “opposing side” of the argument for Internet Voting (after previously committing to do so and allowing the Conference to finance her attendance).  Ms. Enguehard has determined that it is not in her best professional (or apparently political) interest to be on any record as speaking against the use of the Internet for elections.  It is her choice, of course, but not the most courteous move to make on the eve of the debate, IMHO.

Let me be clear: I do not believe that just because someone takes a role in a debate staged for a conference as an information exercise, that such necessarily should label that participant as permanently having the opinions of that side of the argument.  And I would’ve been glad to go on record that she is participating in this capacity simply for the academic exercise of explaining the issues to the audience, but that her participation as an opponent does not necessarily reflect her otherwise neutral position on the topic.

Ms. Enguehard argues vigorously that we failed to understand the language nuances relegating the term “debate” in French to mean a discussion of many view points, including neutrals.  Sure.  And she had several weeks to inquire as to whether this was a potential language faux pas on our part (or hers).  She did not.

So, unable to reach an agreement, we’ve dismissed her (at this writing 2350 CET, Thursday) from the Debate, primarily at her insistence of modifying how we run the debate to accommodate her neutrality (you really cannot have a meaningful debate with “neutral” parties.)  The TrustTheVote Project Chief Technology Officer, John Sebes has agreed to stand in her place, although John, in fact, is trying to remain neutral himself on this controversial subject (he is against using the Internet for at least remote – home based – voting in public elections, but open to future possibilities of kiosk-based solutions provided certain issues in the client-server model can be addressed).

So we move forward with the Panelists as introduced above, and now in a move that I am taking on my own, and without advance notice to others, but to clear the air, below you will find a detail of the topics and the questions we will address in tomorrow’s debate, T-9 hours from this writing.

Before the debate begins, Dr. Andrew Appel of Princeton University will present this talk and slides.  We asked Dr. Appel, not (I repeat, not) because of his personal views, but because in looking at various knowledgeable individuals who could present a brief overview of the issues, we found Andrew’s presentation to be simple, straight forward, fair and balanced.  This has been a point of contention from the attack dogs for those in favor of iVoting, contending that we’re setting the debate up with a taint and favoritism towards the opponents by engaging Dr. Appel.  For the final time: nonsense.

Panelist’s Rules of Engagement

  1. I will address a question to either side, and a specific individual and they shall have a 2-minute answer.
  2. The opposing side shall have a 1-minute response.
  3. The original respondent may have an optional 30-second rebuttal at my discretion.
  4. We recognize that reducing this to an hour or so of “sound bites” would be a disservice to the important topic, so there are some situations, where I may engage a respondent or rebuttal in a 1-minute follow-up.  But in order to offer the audience a treatment – potentially not as comprehensive as we would like – on each topic below, “follow-up” opportunities will be allowed in limited circumstances, again at my discretion.
  5. I will do my best to rotate through each Panelist with questions; the fun part of this, any Panelist on either side may be asked to respond to any one of these questions.
  6. It is not our intention to overly control the discussion but it would be a failure to allow the discussion to dissolve into a disorderly argument, so I will respectfully as possible require adherence to this process.  And here is the enforcement clause: if a Panelist fails to yield when time is called more than once during the Debate, I will refrain from any further questions directed to that Panelist. And I do not wish to have that happen, so I look forward to everyone’s cooperation.
  7. The goal is to have an enjoyable, lively, yet informative debate.  Intellectually honest professionals can agree to disagree, and on this topic reasonable minds can and do differ.  So, remember, this is intended to be a “fun” showcase part of the Summit.
  8. Finally, in closing I will ask for a 5-minute closing statement from each side of the debate.

Debate Topics and Questions

A. eMail as a Comparator
You, Panelists, are in consensus that eMail is not an appropriate way to return vote data (for example, sending an image attachment or a PDF of a marked absentee ballot). That noted, in comparison with other home-based voting schemes, these questions:

1. What does eMail voting lack that a client-server iVoting solution provides, in the scheme of voting from a home-based or remotely located PC using a World Wide Web interface?

