Elections, like many aspects of society in the United States, have
changed dramatically over the course of history.
With the dramatic growth of urban areas during the last century, and
passage of various federal and state laws that specify increased
electoral enfranchisement of citizens, we are placing greater and
greater demands upon voting technology and election administration.
In the past few decades we have started to use computers and
networking to further increase the abilities of this equipment.
The most fundamental act of our democracy -- the mechanics of casting
and counting ballots on election day -- that initially took place in
plain sight and was fully comprehensible to the franchise now takes
place within machines that foreclose observation and obscure this
formerly fully comprehensible act.
An electoral system that was once highly transparent -- supporting
public scrutiny and ease of understanding its functions and policies
-- has undergone an ``enclosure of transparency.''
Computer software is one of the most opaque aspect of electronic
voting.
Unsurprisingly, academics, activists, election officials and
commentators have called for increased access to, and heightened
examination of the source code that powers election systems.
Efforts to increase access and scrutiny range from source code escrow
requirements,Source code escrow involves depositing the
source code for a voting system with a third party and/or an
election official and stipulating under what conditions the source
code can be released. independent code reviews,A state
election official may reserve the right to ask an independent party
to do source code review on top of what is done at the federal
certification level. system performance
testing,Performance testing involves testing a system in
conditions similar to those used on election day. required
disclosure of source code to requirements that systems use open source
codeA note on terminology: Open source software is software
that is usually developed by a team of volunteers and released under
generous licensing terms that allow users to exercise a number of
rights, such as copying, modification and distribution, which
traditional software licenses withhold. The distinction between
open source development and releasing commercially developed code
under an open source license is important as these are two modes
that we see clearly in voting systems (see discussion of eVACs in
§![[*]](file:/sw/share/lib/latex2html/icons/crossref.png){kind=icon}
). Disclosed source code allows a much more
limited use of source code usually for evaluation purposes only and
without permissions to make further copies, modify works or
distribute. For example, see VoteHere's license agreement:
https://www.votehere.net/VoteHere_Source_Code_License_2.htm..
Efforts to broaden the number of individuals with access to the source code of election technology are part of a larger project of increasing the trustworthiness of electronic election systems. This larger project focuses on both technical improvements that increase security, accuracy, privacy, reliability, usability and reforms -- at some level independent of technical improvements -- that instill confidence in the voting public by facilitating public oversight and accountability. As such, calls for source code disclosure to the public or to a set of independent experts should be measured along a number of related but independent axes:
This paper examines the potential role of source code disclosure and
open source code requirements in promoting technical improvements and
increasing transparency of voting systems.
Section elaborates on the concept of the
``enclosure of transparency'' of voting technology.
Section explores the level of source code access
necessary to support effective evaluation and oversight of electronic
voting systems -- an important component of transparency and tool for
gauging system performance.
Section reviews recent efforts to increase the
capacity for public scrutiny of voting systems through disclosed and
open source code requirements.
Section examines the benefits and risks of open
and disclosed source code regimes in the voting systems context and
considers additional issues posed where access rules are driven by
regulation rather than the market.
Section considers regulatory and market barriers to
disclosed or open source code voting systems and contemplates which
existing open source business models sectors might translate to the
voting systems context.
Section reviews what transparency and
trustworthy-promoting alternatives might exist outside of public
disclosure of source code.
We conclude that disclosure of full system source code to qualified
individuals will promote technical improvements in voting systems
while limiting some of the potential risks associated with full public
disclosure.
Acknowledging that this form of limited source code disclosure does
not support general public scrutiny of source code, and therefore does
not fully promote the transparency goals of public oversight and
accountability, we note that in a public source code disclosure or
open source code model most members of the public will be unable to
engage in independent analysis of the source code and will need to
rely on independent, hopefully trusted and trustworthy, experts.
Given the potential risks posed by broad public disclosure of election
system source code, we conclude that moving incrementally in this area
is both a more realistic goal and the prudent course given that it
will yield many benefits and greatly minimizes potential risks.