E-voting and the Open Source community

Today’s New York Times has an edi­to­r­ial that puts together a rough set of require­ments for E-voting machines:

• Phys­i­cal secu­rity for elec­tronic systems
• Rig­or­ous test­ing of elec­tronic machines
• Prop­erly trained poll work­ers, and rapid-response teams on Elec­tion Day
• Pub­lic records at the precinct level
• The option to vote non-electronically
• Inde­pen­dent secu­rity experts
• Trans­parency in elec­tronic voting

Look­ing at this list, it seems that an e-voting sys­tem would ben­e­fit from being open-sourced.

Democ­racy and Open-source

My first rea­son for men­tion­ing open-source as the sav­ior of e-voting is that the open source com­mu­nity is inher­ently demo­c­ra­tic in its nature. If you have some­thing to con­tribute, you just go ahead and do it. If it’s good enough to with­stand the scrutiny of other devel­op­ers, it gets used. If it isn’t, it gets aban­doned. This sys­tem of peer-review has already helped in turn­ing some projects into the basic foun­da­tion of the every­day Inter­net: BIND basi­cally cov­ers how Inter­net addresses are trans­lated from num­bers to more friendly domain names; Apache pow­ers the major­ity of the web servers in the world; Send­mail still sits at the core of most email imple­men­ta­tion. Qui­etly, each of those tools gets improved by open-source com­mu­ni­ties, which can be seen as the best exam­ple of mer­i­toc­racy in exis­tence: you are what you con­tribute in the open source space.

Because the open-source com­mu­nity is a global one, tools can take into accounts vari­a­tions at local lev­els, which is also some­thing that ben­e­fits a more demo­c­ra­tic process.

Democ­racy, Open Source, and weblogs

Weblogs have, other the last few years, added a miss­ing com­po­nent to the open source com­mu­nity: non-techie user feed­back. When a blog­ger com­plains about a par­tic­u­lar open-source tool, he’s pro­vid­ing feed­back as to what works or doesn’t. In some cases, it can get con­tentious, as techies some­times dis­miss the user as clue­less; but in other cases, it can be a good way to pro­vide feedback.

E-voting as the most impor­tant open-source project

At the core of the open source argu­ment is the con­cept of open­ness. At the core of the demo­c­ra­tic argu­ment is the con­cept of… open­ness. A strong demo­c­ra­tic soci­ety stays open. How­ever, power lob­bies attempt to close things down for their own ben­e­fit. We’ve seen it hap­pen around copy­rights in the United States and are now see­ing it hap­pen in a num­ber of other areas. In a strong democ­racy, watch­dogs keep those attempts to be overly abu­sive. One way to ensure that they’re not is to pro­vide some of the basic tenets of democ­racy. As a result, I’d ven­ture to say that cre­at­ing an e-voting pack­age that is freely dis­trib­utable is one of the most impor­tant projects the open source move­ment could undertake.

E-voting: A lot of work

Cre­at­ing a good, secure, and open e-voting sys­tem is a lot of work. The work spreads across two key areas: hard­ware spec­i­fi­ca­tions and soft­ware development.

On the hard­ware end, a base imple­men­ta­tion needs to pro­vide a sys­tem that is inex­pen­sive (so it can also be used in poorer coun­tries), secure (so it can­not be tam­pered with), sta­ble and reli­able (so it does not add com­plex­ity to man­ag­ing the elec­toral process), easy to use (so non-techies can put them in place and main­tain them) and auditable (so its value can be proven).

On the soft­ware end, the soft­ware must be reli­able and sta­ble (so it doesn’t dis­turb an elec­tion), secure (to solve exist­ing prob­lems), auditable (so it can leave a trace of any­thing done to the sys­tem, either on the admin­is­tra­tive end (setup and main­te­nance) or on the usage end), anony­mous (so one can’t track who voted for whom), easy-to-use (so that even non-computer users can use it), scal­able (so that it can be used at the local as well as national (or supra-national, in the case of Europe) level).

This is work that will need to bring experts from a num­ber of areas in the open-source com­mu­nity, from peo­ple well versed on secu­rity to peo­ple well versed on design. How­ever, because of diver­sity in the open-source com­mu­nity, the experts already exist. The ques­tion that remains is how to bring them together.

A long term project

In 2000, I called for more com­put­er­i­za­tion of the vot­ing sys­tem. Four years later, we seem to be fac­ing sim­i­lar predica­ments. The pri­vate sec­tor has stepped up to the plate but seems to have failed on a num­ber of fronts, one of which is trans­parency. Con­sid­er­ing that vac­uum, it looks like it’s time for the open source com­mu­nity to step in. Results won’t be clear for many years to come, which makes it more dif­fi­cult to man­age as a long term project. How­ever, projects like Linux did not just pop-up all built. To date, they have been the result of con­tin­u­ous improve­ment to a strong core.

The real test would be to see those machines deployed on a short term basis to do things like non-government related elec­tions (maybe ini­tially to vote on things like who gets to sit on the board of a foun­da­tion that would run this effort mov­ing for­ward), and as time goes on, test them in school elec­tions, then local gov­ern­ment elec­tions, and so on… As a result, it will be a project that will prob­a­bly not alter the course of a democ­racy for at least another decade.

Can the open-source com­mu­nity work on such an effort for as long a time? I believe it can.