2. What does eMail voting lack that ordinary vote-by-mail also lacks?

3. Do these answers help us identify some requirements for iVoting?

B. Data Center Management
Both kiosk and home iVoting share the feature of a data center to host the various parts of an iVoting solution, including store vote data, etc.  That data center operation is a very important component of the entire iVoting operation, which gives rise to a series of questions we turn our attention to now.

Depending on time I may ask some or all of these questions:

1. Internet banking seems to work well, and is widely adopted without objection.  Does this provide a model for and lessons for iVoting?  Why or why not?

2. A bank must have a trust delegation model.  Which parts of that model would work for iVoting?

3. Are there applicable models for data center transaction audits in the banking world that provide an appropriate model for iVoting?

4. What technological expertise is required to assess the continuing reliability/trustworthiness of an iVoting solution?   Is this level of expertise accessible to the public officials who select such systems and/or who manage such systems?

5. How can election officials assess the “total cost of ownership” of an iVoting solution, beyond software license fees?  How does this compare with alternative solutions such as vote-by-mail?

6. If any of the proponents are proposing to use iVoting only for UOCAVA settings, what is the rationale for restricting the application of iVoting to this context?

C. Home vs. Kiosk iVoting
Some experts draw a distinction between the use of voting kiosks or polling places with iVoting based ballot casting devices, and the use of home or office-based or otherwise remotely located computing devices to access such a ballot casting service.  Let’s ignore that particular distinction.  One thing we can stipulate is that Kiosk-based iVoting has different costs and logistics than home or remote iVoting solutions.  Let’s not explore those issues.  I will ask each of the Proponents to state simply whether they’re proposing home-only, kiosk-only, or both models for iVoting systems.  Then we’ll address these questions:

1.  What are the comparative risks and advantages of both models?

2. What are the costs/benefits of these differing models?

3.   How do these costs compare to those of traditional non-iVoting polling places?

4.   How do the benefits of home or remote voting compare with Kiosk or polling place models?

D. The Paper Ballot Issue
Some iVoting pilots have included the generation of a ballot-like paper that is retained by election officials.  Others do not.  Let us examine two points.

1.   What can these paper facsimiles best be used for; for example, should they be construed as ballots of record, a paper trail, a receipt, or something else?

2.   Are there chain of custody issues in the handling of these paper records that would be different for an overseas voting setting compared to a domestic voting setting?

E. Original Hand-Made Signatures
Most industrialized democracies use some sort of method to authenticate the voter before they may cast a ballot.  It may be by hand written signature, voter identification card, or some other means.

1.   What methods are appropriate for iVoting systems?

2.   What is the likely leading objection to these authentication methods and how can it best be addressed?

F. Client Platform Integrity
Assuming a traditional client-server model using a public packet-switched network for discussion purposes, the home/remote iVoting has a particular issue with the security risks of the remote PC being used as a voting terminal, including the integrity of the iVoting software executing on the PC, and the integrity of the vote data along the way from the voter across the network to the server.  Some of this has already been discussed, so I want to focus now on one particular aspect of integrity: data security means.  One of our Panelists mitigates these risks by using an “end-to-end” cryptographic method that allows election officials to detect large-scale client-side attacks for election fraud.  This is an interesting model, but raises these questions.

Depending on time I may ask some or all of these questions:

1.   Special end-to-end crypto protocols have been proposed in order to mitigate against the possibility against insider attacks against the servers.

1.1.        Are these methods workable, and are they practical?

1.2.        Are they ready for near term adoption and can their principles be understood sufficiently by elections officials and the public to gain wide acceptance?

2.   Is “detection” sufficient? That is, are the risks acceptable if attacks can be detected at scale?

3.   Is this acceptable-risk concept different depending on whether iVoting is for UOCAVA (overseas absentee) voters only, or for any and all eligible remote voters?

