Home>>>2010 Elections>>>Topics>>>State Election Legislation>>>Contract Provision for Public Disclosure of Voting System Software

Contract Provision for Public Disclosure of Voting System Software

The following contract provision, recently approved by the County of San Francisco
in negotiation with Sequoia Voting Systems, is presented here as an
example for implementing similar full software disclosure clauses in any contracts
with vendors providing electronic voting systems for public elections.

EDA does not endorse electronic voting systems; we're in favor of a complete transition
to hand-counted paper ballots (HCPB). But we do believe that full disclosure of any software
in any voting system is necessary, and must be paired with concurrent code verification
for the disclosure itself to constitute any meaningful public check on software-mediated voting processes.

Electronic voting is an existing fact; full-disclosure of voting system software is a minimal starting point--not a final solution-- for restoring some degree of public accountability and transparency to the privatized, secret-software voting systems that are already installed and operating in more than 96% of U.S. voting jurisdictions.

Brent Turner is a California voting activist who works with the Open Voting Consortium
and was directly involved in getting the San Francisco County Board of Supervisors to approve this contract provision in their negotiations with Sequoia for an optical scan voting system for SF County.

The following document was provided by Brent Turner.

Form Contract Provision for Public Disclosure

Section ___: Public Disclosure of Technology Required.

Prior to the delivery of any products, Vendor shall submit proof of
Public Disclosure in a form satisfactory to the City. At a minimum,
Vendor will affirm that it (1) has entered into an agreement for a
term concurrent with this agreement with the California Secretary of
State, the Open Voting Consortium, or other similar third party for
public access to the technology used in the subject products; (2) that
the disclosure is freely available through that third party to the
public at no cost; (3) the disclosure contains complete documentation,
including software source code of all hardware and software components
created or modified for the voting application; (4) the disclosure of
commercial off the shelf (COTS) components by manufacturer, model, and
revision; and (5) the disclosure of all product data sheets, manuals,
and other publicly available documentation for unmodified COTS
components.

Vendor is not required to provide hardware to the public for testing
purposes; however, the technology disclosure package shall be
sufficiently detailed such that competent engineers with the correct
tools can fully recreate the hardware and software systems.

In the event that the Public Disclosure Service becomes unavailable
from Vendor's provider, Vendor shall provide City proof, within 30
days of unavailability that Vendor has contracted with another third
party public disclosure service provider for disclosure as provided
herein for the remainder of the term of this agreement.

*************************

The following is a policy statement from the Open Voting Consortium, sent to the San Francisco County Elections Commission members, in advocacy for inclusion of the above software disclosure clause in the pending voting systems contract between San Francisco County and Sequoia.

DRAFT FROM OVC, JAN 22, 2007

SAN FRANCISCO POLICY ON DISCLOSURE OF VOTING SYSTEM TECHNOLOGY

Citizens have the right to know how their votes are counted. Technology
shall not be used in a voting system that interferes with this right to
know.

"Publicly Disclosed" technology refers to hardware and software whose design
details have been made public, freely available for public inspection. In
addition, the vendor of publicly disclosed technology grants the right to
the public to test the technology and publish the test results.

The technology disclosure package is an electronic file that contains all
the documents required to show exactly how the system works.

Voting system technology includes components specifically designed or
modified for the voting application, as well as components that are general
purpose commodity items (sometimes called COTS for
"commercial-off-the-shelf"). The vendor is not expected to reveal the inner
workings of unmodified COTS components. However, all unmodified COTS
components must be identified by manufacturer, model, and revision. In
addition, all product data sheets, manuals, and other publicly available
documentation should be included for unmodified COTS components in the
technology disclosure package.

All hardware and software components created or modified for the voting
application must have complete documentation, including software source
code, in the technology disclosure package.

"Open Source" technology refers to Publicly Disclosed technology where
additional rights have been conferred to the public. These additional rights
that go with open source software include the right to [1],

- Run the program for any purpose (not just testing)

- Adapt the program for your needs

- Freely redistribute copies

- Make improvements and release the improvements to the public

Open Source has additional features and benefits compared to Publicly
Disclosed source. Open Source enables [2]:

- Ensure interoperability

- Avoid vendor lock-in

- Avoid imposing technology decisions on the citizenry

- Drive cost effectiveness

- Enhance efficiency and service levels

- Ensure future access to information

- Ensure a level playing field for competition

- Maximize freedom of action, ensure flexibility

The City and County of San Francisco prefers "Open Source" -- and will
support efforts to reach this goal -- but requires, at a minimum, Public
Disclosure of all voting technology. The vendor is not required to freely
provide hardware to the public for testing purposes, but the technology
disclosure package shall be sufficiently detailed such that competent
engineers with the correct tools can fully recreate the hardware and
software systems.

All contracts that include the purchase of voting equipment executed by the
City and County of San Francisco shall include provisions for Public
Disclosure of Technology; specifically, the vendor must make arrangements to
have a complete technology disclosure package available for free public
download on Public Disclosure website, such as Open Voting Consortium, or
the California Secretary of State, or any other third party offering to make
publicly disclosed technology available for free download to the public. In
the event that the Public Disclosure service becomes unavailable from the
vendor's provider, the vendor agrees to make arrangements for Public
Disclosure with another entity within 30 days from the time the service
becomes unavailable from the original Public Disclosure service provider.

[1] Definition from Free Software Foundation

http://www.gnu.org/philosophy/free-sw.html

[2] IBM presentation on Open Computing, Open Standards and Open Source
Recommendation for Governments

http://www.openvotingconsortium.org/ad/ibm-oss.pdf