Thursday, February 9, 2006

Review of the Senate hearing on open source software in voting systems

Is there a place for open source software in California's electoral system? That was the question asked at yesterday's Senate Elections Committee hearing at the California State Capitol. An archived webcast of the hearing is available online from the California Channel, which will also broadcast it tomorrow (Friday) at 11 a.m. Below is my recap of the hearing as well as the testimony I provided.

State Senator Debra Bowen, who chairs the elections committee, ran the hearing, which was comprised of two panels. The first included experts from the open source industry and representatives from California agencies and a university utilizing open source software. Clark Kelso's testimony was particularly compelling, Kelso, Chief Information Officer for the State of California, briefly described the historic use of computers in California government.

Kelso said that thirty to forty years ago, the state was engaged in its own software development activities, typically on mainframes, and was successful in developing and acquiring stable programs to support state needs. Today many of those legacy systems are stable and still serving the state very well, according to Kelso. Starting in the 80's and 90's, state agencies began to use more commercial off-the-shelf (COTS) software.

Kelso said that the Air Resources Board is the leading department that has begun turning to open source solutions. The agency maintains a culture in their workforce that supports the use of open source, and the strategy has been successful in that it reduces costs, reduces the amount of time needed to develop technology, and helps the agency avoid procurement cycles. This last point is highly relevant to voting systems equipment, where a long procurement cycle often forces counties to limit their options to considering only equipment from vendors that is certified when the procurement process begins.

According to Kelso, the state's policy on open source is that it is an alternative that should be considered and that it is up to project owners to determine the best architecture for their projects. Factors to be considered in making decisions about technology projects include security, reliability, performance, sustainability, development and maintenance risks, technology trends and cost.

The second panel explored the potential use of open source software in the election process. Deirdre Mulligan, director of the Samuelson Clinic at UC Berkeley's Boalt Law School (and a CVF board member) noted that voting systems used to be observable, not just by experts but the public. The move to electronic voting has created barriers for the public and election officials to oversee the technology and have confidence that their votes are captured and counted as intended.

Joe Hall, Ph.D. student at the UC Berkeley School of Information, noted that there are many barriers to any business or nonprofit seeking to provide an open source voting system. There are regulatory barriers, since voting systems must be federally tested and state certified, which may be difficult for new businesses or nonprofits to manage. Hall pointed to a hybrid model, called the Sakai Project, in which universities that were tired of paying management fees for course software got together and created their own consortium to provide the software. Universities that participate must donate coders and pay yearly dues to support the software. Hall suggested a similar consortium of counties, or even states, could achieve something similar for voting systems. (See Hall's blog for their testimony and thoughts on the hearing.)

There was a third panel scheduled, to be comprised of vendors, but none of the vendors attended the hearing, and instead had the Information Technology Association of America (ITAA) send written testimony on their behalf. In it, the ITAA states: "Several states have considered source code review or disclosure requirements for voting systems. Our Election Technology Council members believe that these proposals are ill-advised. Review by, or disclosure to, the general public will not improve the efficiency or effectiveness of voting systems software inspection." Senator Bowen expressed disappointment that the vendors chose not to attend, and noted that it may be necessary to compel their participation in future hearings through a subpoena.

I spoke briefly during the public testimony portion of the hearing. Below is my testimony.


Open source software in voting systems is good, but not good enough. there is no guarantee that the code that's been inspected is the same code that is running everywhere. Security is county election offices is not airtight, and software patches are at times installed without authorization or with limited scrutiny.

We need to avoid finding ourselves in the situation where we ask the public to trust the experts. You should not need to be able to read computer code to have confidence in the integrity of the vote count. This is why the paper trail is essential and why public audits of software vote counts using that paper trail are essential -- having the paper trail and using it to publicly verify software vote counts provides broad public access to meaningful verification of the software's performance. Open source software cannot do that. What it can do is give more people a reasonable degree of confidence that the voting systems will work as expected. But open source software alone cannot verify the accuracy of the vote count -- it cannot verify what actually happened on election day.

That said, it is simply common sense that there is something intuitively wrong with using proprietary software to conduct our elections. Perhaps a private sector vendor will make a public source code voting system, and perhaps some counties will buy it. But if we really were to be serious about integrating public code into our voting systems, we would need to create our own voting system. We would need to invest public money into developing a new system from scratch.

It could be done, and if it's going to happen anywhere, it will be California. But such a system would not negate the need for a voter verified paper audit trail and public audits of software vote counts.

No comments:

Post a Comment