Tagged overseas voting

Washington Post on DC “Online Voting” Is Actually “Ballot Transport”

Kudos to the Washington Post’s Rob Pegoraro for his article “D.C. launches test of open-source online voting” — fine coverage, but with a title that I disagree with in terminology only. I don’t view the D.C. pilot as “online voting” but rather as a test of an additional form of digital transport for return of blank ballots. I say “additional” because of the existing “on-line” features of absentee voting:

  1. Digital distribution of blank ballots via email or web;
  2. Digital return of marked ballots via email or fax.

The main point of the D.C. pilot is an alternative to #2. Rather than using open email, the DC pilot will transport ballot documents in a conventionally secured private Web session between the voter and a Web server operated by the DC BOEE. I won’t repeat why open email transport is a problem, but the purpose of the pilot is to produce a worked example that is a solution to at least some of the problems that are specific to email as a way to return a marked ballot document.

— EJS

District of Columbia to Adopt TrustTheVote Technology for Overseas Voter Support in September Primary

We’re pleased to echo the announcement by the District of Columbia’s Board of Election and Ethics (BOEE) that they will adopt TrustTheVote technology as part of a pilot project to support the delivery and return of overseas ballots. In Washington D.C.’s September primary election, open-source technology from the TrustTheVote Project will be used to digitally deliver and return the absentee voting kits of overseas, military and absentee voters. This pilot project will test a new form of digital “Vote by Mail” ballot transport service.

The BOEE’s announcement has the details, but the gist is this:

  • Some overseas and military voters are in danger of their absentee ballots not being counted, due to delays in postal delivery back to the BOEE.
  • As a result some voters use fax or email for digital return of marked ballots, but these timely methods have the side-effect of compromising the integrity and anonymity of the ballot.
  • The pilot project will test a Web-based alternative process that is no less timely, but lacks these side-effects, and otherwise use same familiar methods of absentee ballot casting and counting that voters and election officials use today.
  • The use of TTV’s open source software is a key part of meeting the pilot project’s goals for public visibility of open technology and transparent election operations.

We’ll be saying plenty more about these efforts as we along, you can be sure!

— EJS

EAC Guidelines for Overseas Voting Pilots

election-assistance-commissionLast Friday was a busy day for the Federal Elections Assistance Commission.  They issued their Report to Congress on efforts to establish guidelines for remote voting systems.  And they closed their comment period at 4:00pm for the public to submit feedback on their draft Pilot Program Testing Requirements.

This is being driven by the MOVE Act implementation mandates, which we have covered previously here (and summarized again below).  I want to offer a comment or two on the 300+ page report to Congress and the Pilot program guidelines for which we submitted some brief comments, most of which reflected the comments submitted by ACCURATE, friends and advisers of the OSDV Foundation.

To be sure, the size of the Congressional Report is due to the volume of content in the Appendices including the full text of the Pilot Program Testing Requirements, the NIST System Security Guidelines, a range of example EAC processing and compliance documents, and some other useful exhibits.

Why Do We Care?
The TrustTheVote Project’s open source elections and voting systems framework includes several components useful to configuring a remote ballot delivery service for overseas voters.  And the MOVE Act, which updates existing federal regulations intended to ensure voters stationed or residing (not visiting) abroad can participate in elections at home.

A Quick Review of the Overseas Voting Issue
The Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA) protects the absentee voting rights for U.S. Citizens, including active members of the uniformed services and the merchant marines, and their spouses and dependents who are away from their place of legal voting residence.  It also protects the voting rights of U.S. civilians living overseas.  Election administrators are charged with ensuring that each UOCAVA voter can exercise their right to cast a ballot.  In order to fulfill this responsibility, election officials must provide a variety of means to obtain information about voter registration and voting procedures, and to receive and return their ballots.  (As a side note, UOCAVA also establishes requirements for reporting statistics on the effectiveness these mechanisms to the EAC.)

What Motivated the Congressional Report?
The MOVE (Military and Overseas Voting Enhancement) Act, which became law last fall, is intended to bring UOCAVA into the digital age.  Essentially it mandates a digital means to deliver a blank ballot. 

Note: the law is silent on a digital means to return prepared ballots, although several jurisdictions are already asking the obvious question:  “Why improve only half the round trip of an overseas ballot casting?”

And accordingly, some Pilot programs for MOVE Act implementation are contemplating the ability to return prepared ballots.  Regardless, there are many considerations in deploying such systems, and given that the EAC is allocating supporting funds to help States implement the mandates of the MOVE Act, they are charged with ensuring that those monies are allocated for programs adhering to guidelines they promulgate.  I see it as a “checks and balances” effort to ensure EAC funding is not spent on system failures that put UOCAVA voters participation at risk of disenfranchisement.

