In a backhanded dismissal of unmet federal promises to safeguard voting systems, California's elections chief is tapping hackers, computer scientists and technology policy analysts for what experts say will be the toughest review of voting systems in the nation.

Secretary of State Debra Bowen announced Wednesday that her office has asked the University of California to perform the review with help from other universities and private firms that are expert in computer security.

The university-led review, headed by two computer-security experts at Berkeley and Davis, will use three teams — one each to ferret out vulnerabilities in the software of the eight primary voting systems in California, to attempt attacks on the voting hardware and to delve into the voting systems' documentation.

A fourth team led by Campbell-based electrical engineer and computer scientist Noel Runyon will analyze the accessibility of every voting machine according to the latest federal standards and test the machines using voters with a broad range of disabilities.

For the better part, the eight systems are the flagship voting machinery sold by the nation's four largest voting-system suppliers, plus Los Angeles County's own unique InkaVote optical scan system.

"There has never been as comprehensive a review of voting systems as is contemplated here, and you just could not assemble a better team of people to do it," said David Jefferson, a computer scientist and voting-system expert at Lawrence Livermore National Laboratory who is not involved in the review.


Advertisement

State elections officials did not respond to queries Wednesday afternoon. So far it appeared the review wasproceeding under protests from many local elections officials that they were not more involved and with the full cooperation of only one voting-machine supplier, Oakland-based Sequoia Voting Systems.

"This is a lot of work for us to be undertaking, a lot of cost for a system that's already been approved," said Sequoia Vice President Michelle Shafer. "But that is the requirement that the new secretary has put out there, and we'll do what we need to do to stay compliant and support our customers."

No other vendors had submitted machines yet for testing, and few had signed agreements to do so, according to local elections officials.

"We want an equitable, complete and timely review and one that engages (voter) registrars, and I'm still hopeful that can happen. But so far that hasn't happened," said Contra Costa County elections chief Steve Weir, president of the California Association of Clerks and Elections Officials.

"If our vendors don't participate, there could be some pretty negative outcomes," Weir said.

Bowen reiterated Wednesday that she may withdraw approval of any machines that aren't provided for testing or fail the tests so badly that tighter operating rules won't cure their deficiencies. In California, the nation's largest voting systems market, the eight voting systems represent an investment of more than $400 million, with millions more in annual vendor revenue for support and maintenance.

"My goal is to get California to a place where voters, elections officials, candidates and activists have confidence in the results of every election," Bowen said. "This kind of confidential review is essential in getting us to that point."

The tests would make good on a promise that Bowen made during her campaign last year for a "top-to-bottom review" of the state's voting systems. But it is also the largest and most aggressive move among large states including New York to set up their own comprehensive voting-system testing programs and stop relying on private labs hired by the voting machine companies to ensure voting systems are accurate, accessible, reliable and secure.

That practice, until recently overseen informally by a national association of elections officials, resulted in poorly designed and manufactured voting equipment sold nationwide, with large scale machine breakdowns in California, erroneous vote counts in Florida, North Carolina and California, and the discovery of security holes supposedly barred by state or federal standards in multiple jurisdictions. 

"I would say that the states — and California's not the only one — don't have complete confidence in the (private lab testing) process," said Deidre Mulligan, director of the Samuelson Law, Technology and Public Policy Clinic at UC Berkeley's Boalt Hall law school and a member of one of the voting-system document-review teams. "There were multiple flaws found, some of which should have been caught, and that raised some concerns about the thoroughness and integrity of the process."

Bowen dropped earlier proposals that would have added new requirements for voting systems and possibly resulted in the failure of all ATM-like touchscreen voting machines on accessibility grounds. The review now will test machines against the 2002 federal voting system standards for security, accuracy and reliability and the 2005 standards — which don't take effect until December — for accessibility.

Contact Ian Hoffman at ihoffman@angnewspapers.com or (510) 208-6458.