important new USACM study of Voter Registration Databases

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Fri Sep 22 2006 - 12:05:09 CDT

From: "Barbara Simons"
To: "Quixote Group"
Sent: Thursday, September 21, 2006 5:48 PM
Subject: the USACM study of Voter Registration Databases

Dear colleagues,

This email is in response to my request for help in publicizing the ACM
study of computerized databases of registered voters.

You can find the Executive Summary, list of panelists, and full report
(a downloadable pdf file) at The report
is aimed at the general public and at election officials. However, for
those folks who don't want to read the full report, we have a separate
file called Overview and Recommendations that can be downloaded. It
contains our 99 recommendations.

I blush to admit that we didn't think of some of the problems that have
occurred. For example, while we discuss well known problems with
inaccuracies in registrar of voters databases and recommend against
using database matches to purge voters, it never occurred to us that
someone would do something so foolish as to disenfranchise voters whose
names are not an exact match with the names in some other databases.

When we discussed the need for backups to the electronic poll
books, the problem of having the poll books crash in the middle of an
election with the accompanying difficulty of determining who had
already voted did not occur to us.

Still, if election officials were to follow our recommendations, the
situation would be greatly improved. I suspect that there is not a
single jurisdiction that has followed even a majority of our
recommendations. I believe that the Maryland meltdown was just a
prelude to what is coming in November.

I've included below the press release that ACM issued when our study
was released.


P.S. I also recommend the study that Kim [Kim Alexander of
California Voter Foundation] did on privacy issues
relating to voter registration. It's a real eye opener.


Washington, DC, February 16 , 2006 - A team of computer security and
voting experts has issued recommendations to ensure that electronic
records of information submitted by citizens registering to vote are
accurate, private and secure. In a report commissioned by the
Association for Computing Machinery (ACM), state and local election
officials now have nearly 100 high-level guidelines designed to help
states comply with Federal laws that require computerized statewide
electronic databases to be operational by 2006.

"If these guidelines are not implemented, at a minimum there could be
widespread confusion and Election Day failures. And in the worst case,
voters across the nation could be disenfranchised and election fraud
could result," said Paula Hawthorne, co-chair of the Voter Registration
Database Study Committee. Hawthorne, a former database expert at
Hewlett-Packard, and vice president of software development for several
start-up companies, identified a series of risks, including hacker
attacks, massive Election Day failures, severe privacy violations, and
further erosion of confidence in the election process.

"These guidelines will enable the more than 20 states that have not yet
met these federal deadlines to avoid Election Day problems," said Study
Committee co-chair Barbara Simons, a past president ACM, who is retired
from IBM Research. "They also provide a useful template for those
states which have complied with federal deadlines, but may need to
revamp their processes and procedures in light of the report's
recommendations," she said.

The report outlines "best practices" from technology experts recruited
for their special knowledge and understanding of these areas. It
presents guidelines to make certain that voter databases are
consistently reliable and accessible by people with diverse
backgrounds, purposes, and knowledge.

The study was commissioned to develop objective technical information
and expert recommendations to help states and localities comply with
provisions of the Help America Vote Act, which was passed in the wake
of voting problems in the 2000 Presidential Election.
The guidelines will enable state and local officials to address
potential risks by:
a) adopting transparent policies and open practices for managing
technical and logistical aspects of voter registration databases.
b) setting clear accountabilities for those responsible for proposing,
making, or approving changes to the data, the system, or its policies.
c) establishing audit trails to track changes made to data, security
policy, and database design.
d) designing privacy policies that are fundamental to the system, and
based on long-established and widely-accepted Fair Information
Practices procedures.

The complete Electronic Voter Registration Database Study and a list of
report's authors are available online at

About ACM

ACM, the Association for Computing Machinery, is an
educational and scientific society uniting the world's computing
educators, researchers and professionals to inspire dialogue, share
resources and address the field's challenges. ACM strengthens the
profession's collective voice through strong leadership, promotion of
the highest standards, and recognition of technical excellence. ACM
supports the professional growth of its members by providing
opportunities for life-long learning, career development, and
professional networking.

# # #

Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
OVC-discuss mailing list
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Sat Sep 30 23:17:05 2006

This archive was generated by hypermail 2.1.8 : Sat Sep 30 2006 - 23:17:08 CDT