And this is reasonable given the MOVE Act intent.  After all, in order to streamline the process of absentee voting and to ensure that UOCAVA voters are not adversely impacted by the transit delays involved due to the difficulty of mail delivery around the world, technology can be used to facilitate overseas absentee voting in many ways from managing voter registration to balloting, and notably for our purposes:

  • Distributing blank ballots;
  • Returning prepared ballots;
  • Providing for tracking ballot progress or status; and
  • Compiling statistics for UOCAVA-mandated reports.

The reality is, however, systems deployed to provide these capabilities face a variety of threats.  If technology solutions are not developed or chosen so as to be configured and managed using guidelines commensurate with the importance of the services provided and the sensitivity of the data involved, a system compromise could carry severe consequences for the integrity of the election, or the confidentiality of sensitive voter information.

The EAC was therefore compelled to prepare Guidelines, report to Congress, and establish (at least) voluntary guidelines.  And so we commented on those Guidelines, as did colleagues of ours from other organizations.

What We Said – In a Nutshell
Due to the very short comment period, we were unable to dive into the depth and breadth of the Testing Requirements.  And that’s a matter for another commentary.  Nevertheless, here are the highlights of the main points we offered.

Our comments were developed in consultation with ACCURATE; they consisted of (a) underlining a few of the ACCURATE comments that we believed were most important from our viewpoint; (b) the addition of a few suggestions for how Pilots should be designed or conducted.  Among the ACCURATE comments, we underscored:

  • The need for a Pilot’s voting method to include a robust paper record, as well as complementary data, that can be used to audit the results of the pilot.
  • Development of, and publication of security specifications that are testable.

In addition, we recommended:

  • Development of a semi-formal threat model, and comparison of it to threats of one or more existing voting methods.
  • Testing in a mock election, in which members of the public can gain understanding of the mechanisms of the pilot, and perform experimentation and testing (including security testing), without impacting an actual election.
  • Auditing of the technical operations of the Pilot (including data center operations), publication of audit results, and development of a means of cost accounting for the cost of operating the pilot.
  • Publication of ballots data, cast vote records, and results of auditing them, but without compromising the anonymity of the voter and the ballot.
  • Post-facto reporting on means and limits of scaling the size of the pilot.

You can bet this won’t be the last we’ll hear about MOVE Act Pilots issues; I think its just the 2nd inning of an interesting ball game…
GAM|out

More thoughts on email voting

Following up on John’s discussion of “Internet Voting” in North Carolina…  Let me pick up the thread from the perspective of Vote By Mail as a point of comparison.

I think it’s an interesting comparison because it’s worth asking whether using the Internet makes voting immediately riskier than the model we all know (and some love) of receiving and returning ballots using the mail (broadly defined – I suppose it’s not always the good ole US Postal Service that is doing the delivering).

Key problems that John discussed the other day with using email to deliver marked ballots back to the jurisdiction were that on the trip from the voter (imagine a soldier casting his or her vote while serving overseas) the ballots could be intercepted, read and even changed as it traversed email servers.

One might say, who said that the humans who handle the bags of paper ballots on their trip are any more trustworthy? [Did you notice what I just did there? I went from talking about digital delivery in general to email delivery, which are not the same thing!]

I would respond that it’s just much more difficult to do bad things to ballots on route if their route uses atoms (paper, trucks, aircraft) rather than bits (files, email messages, protocols.) It’s  harder to deal with when it’s paper – you have to find the paper and get physical access to it, you need to work on it without being observed.

I suppose you could cause a whole bag of ballots to fall of a truck, but you’d need to also then falsify paper manifests and other like documents. These are real risks but the truth is that we’ve come to understand and accept these kinds of risks as acceptable trade-offs for the greater good of allowing our citizens in far places to cast their vote.

Less well understood are the new and highly technical kinds of risks that we’re looking if we want to allow those citizens to use email to return their marked ballots back home. Think about all the pieces of software and infrastructure that handle the returning email starting from the voter’s potentially virus laden PC (or weirdly hacked Internet Cafe station), through a series of servers that are invisible and controlled by who knows who, all the way back to the Jurisdiction. Ouch.

But let me argue against myself now. First of all, I was very facile in claiming that it would be harder to attack the physical transportation of paper ballots when traveling from Camp Foobar in Farawayistan. I was just using common-sense and intuition. But the truth is I don’t know a whole lot about how that actually works, or about the real so-called attack surface is for delivery of paper marked ballots.

And let me also argue against myself by pointing out that many of my arguments against email voting may not apply to other more direct ways of delivering marked ballot, not with email, but some other digital means.

In any event, in my opinion, we need to face up to the reality that the world is getting flatter and  we have more and more citizens whose votes must be counted who are in very faraway places. The time it takes to send a blank ballot by snail mail and send a voted ballot back with snail mail, makes the voters’ time window much too slim in many cases.

