« Baby Names | Main | QOTD »

Notes from New Standards for Elections

Notes from New Standards for Elections

The variety of perspectives offered by the panel helped ensure the discussion ranged over all of the problems facing election standards. Besides some initial logistical issues with not properly cutting off speakers at 10 minutes and the room being a little too warm, my congratulations to the organizers for putting on a top notch program.

Below are notes I took during the various speaker presentations, along with some personal interjections. I'm going to separately post my thoughts on the topic sometime in the next couple of days. These are not direct quotes and most likely don't accurately capture what they said. If I've completely missed the point on something let me know. Please see the evote-mass.org site for general program information and speaker bios.

Merle King
There isn't much awareness for the P1583 effort. I for one had never heard of it before this.
Various parties all want their hands in the new election standards. 3000 election officials want the status-quo since it works for them now. Vendors what the standard to position their product favorably so they have a jump on the gun once it is released. Activists and researchers are also bringing various agendas to the table to promote their cause or work.
Important not to ignore the economics of elections. While this point is valid, I don't think it should be the focus.
Need to be careful of a standard that limits what can be done (prevent thinking outside the box). I view this as a balance between a rigid standard and a minimum set of requirements (which vendors can individually improve upon to distinguish their product).
EAC should be serving as a national voice for these issues but it is slated to disband in the near future.

Rebecca Mercuri
Voting is still a state issue, nothing has really been enacted at the federal level.
New standards were not used until 2003. This led to grandfathered systems and systems purchased with funding tied to new standards that are not compliant with those new standards.
Key issues include security, auditing, reliability, and potential issues with COTS products (ala Windows).
While the standards may include tests, quite often the tests are bad, or not open enough to allow new faults to be found that would allow revoking certificates since most receive a lifetime certification.

Stan Klein
Key issues include accuracy, security, and reliability.
He defined software release as the point after which all bugs found are production issues.
Need to setup a national database of voting issues. Mentioned example of two election officials having the same problem with an optical scanner and neither knew the other one had the same issue.
The standards say 99% availability, but this assumes on call technicians and an ability to repair on the spot.
Hardware follows a bathtub failure model. Lots of errors at the start, a long stable life, and then lots of errors at the end, something like |_|. Where the peaks are high failure rate and the x-axis is time.
Based on the standard 80% of Maryland sites should have experienced at least one failure.
Should look at both machine and non-machine failures.

David Aragon
Democracy isn't just about who gets to vote, it is also about how it gets done.
A standard like P1583 can devalue things that aren't included in it, since they become invalid or new thinking can't be modeled to fit what the standard tried to do. (The recent West Wing episode Wakeup Call kind of underscored this. They didn't want to write the constitution they wanted to make sure the people there understood what a constitution was about and how it would live beyond the current administration, focus on the ideals of democracy).
The P1583 suffers from the fact that it is trying to avoid all issues about policy.
If the voter can't verify, it's a flawed system.

Ron Rivest (Take I)
TGDC working on voluntary voting system standards. (There are existing voluntary standards and another speaker I believe mentioned that there was a fairly poor adoption rate of those, which make me question how good another set of voluntary standards will be.)
www.nist.gov has opportunities for public comment on the work that they are doing vote.nist.gov/TGDC.htm.
More data about elections needs to be made public and easily accessible (ala websites).
For any electronic (and in my opinion any election system) there needs to be a verifiable setup procedure. (i.e. machine turned on and correctly initialized to a known good state).
Standards need to allow for open testing research so that products don't just have to adhere to whats in the spec as what makes a process/machine insecure will change over time.

Ben Adida (Take I)
Voting processes and machines need to be rated across multiple dimensions. The needs of a small community of 200 people are very different than that of a large city.
Standards need to focus on performance instead of how. For example MTBF is performance while not specifying how a particular device should achieve it.
vspr.org is looking for members, based on expertise in relevant domains.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)