what would model legislation require?

From: Teresa Hommel <tahommel_at_earthlink_dot_net>
Date: Tue May 18 2004 - 23:57:55 CDT

Hi Everyone,

I live in New York, and I have been going to Albany, our state
capital, to observe our HAVA conference committee composed
of members of our NY Assembly and NY Senate.

They are about to address voting system standards.

I have already provided them with a list of suggestions, and
I was asked today for any other specific provisions I would
like to suggest. Below are some questions, and the list of
suggestions I already gave them.

If anyone would like to help, please send me your ideas.

Our Assembly bill is the Voting Systems Standards Act of 2004, A8847-A
http://www.assembly.state.ny.us/leg/?bn=A08847&sh=t

Our Senate bill is the Voting Machines Modernization Act of 2004, S6207
http://www.assembly.state.ny.us/leg/?bn=S06207&sh=t

The bills are quite different, but both require a voter-verified paper
audit trail. Printing a ballot which the voter can verify is one thing,
but counting the paper is another. To my thinking, a professional-
quality independent audit of any election would require counting
100% of the ballots. I have spoken to many people, and very
few like the idea of counting ballots.

Teresa Hommel

==Here are my specific questions for anyone who can reply==

1. Is there anything else I should ask for? What would model legislation

require?

2. Why is open source more secure than secret software? Is
there an already-written plain-language explanation that I can
distribute?

3. I said that Sequoia uses different software for their machine
tests and their real elections. Is there any published evidence for
this other than Jeremiah Akin's report?
http://www.exit.com/RiversideVoteTest/index.php
I heard that another manufacturer also does that. Which one?

4. Why is a requirement for "chain of custody" documentation, or
"control of the chain of custody" NOT a protection from software
tampering? I said (1) it won't protect against intentional insider
tampering (2) it won't protect against innocent errors in software
(3) it is impossible to monitor and enforce. You are basically asking
someone to tell you "who had the software" and they are telling you
something plausible, and there is no way to know if it is true.

5. One fellow I spoke with thought it would take a lot of expertise
to modify election results. I recall reading somewhere that the
ballots were stored in an Access data base, and could be
modified by anyone without even a password. For which
system(s) is this true? Is it only Diebold? Since it was reported
a while back, is it still true?

====here are the suggestions I already made====

COMMUNICATION DEVICES:
A total ban on wireless communication devices in the voting and
tabulating equipment.

CITIZEN’S ADVISORY COMMITTEE:
Specific provisions to require inclusion of independent computer
professionals and computer scientists.

RECOUNTS AND AUDITS:
A provision guaranteeing voters and/or candidates the right to petition
for and obtain manual recounts before certification of the winner of an
election.

Legally binding guidelines for recount/audit standards:

---- If the recount of one machine shows inaccuracies, all machines of
the same manufacturer and model with the same ballot must be recounted.

----A fixed percentage of precincts should be subject to random recount
audits using primary voter-verified paper documents. (This is already
in the bills passed by the Assembly and the Senate.)

----The selection of precincts will be made using random selection
techniques comparable to those used in public state lotteries.

----The process of randomly selecting precincts will be conducted in
open session, scheduled a specified number of days in advance, and
announced publicly so that both interested public and press may attend.

----In addition to random audits, each political party on the ballot
will be allowed to designate a pre-determined number of specific
precincts for routine audit.

----All recounts will be open to observation by the public and press.

VENDOR REQUIREMENTS:
Vendors of computerized voting systems must be held accountable and
penalties specified if:

----Vendors sell certified systems but deliver different, uncertified
systems.

----Vendor technicians fail to report in advance any change to voting
systems, including hardware, software, or other parts.

----Vendor technicians fail to get certification or evaluation for
security purposes in advance of making changes.

----Vendor’s equipment fails or malfunctions during an election,
placing an unanticipated financial burden on the Board of Elections
and the State or community. This should include complete
reimbursement of costs incurred, up to and including the
cost of a complete restaging of the election.

OPEN INFORMATION
The following must be freely available for public examination in
computer-readable form and posted on the state Board of Elections
website for viewing and downloading:

----Certification reports from Independent Testing Authorities

----All software used in the voting systems

TRAINING:
Prior to initial use of computerized voting systems, local and county
Board of Election staff must be trained to handle technical aspects of
the computerized equipment and management of secure computer systems.
Ongoing training must be required to handle new security risks, and for
new staff.

Specific provision to guarantee adequate funding for this training must
be made.

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Mon May 31 23:17:53 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:16 CDT