California Sues E-Voting Firm That Threatened California's Secretary Of State

from the vote-early,-vote-often dept

Wed, Nov 21st 2007 12:46am — Mike Masnick

Remember how e-voting firm ES&S originally refused to hand over its source code to California Secretary of State Debra Bowen? And, then, when it finally did hand over the code, how it did so with a petulent, threatening letter, warning her that they would hold her personally responsible for any disclosure of ES&S trade secrets? In retrospect, it probably wasn't such a good idea for the company to include those threats -- especially when the company had changed the source code on some of their machines without telling the state or bothering to have the new software re-certified. After an investigation, California has now sued ES&S for giving the state uncertified e-voting machines. Perhaps those were the "trade secrets" ES&S was so worried about Bowen leaking out. Or maybe it was how ES&S machines have been found in some cases to count votes in triplicate or not at all. Or maybe it was the trade secret involving how the company knew its machines were buggy and prone to problems. Or the one about how it "forgot" to disclose, as required by law, the fact that some manufacturing took part overseas.

As for ES&S's response to the lawsuit, the company appears to have two defenses. First, it claims that the software changes were only "minor" so it didn't need to inform the state. Unfortunately, that's not what California law says -- and it's difficult to see why anyone would think that ES&S gets to decide what software upgrades are minor or not. Even more troublesome is ES&S's second response, claiming that this lawsuit "isn't in the best interests of California voters" because disabled voters won't be able to vote with ES&S's machines. Unfortunately for ES&S, this isn't about helping disabled voters vote -- it's about helping them (and others) vote reliably and accurately in a way that the state has certified -- and on that point, it appears ES&S fails.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: california, debra bowen, e-voting
Companies: es&s

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anon, 21 Nov 2007 @ 2:01am

responses
"isn't in the best interests of California voters" = a weak attempt at making the state look bad if they continue the lawsuit.

I have seen what some 'minor' code changes can do when released without proper testing. They can take down a companie's system for hours.
[ link to this | view in chronology ]
Da_ALC, 21 Nov 2007 @ 2:04am

I bet Ramses the 3rd covered all his tracks. Goverments and who they employ are beyind a joke now. We all know they lie to us continously and allways have, getting very sloppy these days tho.
In the UK the gov has lost its way alltogether. Cant do anything right and the whole system needs replacing really.

E-voting machines really should be so simple, that they cant help but be 100% secure. This is a fact of electronic hardware and programming.

Now if we werent surrounded by scum everywhere who try and kill you for your opinion, we wouldnt have to hide our votes.. but thats the way of the Human so it seems... Am I wrong?
[ link to this | view in chronology ]
DadsDrive, 21 Nov 2007 @ 2:46am

Go back to paper
I tend to "hug trees" but paper is the only way to insure the votes may be counted. We did it when the population was smaller, more people isn't the problem, we have many more available to count them, and more to watch the counters.
[ link to this | view in chronology ]
- tried and true, 21 Nov 2007 @ 2:59am
  
  Re: Go back to paper
  they tryied bot in France this year.
  The few unlucky who had to use the machines where in for a surprise :
  some actually couldn't vote until AFTER the results were known.
  
  Talk about a joke, and the machine were there so that it would take less time....
  On top of that the machines are not designed with the elderly in mind so the UI is a mess and thus a portion of the population can't even use them properly.
  [ link to this | view in chronology ]
JustMe, 21 Nov 2007 @ 5:23am

How about a novel concept - Jail Time
for executives who knowingly break the law. Instead of a fine or another 'slap on the hand' style punishment what about putting these people behind bars with the scum of the earth*? Give them Mike Tyson's used pink underwear and make them spend a few years in the tent jail out west.

* No offense Scum, you know we love ya!
[ link to this | view in chronology ]
Dan0, 21 Nov 2007 @ 5:48am

can
[ link to this | view in chronology ]
Dan0, 21 Nov 2007 @ 5:54am

can't trust anyone
with politics and interest groups controlling the global economy, it is hard to put faith in anyone. The democrats and republicans take money from everyone. but more inportantly, any company.

If have a company create this, do you then have to find out what boards all the executives are on and their party affiliation? If they are public, do you then have to investigate who has a major/minor investment in the company? Can you even trust the government to create the software?

I'm not a conspiracy theorist, but I am paranoid.
[ link to this | view in chronology ]
STJ, 21 Nov 2007 @ 5:57am

Doesn't this just open the door for some California geeks to get together and make the machines the right way?
[ link to this | view in chronology ]
SteveD, 21 Nov 2007 @ 6:10am

Petulant, not Petulent :P
Hey Mike, can you link to the part of the letter that contains these threats? The original TheRegister article doesn't quote anything that seemed threatening, or 'petulant' for that matter. The author of the article didn't question any of the letters content itself.

All that’s mentioned is ES&S's concerns over its IP, and a warning that by accepting the source code the SoS would in turn be responsible for safeguarding this IP. Why is that unreasonable? It seems fairly standard for a business.