— Pito

Election Tech Pilots — Panel Video Now Online

I’ve got a word to say about “pilots”. It seems timely given what seems to be a serious uptick in discussion, legislation, and trials of “pilots” of new use of election technology. Actually, the words have already been said, and by people who know much more than I do about it, at the UOCAVA Summit 2010 now  available on YouTube’s Overseas Voting Foundation Channel – Summit 2010 Panels. The video is on the topic of pilots, with real-world experiences provided by Alec Yasinsac, Paul Stenbjorn, Carol Paquette, and Paul Docker.

In order to save you the trouble of listening to yours truly in the initial segment, I’ll summarize: the term “pilot” can have two different meanings. One meaning is the neutral meaning: we’re some election officials who are thinking about modifying or adding to the way we conduct an election, so we thought we’d try it out in a small limited way, and learn whether it is actually useful, and if so what issues there might be in making this change at full scale. Elections in recent years included some pilots like this, of early voting, and of voter centers. Not all were successful, and some of the lessons learned were about some real challenges of doing it right in a full election.

The second meaning the scary meaning: we’re some election officials who have pretty much decided that we’re going to modify or add to the way we conduct elections, and we’re going to use the term “pilot” to sneak in some changes as experimental, and use that as a step to making the changes permanent and full scale. I don’t actually know any election officials who work like that, but it is model that some concerned people have in mind.

What you can learn from the video of the panel discussion is some real stories of pilots that people really did as real experiments, what they learned, what they decided was a failure, and what they decided was worthwhile but needing more work before being ready for prime time.

One thing that I have learned by immersing myself in election-land, is that election practices in the U.S. are constantly changing — every week I hear news of some possible change in some state or locality. Election practices are not at all fixed. That’s why I thought it worthwhile to learn how thoughtful election officials try to learn about whether a possible change is actually a good change, or just another good idea.

— EJS

Setting a Technology Agenda for Overseas Voting

I have arrived in Munich, reached my hotel and actually caught a nap.  It was a sloppy slushy day here from what I can tell; about 30 degrees and some wet snow; but spring is around the corner.  On the flight over the Pole last evening (I’m a horrible plane sleeper) I worked on final preparations for our Technology Track at this year’s UOCAVA Summit (which I wrote about yesterday).  I thought I’d share some more about this aspect of the Conference.  This is another long post, but for those who cannot be in Munich at this conference, here are the details.

Historically, as I see it, the Summit has been primarily a policy discourse.  While the Overseas Vote Foundation always has digital services to show off in the form of their latest Web facilities to support overseas voters, Summit has historically been focused on efforts to comply, enforce, and extend the UOCAVA (Uniformed and Overseas Citizens Absentee Voting Act).  This year, with the passage of the MOVE Act (something I also wrote about yesterday), a new tract of topics, discussion, (and even debate) has surfaced, and it is of a technical nature.  This is in principle why the Overseas Vote Foundation approached the OSDV Foundation about sponsorship and co-hosting.  We thought about it, and agreed to both.

Then came the task of actually putting together an agenda, topics, speakers, and content.

I owe a tremendous “thank you” to all of the Panelists we have engaged, and to Dr. Andrew Appel of Princeton, our Chief Technology Officer John Sebes, and our Director of Communications, Matthew Douglass, for their work in helping produce this aspect of Summit.  Our Director of Outreach Strategy, Sarah Nelson should be included in here for her logistics and advance work in Munich.  And of course, I would be remiss if I left out the fearless and brilliant leader of the OVF, Susan Dzieduszycka-Suinat, for all of her coordination, production work, and leadership.

A quick note about Andrew:  I’ve had the privilege of working with Professor Appel on two conferences now.  Many are aware that one of our tract productions is going to be a debate on so-called “Internet Voting” and that Dr. Appel will give the opening background talk.  I intend to post another article tomorrow on the Debate itself.  But I want to point out something now that certain activists may not want to hear (let alone believe).  While Andrew’s view of Internet-based voting systems is well known, there can be no doubt of his interest in a fair and balanced discourse.  Regardless of his personal views, I have witnessed Andrew go to great lengths to examine all sides and build arguments for and against public packet switched networks for public ballot transactions.  So, although several are challenging his giving the opening address, which in their view taints the effort to produce a fair and balanced event, I can state for a fact, that nothing is further from the truth.

Meanwhile, back to the other Track events.

