|Subject:||Secretary Bowen announces her decisions.|
At midnight, I listened as Debra Bowen announced her official decisions on the use of electronic voting systems for next year's elections.
I have to say i'm very impressed. A few highlights:
- For Diebold and Sequoia, at most one DRE is allowed per polling place, and its results must be audited by 100% manual count. (Hart DREs and optical scan machines are not subject to this condition.)
- The ES&S InkaVote Plus is decertified. It may be recertified conditionally after it is reviewed.
- All software and firmware must be reinstalled on all devices prior to use in the February 5 primary.
- All tamper-evident seals must be serialized.
- Members of the public may inspect all external security seals.
- If a seal is found compromised or a machine must be rebooted to recover from a fatal error, the machine is removed from service and subject to a 100% manual recount.
- If a machine must be rebooted to recover from a fatal error, the vendor must provide an analysis of the cause of failure.
- Machine vote tallies must be publicly posted outside every polling place. A second copy of the tally goes to election HQ. Every poll worker must sign both copies.
- No network connections are allowed to any device not directly used and necessary for voting. No wireless or modem communication by or with any voting equipment is allowed at any time.
- Vendors must provide a plan to prevent the spread of viruses, at least as effective as the "parallel system" method proposed in the Diebold source code team's report. In this method, there are two isolated copies of the election database: a permanent one to prepare the election, and a temporary one just for loading the results, which is then erased after the election. A separate, isolated computer used for no other purpose is used to erase all storage media after the election.
- There will be new post-election auditing requirements based on the recommendations of the Post-Election Auditing Standards Working Group.
- Vendors are now required to provide a full build environment with their source code for escrow.
- Vendors are responsible for the cost of any upgrade or replacement due to claims of standards-compliance that are found to be false or misleading.
Congratulations, Secretary Bowen! She must have been under incredible pressure in her position, and what she came up with looks pretty good.
* * *
Update: News articles have appeared online by ABC News10 and the Associated Press. I'm disappointed that these articles say she "decertified nearly all" machines and "limited the Diebold and Sequoia machines to one per polling place" without distinguishing between touchscreen and optical scan machines. The one-per-polling-place restriction applies to touchscreen machines (DREs) only, not optical scan machines. I transcribed the following from Secretary Bowen's announcement (which was on a noisy conference line):
Let me provide you with a few facts that should put this decision in some perspective. First, of California's 58 counties, fewer than half rely solely on direct-recording electronic or DRE machines for elections. Second, in last November's election, at least two-thirds of the people who voted in California did so using a paper ballot. That includes an absentee paper ballot, and voters in that category are rapidly increasing ...[?]... and many use a polling place optical scan. ...[?]... I certainly don't want to minimize the impact of this ...[?]... but when you look at how people actually vote in this state, more than two-thirds and probably closer to three-quarters of the 8.9 million people who voted in California last November will not be affected by the DRE ...[?]... that I am ...[?]...Also, Secretary Bowen concluded her announcement by saying:
It is my hope that voting system vendors will, starting tomorrow, begin to evaluate the competitive advantage that could accrue from moving to open source software.
Update: The Brad Blog has a rundown on this also.
Update: The SF Chronicle article gets the DRE restriction right.
Update: There's a more detailed article in the LA Times. I was disappointed to read that Secretary Bowen's decision "was condemned by the head of the state's county registrar's association, Contra Costa Registrar Stephen Weir." According to the article, Stephen Weir complained: "Tens of millions of additional ballots, you don't just go to Kinkos... The timing is way too tight." Tens of millions? Only 8.9 million ballots were cast in the entire state last year, and most of California's counties already use paper.7 comments | post a comment