California's ``open source'' mandate

There have been a few cases of regulators looking to increased source code disclosure as solutions to problems with voting systems. One interesting case involves the first ``open source'' mandate by a State in the U.S. where the top election official in California determined that the only solution to a technical catch-22 would be to require a critical piece of code be disclosed. Under recommendations from technical consultants, the Office of the Secretary of State in California issued regulations in November 2003 stating that all electronic voting system vendors would have to provide the functionality required to produce an Accessible Voter-Verified Paper Audit Trail (AVVPAT).Kevin Shelley, Secretary of State of the State of California. Position Paper and Directives of Secretary of State Kevin Shelley Regarding the Deployment of DRE Voting Systems in California (Nov. 21, 2003). See: https://www.ss.ca.gov/elections/ks_dre_papers/ks_ts_response_policy_paper.pdf. An order of March 2004 stated what requirements had to be met for a paper audit trail to qualify as an AVVPATKevin Shelley, Secretary of State of the State of California. Standards For Accessible Voter Verified Paper Audit Trail Systems In Direct Recording Electronic (DRE) Voting Systems (Jun. 15, 2004). See: https://www.ss.ca.gov/elections/ks_dre_papers/avvpat_standards_6_15a_04.pdf. where AVVPAT was defined as a contemporaneous paper record of a ballot that allowed disabled and non-English speaking voters to vote privately and independently.Id., note , at 1, 4. The biggest surprise in these regulations was the ``open source mandate'' it included. This part of the regulation provided that, ``All DREs must include electronic verification, as described in the Task Force's report, in order to assure that the information provided for verification to disabled voters through some form of non-visual method accurately reflects what is recorded by the machine and what is printed on the VVPAT paper record. Any electronic verification method must have open source code in order to be certified for use in a voting system in California. (bold emphasis added.)''Id., note , at 5.

The regulation required an electronic verification mechanism that allows disabled voters to assess through a non-visual interface whether what is printed on the AVVPAT record is consistent with their intended vote. This require either interpreting the signals sent to the printer or reading directly from the AVVPAT, not from the computer's memory or the electronic record of the vote. The code that interprets the printing signals or reads the AVVPAT must be ``open source'' per this regulation so that, in the words of David Jefferson, one of the experts that provided input, they would not have ``merely transferred the need to trust software from the proprietary vote capture software to proprietary vote verification software.''David Jefferson, Chair of the California Secretary of State's Voting Technology Advisory Board, post to the Voting-Project mailing list. See: https://gnosis.python-hosting.com/voting-project/February.2004/0031.html.

The regulation left several core terms undefined and the intent unclear. If we take David Jefferson's statement as reflective of the Secretary's goal, this regulation should have been clarified to support the evaluation of the verification software. The regulatory intent here was to ensure that the disabled voter or an organization representing the disabled voters could obtain and inspect the source code of the verification subsystem. They would want to exhaustively inspect the code to make sure that it was accurately verifying the vote from reading the printout or interpreting the signals sent to the printer to produce the printout. The Secretary's decision to require that the source code of this subsystem be open source is logical; however, a clear definition of ``open source'' is necessary for vendors to build such a system. For example, they will need strict control of what pieces of their intellectual property is included in this piece of software. The Secretary should have aligned the regulatory intent of the AVVPAT order with licensing requirements to establish some minimal licensing criteria for this ``open source'' software.Minimal licensing criteria would be statements such as ``The software source code is distributable to any member of the public.'' Then, with a minimal set of licensing requirements, a few representative open source licenses could be chosen and offered as valid licenses under which to develop verification code. This level of detail was not included.

In January of 2005 this requirement was implicitly revoked by new regulations that omitted it.California Secretary of State Elections Division, ``Proposed Changes to Accessible Voter Verified Paper Audit Trail (AVVPAT) Standards'', January 14, 2005, available at: https://www.ss.ca.gov/elections/voting_systems/012005_1b_s.pdf. This could have been an interesting experiment in regulatory push of open source; however it seems instead that it was destined to fail without sufficient attention to the issues raised above.