We settled on 2 different Panels to advance the discussion of technology in support of the efforts of overseas voters to participate in stateside elections:

  1. MOVE Act Compliance Pilot Programs – titled: “Technology Pilots: Pros and Cons, Blessing or Curse
  2. Technology Futures – titled: “2010 UOCAVA Technology Futures

Here are the descriptions of each and the Panelists:

Technology Pilots: Pros and Cons, Blessing or Curse

The title is the work of the Conference Sponsor, OVF, but we agree that the phrase, “Technology Pilots” trips wildly different switches in the minds of various UOCAVA stakeholders.  The MOVE Act requires the implementation of pilots to test new methods for U.S. service member voting.  For some, it seems like a logical step forward, a natural evolution of a concept; for others pilots are a step onto a slippery slope and best to avoid at all costs. This panel will discuss why these opposing views co-exist, and must continue to do so.

  • Paul Docker, Head of Electoral Strategy, Ministry of Justice, United Kingdom
  • Carol Paquette, Director, Operation BRAVO Foundation
  • Paul Stenbjorn, President, Election Information Services
  • Alec Yasinsac, Professor and Dean, School of Computer and Information Sciences University of South Alabama

Moderator:
John Sebes, Chief Technology Officer, TrustTheVote Project (OSDV Foundation)

2010 UOCAVA Technology Futures

UOCAVA is an obvious magnet for new technologies that test our abilities to innovate.  Various new technologies now emerging and how they are coming into play with UOCAVA voting will be the basis of discussion.  Cloud computing, social networking, centralized database systems, open source development, and data transfer protocols: these are all aspects of technologies that can impact voting from overseas, and they are doing so.

  • Gregory Miller, Chief Development Officer, Open Source Digital Voting Foundation
  • Pat Hollarn, President, Operation BRAVO Foundation
  • Doug Chapin, Director, Election Initiatives, The Pew Center of the States
  • Lars Herrmann, Redhat
  • Paul Miller, Senior Technology and Policy Analyst, State of Washington
  • Daemmon Hughes, Technical Development Director, Bear Code
  • Tarvi Martens, Development Director at SK, Demographic Info, Computer & Network Security, Estonia

Moderator:
Manuel Kripp, Competence Center for Electronic Voting

The first session is very important in light of the MOVE Act implementation mandate.  Regardless of where you come down on the passage of this UOCAVA update (as I like to refer to it), it is now federal law, and compliance is compulsory.  So, the session is intended to inform the audience of the status of, and plans for pilot programs to test various ways to actually do at least two things, and for some (particularly in the Military), a third:

  1. Digitally enable remote voter registration administration so an overseas voter can verify and update (as necessary) their voter registration information;
  2. Provide a digital means of delivering an official blank ballot for a given election jurisdiction, to a requesting voter whose permanent residence is within that jurisdiction; and for some…
  3. Examine and test pilot digital means to ease and expedite the completion and return submission of the ballot (the controversy bit flips high here).

There are, as you might imagine, a number of ways to fulfill those mandates using digital technology.  And the latter (3rd) ambition raises the most concern.  Where this almost certainly involves the Internet (or more precisely, public packet-switched networks), the activists against the use of the Internet in elections administration, let alone voting, are railing against such pilots, preferring to find another means to comply with the so-called “T-45 Days” requirement of placing an official ballot in the hands of an overseas voter, lest we begin the slide down the proverbial slippery slope.

Here’s where I go rogue for a paragraph or two (whispering)…
First, I’m racking my brain here trying to imagine how we might achieve the MOVE Act mandates using a means other than the Internet.  Here’s the problem: other methods have tried and failed, which is why as many as 1 in 4 overseas voters are disenfranchised now, and why Sen. Schumer (D NY) pushed so hard for the MOVE Act in the first place.  Engaging in special alliances with logistic companies like FedEx has helped, but not resolved the cycle time issues completely.  And the U.S. Postal Service hasn’t been able to completely deliver either (there is, after all, this overseas element, which sometimes means reaching voters in the mountainous back regions of say, Pakistan.)  Sure, I suppose the U.S. could invest in new ballot delivery drones, but my guess is we’d end up accidentally papering innocent natives in a roadside drop due to a technology glitch.

Seriously though (whispering still), perhaps a reasonable way forward may be to test pilot limited uses of the Internet (or hec, perhaps even Military extensions of it) to carry non-sensitive election data, which can reach most of the farther outposts today through longer range wireless networks.  So, rather than investing ridiculous amounts of taxpayer dollars in finding non-Internet means to deliver blank ballots, one proposal floating is to figure out the best, highest integrity solution using packet-switched networks already deployed, and perhaps limit use of the Internet solely for [1] managing voter registration data, and [2] delivering blank ballots for subsequent return by means other than eMail or web-based submission (until such time as we can work out the vulnerabilities on the “return loop.”)  While few can argue the power of ballot marking devices to avoid under-voting and over-voting (among other things), there is trepidation about even that, let alone digital submission of the completed ballot. As far as pilots go, it would seem like we can make some important headway on solving the challenges of overseas voter participation with the power of the Internet without having to jump from courier mule to complete Internet voting in one step.  That observed, IMHO, R&D resulting in test pilots responsibly advances the discussion.