4.   Each Panelist can surely expound on whether client integrity issues must be resolved as a prerequisite for home/remote iVoting. But let’s keep a tight focus on this for the benefit of our audiences.

4.1.        Please pick one reason why or why not client integrity issues must be first resolved, and explain it briefly.

4.2.        What about integrity of the Kiosk systems? Is it sufficient to have a degree of integrity comparable to those of voting devices in state side polling places?

Finally, I may have a bonus question, I am reserving from here, but it will be a follow-up from the above topical agenda.

OK, I leave it up to you, after reading the information above to make a call on whether I am intending to taint this debate or provide for a fair and balanced intellectually honest discussion on the issues, challenges, (and yes) opportunities in the use of the Internet in public elections.

Off to post-dinner gatherings; Sure its 23:55 CET.  It’s Munich and the night is young, although we start in 9 hours. 🙂
GAM|out

Setting a Technology Agenda for Overseas Voting

I have arrived in Munich, reached my hotel and actually caught a nap.  It was a sloppy slushy day here from what I can tell; about 30 degrees and some wet snow; but spring is around the corner.  On the flight over the Pole last evening (I’m a horrible plane sleeper) I worked on final preparations for our Technology Track at this year’s UOCAVA Summit (which I wrote about yesterday).  I thought I’d share some more about this aspect of the Conference.  This is another long post, but for those who cannot be in Munich at this conference, here are the details.

Historically, as I see it, the Summit has been primarily a policy discourse.  While the Overseas Vote Foundation always has digital services to show off in the form of their latest Web facilities to support overseas voters, Summit has historically been focused on efforts to comply, enforce, and extend the UOCAVA (Uniformed and Overseas Citizens Absentee Voting Act).  This year, with the passage of the MOVE Act (something I also wrote about yesterday), a new tract of topics, discussion, (and even debate) has surfaced, and it is of a technical nature.  This is in principle why the Overseas Vote Foundation approached the OSDV Foundation about sponsorship and co-hosting.  We thought about it, and agreed to both.

Then came the task of actually putting together an agenda, topics, speakers, and content.

I owe a tremendous “thank you” to all of the Panelists we have engaged, and to Dr. Andrew Appel of Princeton, our Chief Technology Officer John Sebes, and our Director of Communications, Matthew Douglass, for their work in helping produce this aspect of Summit.  Our Director of Outreach Strategy, Sarah Nelson should be included in here for her logistics and advance work in Munich.  And of course, I would be remiss if I left out the fearless and brilliant leader of the OVF, Susan Dzieduszycka-Suinat, for all of her coordination, production work, and leadership.

A quick note about Andrew:  I’ve had the privilege of working with Professor Appel on two conferences now.  Many are aware that one of our tract productions is going to be a debate on so-called “Internet Voting” and that Dr. Appel will give the opening background talk.  I intend to post another article tomorrow on the Debate itself.  But I want to point out something now that certain activists may not want to hear (let alone believe).  While Andrew’s view of Internet-based voting systems is well known, there can be no doubt of his interest in a fair and balanced discourse.  Regardless of his personal views, I have witnessed Andrew go to great lengths to examine all sides and build arguments for and against public packet switched networks for public ballot transactions.  So, although several are challenging his giving the opening address, which in their view taints the effort to produce a fair and balanced event, I can state for a fact, that nothing is further from the truth.

Meanwhile, back to the other Track events.

We settled on 2 different Panels to advance the discussion of technology in support of the efforts of overseas voters to participate in stateside elections:

  1. MOVE Act Compliance Pilot Programs – titled: “Technology Pilots: Pros and Cons, Blessing or Curse
  2. Technology Futures – titled: “2010 UOCAVA Technology Futures

Here are the descriptions of each and the Panelists:

Technology Pilots: Pros and Cons, Blessing or Curse

The title is the work of the Conference Sponsor, OVF, but we agree that the phrase, “Technology Pilots” trips wildly different switches in the minds of various UOCAVA stakeholders.  The MOVE Act requires the implementation of pilots to test new methods for U.S. service member voting.  For some, it seems like a logical step forward, a natural evolution of a concept; for others pilots are a step onto a slippery slope and best to avoid at all costs. This panel will discuss why these opposing views co-exist, and must continue to do so.

