The following letter was delivered to the Election Assistance Commission at the joint NASS/NASED meeting on Monday, February 6, 2006.
At the public hearing of the Election Assistance Commission on February 2, 2006 in Washington D.C., there was some discussion about possible misunderstandings in the public perception of the current certification process. Following up on conversations we had with members of the Commission following the meeting, we are submitting this open letter to the Commissioners, the Commission’s Executive Director and the Secretariat overseeing the Independent Testing Authority. The initial purpose of this open letter is to seek answers to specific questions related to the current certification process. At the same time we seek to establish an ongoing dialogue with the Election Assistance Commission about the process through which our votes are cast and counted in our elections. We look forward to your response to these questions and to future discussions.
1. Given that Volume II Appendix B.3 of the 2002 VVSG requires that system identification be included in the ITA reports, why is it absent from the reports by Ciber Inc.? Specifically, the Physical Configuration Audit (PCA) is a requirement of Volume I 8.7.1. Why is the PCA not included as required by Paragraph B.3? Without a PCA there is no way to prove or disprove that the system examined by a state is the same system examined by an ITA lab. The Ciber lab report for GEMS 1.18.24 states that any collection of bytes with the filename of GEMS.EXE, a creation date of 5/13/2005, and a mouse over text of GEMS 1.18.24 can be sold as the GEMS component of system N-1-06-22-22-001 (2002). Any supertouch program can alter the properties of any .EXE file to match these three properties.
2. Why have no vendors added software to the National Software Reference Library (NRSL) since May 21, 2005, yet 9 systems have been qualified since then? Again without a way to identify system there is no way to determine if a system approved by a state or sold to an election official is or is not the same system that was qualified. This could become a point of litigation such as a Temporary Restraining Order alleging that the software for use in an election is not state-approved and/or federally qualified. Since there is no way to immediately deny the allegation, a judge may have little choice but to order that the equipment not be used.
3. Why are ITA lab reports treated as if they contain trade secrets? Trade secrets do not exist for such documents. A “Trade Secret” is defined by the Uniform Trade Secrets Act and as follows:
"Trade secret" means information, including a formula, pattern, compilation, program device, method, technique, or process, that:
(i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and
(ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.
Testing results for election machinery fail to meet the definition’s second requirement. This definition is incorporated into the statutes of most if not all states. (For example, the above definition can be found in Wisconsin state statute in Wis. Stat. §134.90.)
4. Why are the report numbers supporting the issuance of any given system number not published?
5. For system N-1-06-22-22-001 (2002) how did NASED fail to notice that Wyle labs improperly performed software testing, the results of which are contained in report number 48619-10? According to NASED's Qualification Porcess, Wyle labs cannot perform software testing - only Ciber or SysTest can. Yet on page 8 of Wyle Lab report 48619-10 Section 4.1.2 it clearly states that the VC Programmer is a PC-based application.
6. Are different standards applied for different vendors and systems in the certification process? There is a perception that some vendors and systems have moved through the certification process more readily tahn others. For example, Diebold's System N-1-06-22-22-001 (2002) sems to be powerful evidence to support this perception. Diebold’s system seems to have slipped through the system with little scrutiny, while AccuPoll, AutoMark and Populex languished for months.
The Wyle reports 48619-10, 48619-09, 48619-11, 48619-10 have a creation date of August 4, 2005 and the GEMS 1.18.24 document by Ciber was created on August 3, 2005. These are the reports used by Paul Craft and Brit Williams to support the issuance of system number N-1-06-22-22-001 (2002) issued on Jun 27, 2005. No other systems are known to have had their qualification number issued prior to the completion of their ITA lab reports. Why was this preferential issuance of qualification granted? This particular matter was brought to the attention of Mr. Craft, Mr. Hancock, and Mr. Williams by the State of Wisconsin State Elections Board in October, 2005 by Kristofer Frederick and as of January 20, 2006 these questions are still unanswered.
We appreciate your attention to these questions and look forward to an ongoing dialogue with the Election Assistance Commission.
Joan Krawitz, Executive Director, VoteTrustUSA
Warren Stewart, Director of Legislative Issues and Policy, VoteTrustUSA
John Gideon, Information Manager, VoteTrustUSA
John Washburn, VoteTrustUSA Voting Technology Task Force
Comment on This Article
You must login to leave comments...
Other Visitors Comments
You must login to see comments...