Nevertheless, the slippery slope glistens in the dawn of this new order.  And while we’ll slide around a bit on it in these panels, the real sliding sport is the iVoting Debate this Friday — which I will say more about tomorrow.

OK, back from rogue 😉

So, that this is where the first Panel is focused and where those presentations and conversations are likely to head in terms of Pilots.  In my remaining space (oops, I see I’ve gone way over already, sorry), let me try to quickly comment on the second panel regarding “technology futures.”

I think this will be the most enjoyable panel, even if not the liveliest (that’s reserved for the iVoting Debate).  The reason this ought to be fun is we’ll engage in a discussion of a couple of things about where technology can actually take us in a positive way (I hope).  First, there should be some discussion about where election technology reform is heading.  After all, there remain essentially two major voting systems commercial vendors in the industry, controlling some 88% of the entire nation’s voting technology deployment, with one of those two holding a ~76% white-knuckled grip market share.  And my most recent exposure to discussions amongst commercial voting vendors about the future of voting technology suggest that their idea of the future amounts to discussing the availability of spare parts (seriously).

So, I’m crossing my fingers that this panel will open up discussions about all kinds of technology impact on the processes of elections and voting – from the impact of social media, to the opportunities of open source.  I know for my 5 minute part I am going to roll out the TTV open source election and voting systems framework architecture and run through the 4-5 significant innovations the TrustTheVote Project is bringing to the future of voting systems in a digital democracy.  Each speaker will take 5 minutes to rush their topic, then our moderator Manuel will open it wide up for hopefully an engaging discussion with our audience.

OK, I’ve gone way over my limit here; thanks for reading all about this week’s UOCAVA Summit Technology Tract in Munich.

Now, time to find some veal brätwurst und ausgezeichnet bier.  There is a special meaning for my presence here; my late parents are both from this wonderful country, their families ended up in Munchen, from which both were forced out in 1938.   Gute nacht und auf wiedersehen!

GAM|out

Munich: This Week’s iVoting Battleground

I am on my way to Munich, as I post this, for the 2010 UOCAVA Summit.  The OSDV Foundation is a co-host this year, and we’re coordinating the technology track of this 3-day gathering focused on the issues and opportunities for our overseas voters.  This year’s event is arguably the most important UOCAVA (Uniformed and Overseas Citizens Absentee Voting Act) gathering since the passage of the Act in 1986.  Last November, Congress and the President brought UOCAVA into the 21st century by passing the MOVE Act into law – which is somewhat like an amendment to UOCAVA.

And 2 very important outcomes will be showcased this week in Munich.

2010SummitAs an aside, you may be asking why Munich and not, say, Washington D.C.?  Good question (especially as I spend 17 hours of my day traveling from the west coast to Munich).  But there is rhyme and reason here.  Every election year in the U.S. (which means every other year) the Overseas Vote Foundation produces the UOCAVA Summit in Europe to bring together all of our fellow citizens and their organizations stationed abroad to learn the latest developments in efforts to include Americans overseas in the processes of democracy state-side.  This includes large corporations with major installations in Europe and abroad, as well as NGOs and of course, the Military.  What you may not realize is [a] there are over 6 million Americans abroad, and [b] recent studies, which catalyzed the MOVE Act, indicate that as many as 1 in 4 overseas citizens are unable to participate in U.S. elections for a variety of reasons, but due mostly to verifying their registration status and/or receiving and casting a ballot in time to be counted.  So, this being a mid-term election year, the Summit is in Europe, and this time, Munich.

Now, what about those two outcomes?

The first major outcome of the MOVE Act to play prominently in this year’s conference is one of the fundamental mandates of the Act that states in relevant part, that elections jurisdictions shall provide a digital means to obtain a blank ballot for any overseas voter at least 45 days before an election.

At first glance, you might say, “Duh, of course, like, aren’t we already doing that?”  And the answer is, by and large, no.  But in this always-on digital age, making blank official ballots available for download, casting (filling out by marking choices), and then returning (through expedited mail means), seems to be the proverbial no-brainer.  And now, federal law makes it mandatory.

Of course, caution: we don’t exactly want an unchecked number of blank ballots loose in cyberspace either (I’ll leave it as an exercise for the reader to realize why that might be a bad idea).  So, we need to ensure that we only issue ballots to a qualified recipient, and in fact, each qualified recipient returns one, and only one completed ballot.  Yes, yes, I know it is “block and tackle” sort of stuff.  But the devil is in the digital details.