  • Paul Docker, Head of Electoral Strategy, Ministry of Justice, United Kingdom
  • Carol Paquette, Director, Operation BRAVO Foundation
  • Paul Stenbjorn, President, Election Information Services
  • Alec Yasinsac, Professor and Dean, School of Computer and Information Sciences University of South Alabama

Moderator:
John Sebes, Chief Technology Officer, TrustTheVote Project (OSDV Foundation)

2010 UOCAVA Technology Futures

UOCAVA is an obvious magnet for new technologies that test our abilities to innovate.  Various new technologies now emerging and how they are coming into play with UOCAVA voting will be the basis of discussion.  Cloud computing, social networking, centralized database systems, open source development, and data transfer protocols: these are all aspects of technologies that can impact voting from overseas, and they are doing so.

  • Gregory Miller, Chief Development Officer, Open Source Digital Voting Foundation
  • Pat Hollarn, President, Operation BRAVO Foundation
  • Doug Chapin, Director, Election Initiatives, The Pew Center of the States
  • Lars Herrmann, Redhat
  • Paul Miller, Senior Technology and Policy Analyst, State of Washington
  • Daemmon Hughes, Technical Development Director, Bear Code
  • Tarvi Martens, Development Director at SK, Demographic Info, Computer & Network Security, Estonia

Moderator:
Manuel Kripp, Competence Center for Electronic Voting

The first session is very important in light of the MOVE Act implementation mandate.  Regardless of where you come down on the passage of this UOCAVA update (as I like to refer to it), it is now federal law, and compliance is compulsory.  So, the session is intended to inform the audience of the status of, and plans for pilot programs to test various ways to actually do at least two things, and for some (particularly in the Military), a third:

  1. Digitally enable remote voter registration administration so an overseas voter can verify and update (as necessary) their voter registration information;
  2. Provide a digital means of delivering an official blank ballot for a given election jurisdiction, to a requesting voter whose permanent residence is within that jurisdiction; and for some…
  3. Examine and test pilot digital means to ease and expedite the completion and return submission of the ballot (the controversy bit flips high here).

There are, as you might imagine, a number of ways to fulfill those mandates using digital technology.  And the latter (3rd) ambition raises the most concern.  Where this almost certainly involves the Internet (or more precisely, public packet-switched networks), the activists against the use of the Internet in elections administration, let alone voting, are railing against such pilots, preferring to find another means to comply with the so-called “T-45 Days” requirement of placing an official ballot in the hands of an overseas voter, lest we begin the slide down the proverbial slippery slope.

Here’s where I go rogue for a paragraph or two (whispering)…
First, I’m racking my brain here trying to imagine how we might achieve the MOVE Act mandates using a means other than the Internet.  Here’s the problem: other methods have tried and failed, which is why as many as 1 in 4 overseas voters are disenfranchised now, and why Sen. Schumer (D NY) pushed so hard for the MOVE Act in the first place.  Engaging in special alliances with logistic companies like FedEx has helped, but not resolved the cycle time issues completely.  And the U.S. Postal Service hasn’t been able to completely deliver either (there is, after all, this overseas element, which sometimes means reaching voters in the mountainous back regions of say, Pakistan.)  Sure, I suppose the U.S. could invest in new ballot delivery drones, but my guess is we’d end up accidentally papering innocent natives in a roadside drop due to a technology glitch.

