Friday, June 17, 2011

FIT4E: my reaction, conflict between TRANSPARENCY and SECURITY

We had our first automated national election last year. The clamor has always been that the entire process should be observable, both from the technology and human standpoint. Dr. Jones presented specific areas where a need for transparency is evident as well as threats to security.

The voting system uses specific software. This is the one that the winning bidder promised to use. For purposes of transparency, how can one make sure that this promised software is in actuality the software used in the system?

All of our technical solutions to the problems described here rest on use of specific software in the voting system, at the tabulating center, or in portable devices. This raises the question, how can an observer assure himself or herself that the software that is actually in use is indeed the very same software that has been approved for use.

As long as it was declared that the software used is in accordance to what is in the bidding document, then, there seems to be no way for the public to determine its veracity. If there is already dishonesty in the software used, would you not expect dishonesty if the numbers that will be produced?

To be transparent, the voting system may be run using that software but only on a read-only access. This is because it may be possible that the contractor would like to protect the proprietary software. The next question that arises is that how can we be sure that the same processor as promised is being used? This process requires careful design of channels where transparency come into play. And there is a overwhelming interest from the public on the integrity of the election machinery. The interest is not only on the voting system acquired, but also in detail how this is tested. For purposes of transparency though, vendors usually show the public that it is being tested and that to prove that they are using the correct software, they physically produce the numbers that the public wants to see.

On the aspect of security, it was presented that there are flaws as far as this is concerned. But again, even the assessment of the voting system security may contain flaws. At the very instant that the software is acquired, security is not the biggest issue. It all starts with transparency. However, security issues are being emphasized when there are names seemingly lost, the voters cannot all vote, when numbers produce or printed are questionable and so on. Security does not only include the software security but most especially the data security. Even securing the data between locations upon transmission is a security issue. Hence, attempts have been done to ensure that the public sees the numbers from the ballot layout, to the totals in the precinct level. But the question again arises whether this is authentic. The authenticity now covers both transparency and security issue.

Too much transparency may compromise security. Does too much security compromise transparency? From the presentation, this is not always the case. Evaluating security strategies may be done by third party evaluators or assessors. Security system requirements are always included in the vendors’ proposals because this I presume is always required by the country. This should be clear and evaluating and verifying it should be easy for the evaluators or the assessing public.

Dr. Jones presentation gave us broad and specific areas where transparency and security come in conflict and personally, I agree with the points raised.

mabuhay ang organizers ng FIT4E ...