Accordingly, there will be much to discuss about implementing MOVE Act mandates, particularly blank ballot delivery by digital means (read: downloadable, probably a PDF).  And, of course, the TrustTheVote Project is excited about this, because there is an opportunity to showcase the work underway on open source solutions to design, generate, and distribute blank ballots (that would be our Ballot Design Studio component of the TTV Elections and Voting Technology Framework — incidentally, we’re moving so fast that we have yet to update a bunch of documentation on the Ballot Design Studio project component on the Wiki… yes we need more help!).

The good news for our fellow overseas citizens is that this is a funded mandate, and all states and elections jurisdictions are hard at work determining how to meet the mandate.  And there’s more good news because at least a few states are already there.   Non-profit organizations (NGOs) as well as the Department of Defense through the Federal Voting Assistance Program (FVAP) are also working hard to make services available ASAP.  So, it will happen.  And perhaps the OSDV Foundation open source technology – a publicly owned asset – will have a chance to play a role in that work.

There are many who are energized to make this as easy as possible in a digital age.  And to some, providing blank ballots in a downloadable PDF is merely a start to bringing the processes of democracy into the digital age.

Therein lies the 2nd prominent outcome to be showcased this week.

You see, rightly or wrongly (and the arguments both ways are non-trivial) some believe that if the blank ballot is available digitally, there is no reason why we cannot cut the cycle time of overseas voting completely by making it possible to fill out the ballot digitally and then returning it by digital means.

The Department of Defense, for example, argues from the simple point-of-view of risk management.  To many in the military, the benefits of a far greater probability of having their ballot received and counted far outweigh the risk of a ballot being read, intercepted, or even hacked (let alone revealing the identity of the casting citizen). A military statesman, whom I have a great deal of respect for, points out that shooting with “live ballots” is nothing compared to shooting with live bullets, so this is an easy decision (i.e., to adopt as digital a process as soon as possible to ensure speedy delivery and return of ballots).

For other overseas citizens, whose mail services are far better and accessibility challenges are far fewer, the digital means to complete the “ballot transaction” represents a powerful convenience given their remote (absentee) status.

But this opens “Pandora’s Internet Voting Box” to the opponents of this proposed digital efficiency, because if digital ballot casting is extended to our military, and then expanded to include overseas voters, goes the argument, then every absentee voter on the planet (including those merely “out of town” on elections day) will cry foul if they too are not allowed to participate in this highly efficient 21st century manner.

Then the horns kick in, and my shoes start to squeak, because this is a slippery slope, and gosh darn it, this sort of thing could lead to Internet voting!  That is the 2nd outcome of this week’s conference: the great debate on whether public packet-switched networks should be used to transact ballot data in public elections.

At times, we’ve alluded to our position on that matter in blog posts and other content here on the Blog and our project Wiki.  And I will leave it as an exercise for the bored and curious to “look it up.”  What I will say is this: contrary to several concerns raised, I signed up for, and remain committed (with a fiduciary sense of responsibility) to moderating a fair and balanced debate on Internet Voting or what we’ve coined ‘iVoting.”  And I have no intention whatsoever of attempting to sway the debate in one direction or another, favour one side or another, or allow my opinions to color my commentary or line of questioning.

It promises to be a lively discussion.

To some, the use of the Internet in public elections is inevitable as we progress into the digital age.  Maybe so.  And to several European nations, this step has already been successfully achieved.  Bear in mind that there are historical and key cultural differences between the USA and Europe in matters of public elections making adoption of methods like vote-by-mail as well the Internet both palatable and plausible.

To others, this is a nightmare unfolding before their eyes.  These opponent activists have relied on academics and other domain experts’ assertions, observations, and statements, which are necessarily technically accurate.  The (valid) concerns of these technically precise professionals have fueled the fury within opponents who reasonably fear for the integrity of our elections, if they are conducted across a digital means where compromises and vulnerabilities are an inherent part of the architecture of packet-switched networks.  And caution should be exercised.

Does this mean that the notion of using the power and capability of the Internet to enable this important aspect of our digital democracy should be outlawed, forbidden, and eliminated from consideration?

Is there a middle ground that provides a way forward wherein carefully supervised experimentation, research, and further development into designs and deployments that address the persistent integrity issues?

Should we realize and respect that going forward democracies in a digital age must provide a plurality of means by which its citizens can participate in elections, whether that be by mail, in person at a polling place, partially through digital means, or entirely on-line?

Or are the integrity issues raised largely unwarranted in the face of technical capabilities, processes, policies, or procedures that are being drowned in the calls for a legislative mandate to make illegal the use of the Internet in any capacity in public elections?  (Note: keep it on the down low, but packet-switched networks have been used to back-haul aggregate election data for years.)

