March 26, 2006
by Bob Kibrick
Legislative Analyst, VerifiedVoting.org
1. "Our opposition to the bill stems from the
proposal's impracticality as a new standard in government procurement
policy..."
This bill does not attempt to establish a new standard in
government procurement policy. Rather, it updates government policy pertaining
to the certification of voting systems, period.
2. "The United States Government opposes public sector
procurement restrictions giving preference to then open source development
model or creating barriers to the acquisition of commercial software."
Commercial voting systems software is quite unlike most
commercial software, in that it is only used in a very specific and restrictive
environment (i.e., public elections) and on very specialized hardware; it
cannot be acquired by California counties unless it has completed a lengthy and
extensive federal and state certification process, a barrier to acquisition
that is not faced by most other commercial software. The requirements (both
federal and state) with which voting systems software has had to comply have
increased significantly as a result of federal (e.g., HAVA) and State
legislation (e.g., SB 1438) enacted during the past several years. Like such
legislation, AB 2097 simply adds to list of requirements that such software
must already comply to obtain certification from the State.
3. "The bill will lead to deterioration in voting
systems procurement practices and decisions...[V]oting systems acquisitions may
depend ... on issues of cost, quality, qualification to federal guidelines,
software performance or function, security requirements, or a universe of other
factors that may lead a customer to prefer a certain type of system. A blanket
policy, such as a mandate for open source or disclosed source software, can
never capture these many nuances and can never allow a competent voting systems
buyer to effectively weigh all factors."
Many blanket policies (i.e., requirements for disability
access) are already part of the qualification process for federal and state
certification, and such requirements do not prevent "competent voting
systems buyers to effectively weigh all factors". Such buyers can still
evaluate factors such as cost, quality, performance, and function from among
competing systems that meet established federal and state requirements --
requirements that will inevitably change over time.
4. "This bill will impose on voting system vendors to
the State of California a procurement policy that will essentially strip them
of their core software assets, intellectual property that has taken years and
millions of dollars to develop."
AB 2097 does no such thing. Vendors still retain
trademark, copyright, and patent protections for those core software assets.
And unlike other commercial software (especially general purpose software
designed to run on commodity hardware), voting system software cannot be
readily duplicated to generate bootleg copies and sold via clandestine channels
for hidden use because:
a. Voting system software cannot be sold to counties
until it has completed the federal and state certification process,
b. Voting system software (in most cases) cannot be run
on commodity hardware but only on hardware that is specific to the vendor that
developed the software,
c. The sale of voting system software is a highly-public
process, typically involving numerous and well-publicized public hearings and
votes of public legislative bodies (e.g., county boards of supervisors).
Given the highly-public and restrictive nature of the
procurement process for voting systems acquisitions, the notion that disclosure
of a vendor's source code for voting system software would enable a competitor
to secretly appropriate that code and sell it to other counties without the
knowledge of the original vendor appears ridiculous. And if a competitor were
so brazen to attempt such appropriation and duplication, the end product would
most likely be useless without the original vendor's hardware. Such brazen
actions by a competitor would be clearly visible to the original vendor (due to
the highly-public nature of the voting systems procurement process), who could
still bring prosecution for trademark, copyright, and (where applicable) patent
infringement.
5. The ITAA letter makes note of the deficiencies (i.e., a
requirement to disclose third-party code) in a specific bill in North Carolina.
However, the disclosure requirements in AB 2097 make an explicit exemption
for third-party COTS software.
6. "Review of system source code by technical and
elections laypersons (sic) operating outside the election environment, with no
ability to provide regulated feedback into the State's election management
process, will not increase the quality or security of voting systems
software."
The letter provides no substantiation whatsoever for this
bold assertion. Furthermore, §§2(e)(2) and 2(e)(3) of AB 2097 require the
Secretary of State to establish and maintain a web site that provides:
"(2) A system for acquiring and processing input
from the voting public" and "(3) A reporting system to inform the
public on findings, problems reports, problem resolution, and comments from the
Secretary of State, the public, and vendors."
7. "... the discovery through public review of any
software anomalies in the final weeks leading up to an election [would make] an
almost unmanageable situation."
Such an unmanageable situation could already occur even in
the absence of passage of AB 2097, since existing pre-election testing (e.g.,
logic and accuracy testing) is supposed to be a publicly-observable process,
and such testing can discover such anomalies "in the final weeks leading
up to an election". In such situations, counties and the State are indeed
faced with hard choices, regardless of whether or not AB 2097 is passed.
Is the ITAA advocating that any such voting systems
anomalies that are discovered by whatever means in the "final weeks
leading up to an election" should be concealed from the public?
8. "The security requirements necessary for an
electronic voting systems are particularly unforgiving, with the need to
eliminate, not merely detect, the possibility of compromise. The experience to
date with open source software does not provide much basis for evaluating the
ability of the open source model to meet these requirements."
While the first of these two sentences is certainly true,
the second is debatable. However, the experience to date with "closed
source" (i.e., proprietary software) provides considerable "basis for
evaluating the ability of [that] model to meet these requirements"; in
fact, that "closed source" model has been demonstrated (e.g., the
"Husti Hack") to fail rather miserably in meeting those requirements,
even by such "closed source" software that has completed both the
federal and state certification process.
9. "The Secretary, or other authority, should then seek
solutions that address those threats [to voting systems] and challenge those
solutions until it seems clear that the solution being adopted has strong
advantages over other possible solutions... To leap to a single proposed
approach, without evaluating other possible approaches, would do the State and
its citizens a disservice".
It is noteworthy that the ITAA failed to suggest even a single alternative solution.