Unlike Ballots, EAC Shouldn’t Be Secretive
The Election Assistance Commission has some explaining to do. The secrecy that pervades the EAC, which oversees testing and certification of voting systems, holds dire consequences for our electoral system. Both chambers of Congress need to work to dispel this culture of secrecy.
A recent case illustrates why secrecy is a fundamental problem at the EAC. Last summer the EAC prohibited a lab run by Ciber Inc. from testing new voting systems due to inadequate test plans and documentation. Nonetheless, the voting systems that Ciber previously has tested remained certified and were used in elections in November. The EAC has not disclosed which voting systems Ciber tested using faulty procedures, but according to our calculations, nearly 70 percent of registered voters in the 2006 general elections voted on equipment qualified by Ciber. This was no small misstep.
While Senate Rules and Administration Chairwoman Dianne Feinstein (D-Calif.) took a step in the right direction by sending a written demand for information from the EAC about its handling of Ciber, she and others must ensure that the commission stops protecting vendors, test labs and itself from public scrutiny.
To get a sense of the EAC’s lack of forthrightness, consider that the public and voting officials learned of the Ciber de-accreditation not from the EAC last summer, but from The New York Times two weeks ago. The EAC kept its action against Ciber secret for many months, breaching the trust of the public and election officials.
Secrecy is pervasive in voting system development and testing. As one test lab representative testified before the EAC in October, their procedures must be kept secret because their clients — voting system vendors — require confidentiality and “own” the test results. Though this secrecy might protect some proprietary information, or prevent embarrassing information from coming to light, it is inimical to proper oversight of the election system.
Last month, when the EAC adopted its new testing and certification policy, it left the major elements of voting system testing secrecy in place. For example, the EAC’s new policy will continue to allow voting system manufacturers to select, pay and communicate confidentially with test labs, thus diminishing the labs’ independence. Under its new rules, the EAC will not receive manufacturers’ technical data packages, which are documents crucial to understanding a voting system. It is unclear why this rule exists, aside from the likelihood that it places these data beyond the reach of the Freedom of Information Act.
In addition, the EAC failed to ensure that election officials, as well as the public, can assess the sufficiency of the test labs’ work. Under its new policy, the EAC will publish test labs’ reports about systems that gain certification. The EAC, however, will not publish the details about what a lab did to test a system, the so-called test plan. Keeping the test plan secret will make it difficult for anyone other than the EAC, the labs and the vendors to judge the conclusions presented in the report. As the experience with Ciber shows, knowing how a test lab evaluates a voting system is just as important as knowing what conclusions the lab reaches.
This secrecy works against voting integrity. Test labs, after all, are charged with determining whether voting systems satisfy standards, all of which are public. Test plans simply put the rubber to the road, and the system benefits by having a common understanding of what kinds of tests are sufficiently rigorous. Keeping this information secret only protects labs with lax procedures. Greater transparency, on the other hand, would encourage all test labs to develop more rigorous procedures.
Where to go from here? The EAC must begin by disclosing to Congress and the public the information that led it to leave Ciber out of the testing process. Going forward, Congress should ensure that the EAC re-examines the parts of its testing and certification policy that protect sloppy testing practices. Publishing all test plans — whether approved or not — is a place to start. In addition, the EAC should publish all test reports, which summarize the labs’ findings after testing. Publishing test reports only for certified systems will leave everyone other than the manufacturers, the labs and the EAC guessing about what kinds of defects make a voting system unacceptable for use in elections.
It is exceedingly important to clear up the past and allow more public review in the future. Many states rely on federal certification and need to know what this mark of approval means and that it can be relied upon. Also, partly in response to a lack of information about federal testing, some states have established their own testing programs. A world of multiple certification programs driven by a lack of trust in the federal system is inefficient and extremely costly to the states, which already are strapped for funds to run elections. The EAC controls the information about federal testing and thus bears the burden of demonstrating it is thorough and rigorous. The EAC shouldn’t make states pay the price for its failure to meet this burden.
It is regrettable that the EAC announced its new testing and certification policy while keeping secret its refusal to accredit Ciber. If the de-accreditation of Ciber had been public knowledge, there would have been pressure on the EAC to strengthen its policy to prevent a repeat of this event. Instead, the EAC withheld important information that would have shaped the public’s and election officials’ views of the adequacy of its policy. The EAC has the power to set the record straight and to change its policy. Congress should ensure that this happens. Secrecy isn’t working for the EAC or democracy — and there is no reason to think it will in the future.
Aaron Burstein is a research fellow in the Samuelson Law, Technology & Public Policy Clinic and Berkeley Center for Technology at the University of California at Berkeley School of Law. Joseph Lorenzo Hall is a Ph.D. candidate in the School of Information at the University of California at Berkeley. Both authors receive funding from the National Science Foundation through ACCURATE (A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections, funded by the National Science Foundation).