All of these are the questions and issues are being discussed (and debated) this week in Munich at the 2010 UOCAVA Summit.  And they are being driven by both [a] the passage of the MOVE Act into U.S. law and [b] the full throttle intent by some groups to advance all of the potential capabilities of digital delivery of ballots for (at least) overseas voters.  Stay tuned.

Cheers
GAM|out

OSDV Foundation Called to Testify on State of CA Voting Systems Future

Gregory Miller of the OSDV Foundation will be provide testimony during State of California Hearings on Future of Elections Systems next Monday, February 8th.

CA Secretary of State Debra Bowen requested elections and voting systems experts from around the country to attend and testify, and answer questions about the current election administration landscape and how California can best prepare for the future.  The Secretary noted in a prepared statement:

Demands for increased transparency and services, shrinking government budgets, and technological advances that outpace elections laws and regulations have combined to challenge what many thought were ‘permanent’ solutions developed as part of the 2002 Help America Vote ActMany in California and across the nation are ready to move in a new direction.  The question is, what should Californians seek in the next generation of voting equipment and how can new products truly serve the interests of voters?

Secretary Bowen will preside over the Hearing, joined by county elections executives from Los Angeles, Orange, Sacramento, San Joaquin, Santa Cruz and Madera counties. In addition to the testimony from OSDV, wide-ranging testimony will come from the U.S. Election Assistance Commission, Pew Center on States, the Federal Voting Assistance Program, representatives from every major voting system manufacturer with contracts in California, and more.  The complete agenda is available here.

California has a strong record of thoughtful analysis of its voting systems. In 2007, Secretary Bowen led a top-to-bottom review of certified voting systems. Bowen asserted from the outset that the review:

Ensure that California’s voters cast their ballots on voting systems that are secure, accurate, reliable, and accessible.

And following the top-to-bottom review, on August 3, 2007, Secretary Bowen strengthened the security requirements and use conditions for certain systems.

So its no surprise to us that continuing developments in the elections technology industry as well as legislative initiatives are leading the Secretary to conduct this Hearing next Monday.  Part of that change is best evidenced by the MOVE Act.

We’ll discuss more about the MOVE Act in other posts, but in summary, President Obama signed the Military and Overseas Voter Empowerment (MOVE) Act in October 2009.  The most immediate impact of the law from the State perspective has to do with the provision that establishes a 45-day deadline for States to provide ballots to voters. Because Primary results need to be certified and General ballots need to be constructed and conveyed, additional time (beyond 45 days) is required to meet the new federal guideline.  And the largest impact on elections technology, processes, and practices is two principle provisions of the Act that mandate States shall provide:

  1. A digital means by which overseas voters can verify and manage their voter registration status; and
  2. A digital means by which an overseas voter can receive a digital, download ready, blank ballot (think PDF).

Success in implementing these mandates will reduce lost participation of overseas voters, which studies have shown result in approximately 1 out of every 4 overseas  ballots not being counted because of failure to arrive in time.

But if it were only that easy.  You see, in 2008, many States changed their Primary dates by several months to allow their voters to more heavily impact the presidential nomination process.  And additional moves are likely in 2010 because 11 states and the District of Columbia have Primaries so close to the General Election that ballots may not be produced in time to comply with the new MOVE Act law.  California has a very large overseas and military voting contingent, and you can imagine MOVE Act mandates are on the minds of CA elections officials, State legislatures, and the Secretary.

Of equal interest, Los Angeles County, the largest election jurisdiction in the United States, is engaged in a process known as the Voting Systems Assessment Project (VSAP) to determine the design of their next generation voting system.

Serving over 4 million registered voters, the County is examining the ways in which it can modernize its voting systems.  Dean Logan, the County Registrar and Ken Bennett, the County IT Director are working to analyze the ways in which technology can ensure their ability to meet operational mandates and better serve their voters.  With the VSAP underway (a project the OSDV Foundation is participating in), our “take” is that more (and possibly dramatic) change in elections technology in the great State of California is all but assured.

Stepping back, the current voting technology used in Los Angeles County and elsewhere is provided by private companies; they offer election jurisdictions proprietary technology solutions that need to be certified by the CA Secretary of State. While there is oversight at a State level, and mandates at the Federal level, each jurisdiction must purchase their own technology and do the very important business of conducting elections. Consequently, jurisdictions find themselves in multi-year contracts for technology.

This gives a jurisdiction continuity, but impairs their ability to innovate and collaborate, learning from neighboring or similar jurisdictions elsewhere in the state or country.

With L.A. County — the largest elections jurisdiction in the nation — considering the future of elections technology for their voters, the mandates of the MOVE Act implementation bearing down, and the complexities of the largest States’ processes and regulations for selection and implementation of elections technology, the Secretary’s Hearing next week is of a near essential nature.