Perhaps this is down to interpretation, but the title of this entry seems rather sensationalist and isn’t supported by any of the facts contained. It implies (if not directly states) that the company is being sued for threatening the SoS, when in fact it’s being sued for supplying uncertified voting machines. There is no mention of the ‘threatening letter’ in the SFGate article.

While I’m on your side when it comes to the importance of openness and impartibility as a requirement for companies working in this area, such headlines in turn don’t do your own credibility any favours. I normally read techdirt to get away from such tabloid journalism. : /
[ link to this | view in chronology ]
Brain, 21 Nov 2007 @ 6:39am

How hard is it to program a voting machine?
How hard is it to program a voting machine and have the ballot printed out on register paper so the voters can double-check before putting it in an actual box? It could be done in about 20 lines of code and run on 25 year old, 64k machines.
[ link to this | view in chronology ]
Anonymous Coward, 21 Nov 2007 @ 6:40am

I don't understand what is so complicated about making these machines work right. Maybe I'm oversimplifying but isn't a voting machine just a beefed up counter? That's like the second thing you learn how to code. What could be so hard about pressing a button and increasing a counter? It's one line of code - candidate1++
[ link to this | view in chronology ]
Fernando From Brazil, 21 Nov 2007 @ 9:38am

e-voting
Brazil (182 million people and bigger than US minus Alaska)has been using e-voting for some ten years now with absolute reliability. We've developed the hardware and software. We vote in small, simple machines. A B&W small LCD screen, a telephone like big keys keyboard (with dots for visually impaired people) and a internal printer. When you come to vote, the person in charge check your name from a list, enter his or her personal code that unlocks the machine, you go in, punch the number of your candidate, his or her photo shows up and you have two options: confirm or not. You can also press a white key which means a blanc vote or you can enter an invalid candidate number and confirm, it equals to voting null (like voiding your ballot). The votes are printed and fall into a small sealed bag for checking in case of doubt. At the end of the day the data stored in the machine (which is encrypted) is transmited to the tribunal via a dedicated line and counted. We have more than 90% of the votes counted in less than 8 hours! GWB wouldn't stand a chance with this system!
[ link to this | view in chronology ]
Fernando From Brazil, 21 Nov 2007 @ 9:45am

e-voting, The machine
You can check the machines on the link below. http://www.google.com/images?q=urna+eletronica&sourceid=navclient-ff&ie=UTF-8& rls=GGGL,GGGL:2006-29,GGGL:en Or enter "urna eletronica" at Google Images.
[ link to this | view in chronology ]
Anonymous jerk, 21 Nov 2007 @ 10:39am

Not that these were/are high profile targets anywa
Does anyone remember those automated custom card printers from several years ago? They were all but tamperproof, if I remember correctly. There wasn't a way to plug in any sort of drive (not that USB drives were that common back then anyway).

How about the photo printing machines at Walmart/Meijer/Target/every corner drugstore. They make their money by HAVING a way to plug in an external device, and the hardware and software on those systems is designed to stop outside applications from running.
Perhaps Diebold and ES&S should take a cue from Kodak
[ link to this | view in chronology ]
spanky, 21 Nov 2007 @ 10:52am

e-voting
Well, I don't know if it is just me. Since every library and a great percentage of homes has a computer why not use these? Why waste taxpayer monies on systems that apparently far less reliable than a pencil and paper ballot. I am pretty sure the last time I used the electronic machine ( it was Nov 6 ) it sneezed on me . While I felt no ill effects my computer seemed to be ill after using it. Anyone else have this problem?
[ link to this | view in chronology ]
Anonymous jerk, 21 Nov 2007 @ 10:54am

RE: e-voting
I noticed that too!! I wondered what was up with that!
[ link to this | view in chronology ]
DadsDrive, 22 Nov 2007 @ 9:09am

Paper don't have BOTS or spyware
Even IF we were to vote via online computer using our S.S.N. or National I.D., how would you know the vote was counted?
Seriously, How?
Secure web page? Don't make me laugh
Paper and water proof marker X marks the spot.
All paper ballots would remain a permanent record and held in public view, not in a warehouse, until such time there were no issues and recounts (mandatory) were completed.
Why if these elected to terms spanning years need to have our fate sealed within hours after an election?
What is it that you people do not understand about software?
On route to the central tabulation data processing station a simple process can alter all the data. Opps
Surely you wouldn't trust Microhard's Internet Exploder browser to deliver the goods?
[ link to this | view in chronology ]
r. decline, 26 Nov 2007 @ 8:15am

why don't they work?
why is it that these companies can build a reliable atm machine but can't seem to build one that adds one vote and prints proof that it did? i can withdraw, deposit, get a statement, set my language prefs, transfer funds etc etc but for some reason i can not trust a machine to add my one vote to someone?!?!?! maybe i'm missing something and adding up votes is more complicated than banking but i don't think so.
[ link to this | view in chronology ]