Seriously though (whispering still), perhaps a reasonable way forward may be to test pilot limited uses of the Internet (or hec, perhaps even Military extensions of it) to carry non-sensitive election data, which can reach most of the farther outposts today through longer range wireless networks.  So, rather than investing ridiculous amounts of taxpayer dollars in finding non-Internet means to deliver blank ballots, one proposal floating is to figure out the best, highest integrity solution using packet-switched networks already deployed, and perhaps limit use of the Internet solely for [1] managing voter registration data, and [2] delivering blank ballots for subsequent return by means other than eMail or web-based submission (until such time as we can work out the vulnerabilities on the “return loop.”)  While few can argue the power of ballot marking devices to avoid under-voting and over-voting (among other things), there is trepidation about even that, let alone digital submission of the completed ballot. As far as pilots go, it would seem like we can make some important headway on solving the challenges of overseas voter participation with the power of the Internet without having to jump from courier mule to complete Internet voting in one step.  That observed, IMHO, R&D resulting in test pilots responsibly advances the discussion.

Nevertheless, the slippery slope glistens in the dawn of this new order.  And while we’ll slide around a bit on it in these panels, the real sliding sport is the iVoting Debate this Friday — which I will say more about tomorrow.

OK, back from rogue 😉

So, that this is where the first Panel is focused and where those presentations and conversations are likely to head in terms of Pilots.  In my remaining space (oops, I see I’ve gone way over already, sorry), let me try to quickly comment on the second panel regarding “technology futures.”

I think this will be the most enjoyable panel, even if not the liveliest (that’s reserved for the iVoting Debate).  The reason this ought to be fun is we’ll engage in a discussion of a couple of things about where technology can actually take us in a positive way (I hope).  First, there should be some discussion about where election technology reform is heading.  After all, there remain essentially two major voting systems commercial vendors in the industry, controlling some 88% of the entire nation’s voting technology deployment, with one of those two holding a ~76% white-knuckled grip market share.  And my most recent exposure to discussions amongst commercial voting vendors about the future of voting technology suggest that their idea of the future amounts to discussing the availability of spare parts (seriously).

So, I’m crossing my fingers that this panel will open up discussions about all kinds of technology impact on the processes of elections and voting – from the impact of social media, to the opportunities of open source.  I know for my 5 minute part I am going to roll out the TTV open source election and voting systems framework architecture and run through the 4-5 significant innovations the TrustTheVote Project is bringing to the future of voting systems in a digital democracy.  Each speaker will take 5 minutes to rush their topic, then our moderator Manuel will open it wide up for hopefully an engaging discussion with our audience.

OK, I’ve gone way over my limit here; thanks for reading all about this week’s UOCAVA Summit Technology Tract in Munich.

Now, time to find some veal brätwurst und ausgezeichnet bier.  There is a special meaning for my presence here; my late parents are both from this wonderful country, their families ended up in Munchen, from which both were forced out in 1938.   Gute nacht und auf wiedersehen!

GAM|out

New York Times on Voting Technology

A couple of days the New York Times Editorial page commented on Voting Technology in an editorial titled “The Voters Will Pay”. Some bits that interested me (but you should read the whole thing):

“[snip…] If the deal is allowed to go through, it would make it harder for jurisdictions to bargain effectively on price and quality.[snip…]” (from The New York Times)

One of the reasons that we are enthusiastic about the Open Source approach is that, oddly enough, we believe (as many do) that this approach will lead to better quality and even better price (i.e. no price. We give our stuff away.) How is this possible?

We don’t possess a secret super power allowing us to develop software for free.

However by approaching the problem as a non-profit foundation, by definition, we are relying on the goodwill of others (foundations and philanthropists) to raise funds to pay for professional software and technology staff. And of course, again by definition, we will not be making a profit, which also saves money.

Secondly, we have already found, even in these cynical times that top notch talent is inspired to apply their abilities to work that has a positive impact on our society and world, and work for a lot less than they’d make in the private sector (analogous I suppose to many people who work in other public sector positions.

Read the whole editorial here.