So we are honored to be asked to testify next week.  And the timing is good.  As a means to developing a holistic architecture for next generation systems, one of the imperative elements is a common data format for the exchange of election event data.  This is one particular element we’re working on right now.  In fact, we will shortly be collaborating with a group of States and jurisdictions on the testing of several framework components including: election event management, ballot preparation, and automated generation of printable ballots (watch for this announcement shortly).

Here’s the cool thing: It turns out that all of this work currently underway in the TrustTheVote Project which is leveraging this common data format and some other innovations, provides a ready-made open source freely available solution to implement the mandates of the MOVE Act.

So, we hope that this work will prove to be relevant and purposeful for the Hearings.  Our opportunity to testify is timely because we believe our work is in line with the agenda driving the hearing: What do next generation systems look like and how do states like CA comply with Federal mandates? How can we develop quickly to adapt to changing needs on the ground from elections officials, voters, and federal requirements?

We’re excited to participate; go Greg!

For interested viewers, there will be a webcast available here.  And the event will likely be carried live on Cal Channel Television.

Stay tuned; more to come.
Matt

How to Get Ready to Make Ballots

We’ve been spending a good chunk of our time lately on generating ballots, and on the steps leading up to ballot generation. You might think that the lead-up would be simple — making lists of contests and candidates — but actually there is lots more to it. In fact, it’s been much more time consuming so far than the initial development of open source software to do the actual generation of PDF files with candidate names, bubbles to fill in, and so forth.

You might ask why, but there isn’t a short answer. Instead, what I can provide today is a pointer:  some wiki material that first defines a bunch of terms, and then outlines the process of pulling together everything you need to start generating ballots. I think that it was quite a surprise to most of us that it took over 2 dozen definitions just for starters! And of course at this relatively early stage, the story is not inclusive of a huge variety of election administration practices nationwide — we have plenty of work to do with our stakeholders to refine and extend to where TrustTheVote “Election Event Management” module is broad enough to drive the Ballot Generator’s capability beyond this current example, to where all those various ballot items are done right for that wide variety of locales.

— EJS

PS: The ballot generation is pretty cool though! Here are couple of samples:

CA2006sampleOSDVCA2006sampleOSDVcs

Internet Voting, Google, and the China Syndrome

Thanks again to David Jefferson for his post yesterday on the lessons for Internet voting of the Google/China news (NYT: In Rebuke of China, Focus Falls on Cybersecurity). To answer some follow-up questions, I’ll explain a bit about the term vote servers that David referred to.

Let’s start with a little background on Internet voting. Many peoples’ cybersecurity concerns about i-voting have a focus on the vulnerability of the voter’s Internet-connected computer, on which a Web browser is used for i-voting. The browser  communicates with an i-voting Web server (or vote server), displays ballot items, allows the user to make vote selections, and so on (very similar to what many people do with surveymonkey and similar services on the Internet today). The security concerns are valid, whether the client computer is a home PC or a special-purpose kiosk system in a physically controlled polling place set up in a military base overseas.

But just as important is the “server side” of i-voting – the Internet-connected vote server, the Web server front-end, the database it uses, and all the other datacenter infrastructure. That infrastructure is one basket with all the eggs – the data that is used to create an election result. So of course there is concern over that basket being a target itself. After, why trouble with renting botnet time, crafting malware to distribute to already-hacked PCs, and the other work required to tamper with some of the i-ballots at the source? Why bother, if you can tamper with all of the ballots’ votes at the single destination? Good question, and the typical answer is that attacking the source is much easier, if you assume that an i-voting datacenter uses “industry best practices” for security, as is the common claim of i-voting vendors and service providers.

But as the continuing Google/China news shows us,  dedicated, politically motivated adversaries have been quite able to penetrate the defenses of the I.T. plant of some of the biggest most tech-savvy companies with some of the best I.T. and security staff in the world. That being the case, why should anyone blithely accept any claim that a i-voting datacenter is sufficiently defended to protect the vote data and the election itself?

Now, nobody is suggesting that the Chinese government would try to hack Internet elections for real U.S. government offices. But now look at it from the point of view of a responsible election official, pondering the offers of for-profit vendors of proprietary i-voting solutions, who have indeed run a few election pilots and would like to have the business of running full elections out of their data-centers using their i-voting systems. The vendors claim that they have spent “enough” time, money, and effort on security. The question is whether …

…  some small company that has run a few election pilots has any chance of locking down its vote servers so tightly that it can withstand a similarly determined “highly sophisticated and targeted attack” when Google and these other big company’s cannot?

That’s not a rhetorical question! The vendors are probably not the right judges about “enough” but there are several U.S. election officials who are currently mulling i-voting for overseas and military voters; they are the ones who need to weigh the risks and benefits, the required security and controls — hopefully with the advice from some of several the election technology and security experts at work on election tech or policy today.

— EJS