April 28, 2008 | Volume 5, Issue 2
My Rights Versus Yours
Trade Secret Protection for Electronic Voting Machine Manufacturers and the Threat to Our Fundamental Right to Vote
This paper explores the issues raised by electronic voting machines over the past six years and the importance of transparency and accountability in our electoral process, especially in light of voting as a fundamental constitutional right. It concludes with a discussion of the measures taken by California and Ohio to thoroughly analyze their electronic voting systems, and describes a means for citizens in other states to petition their Secretaries of State to follow suit.
As the 2008 presidential election rapidly approaches, concerns regarding the security and accuracy of electronic voting machines remain. In the recent New Hampshire primary, site of Hillary Clinton’s surprise upset, commentators noted numerous irregularities across the state, including discrepancies between hand-counted and machine-counted ballots.1 Instances like these further undermine the already weak confidence American voters have in the integrity of the election process. If the upcoming general election results in a hotly contested race, it is crucial that electors cast their ballots using a voting system that has been verified through a rigorous and transparent process.
Currently, states are allowed to conduct their own certification of electronic voting machines, with the option to comply with federal standards promulgated by the United States Election Assistance Commission (EAC), a creation of the Help America Vote Act of 2002 (HAVA).2 Since this is a voluntary federal program, not all states participate, instead implementing their own testing and certification protocols.3 The 39 states that do participate in the federal program must subject all electronic voting machines to review by an EAC-accredited voting system test laboratory (VSTL).4 The laboratory tests the machines to ensure they comply with federal voluntary voting system guidelines (VVSG).5 Voting machine vendors send their systems to these testing centers, with which they contract independently, and provide the state with the facilities’ certification report.6 These documents are not made public; the Secretary of State normally just cites the fact that the machines have been examined by an accredited lab when she renders her decision regarding certification.7
The lack of transparency throughout this process is the result of protections accorded to the machines’ source codes under the Trade Secrets Act.8 Yet voting machines’ source codes contain critical information regarding their security flaws. Unfortunately, due to vendors’ claim that the source codes are trade secrets, this information is rarely even made available to Secretaries of State who certify the machines. But while trade secret protections are an important tool to encourage innovation, they are improper in the case of electronic voting machines, in light of the compelling public interest in impartial oversight and evaluation of the software that determines election outcomes.
Part I of this paper explores the issues raised by electronic voting machines over the past six years and cites multiple studies that demonstrate security vulnerabilities of the systems. Mounting evidence of these flaws heightened public concern regarding the integrity of our voting systems, which electoral irregularities in 2004 and 2006 exacerbated. Nonetheless, states continue to allow their electronic voting systems to be tested by just one entity: a laboratory paid directly by the vendor, whose recommendations are reviewed by elected officials. The process has resulted in states certifying systems with significant security failings, in part due to the fact that state reviewers are not kept abreast of the technological advances necessary to make accurate assessments of the laboratory-issued reports.
Part II explores the importance of transparency and accountability in our electoral process, especially in light of voting as a fundamental constitutional right. I will weigh the public interest in maintaining a legitimate electoral process against the interest in providing trade secret protections to voting machine vendors. Finally, I will compare the public interest in a transparent certification process to the interest of a criminal defendant in a DUI case. In recent Florida and Minnesota cases, criminal courts have demanded the release of Breathalyzer source codes to defendants charged with a DUI in light of the consequences associated with conviction. Applying similar reasoning to electronic voting machines, source codes should be made available upon request to independent reviewers seeking to verify the efficacy of the system, if they can demonstrate that their right to cast a vote may be otherwise compromised.
Part III concludes with a discussion of the measures taken by California and Ohio to thoroughly analyze their electronic voting systems, and describe a means for citizens in other states to petition their Secretaries of State to follow suit. If an election official will not protect the rights of her states’ electors due to voting machine manufacturers’ trade secret protection claims, courts should compel official action through a writ of mandamus. If they do not, many states will continue to use the machines that California and Ohio identified as significantly flawed, rendering the results of their elections questionable.
I. The Rise of Electronic Voting Machines, the Fall of Voter Confidence
The Help America Vote Act (HAVA) of 2002 sought to remedy the failings of the 2000 election by requiring states to use federal funds to replace all punch card and lever voting systems with computerized ones by January 1, 2006.9 The Act also provided guidance regarding minimum requirements for testing and certification of all new voting systems, along with voting system standards.10 The federal body designated with developing these voting system standards is the Election Assistance Commission, a creation of HAVA.11
Electronic voting systems commonly used by states include optical scanning machines and DREs. DREs are touch-screen, computer-based machines that may or may not produce a paper record when voting is completed, depending on the model used.12 In the 2006 presidential election, an estimated 66 million voters across the nation cast their ballots on a DRE.13 Optical scan machines use paper ballots, where voters fill in the bubble next to their preferred candidates’ names, and the machine scans and counts their votes.14 Election Data Services estimates that in 2006 over 69 million American electors voted on an optical scan machine.15
Most concerns regarding electronic voting machines focus on paperless DREs, where once a ballot is cast there is no way to ensure that the machine recorded it accurately.16 Studies of these systems’ software exposed numerous security and reliability flaws and validate any apprehension. In 2004, a group of researchers from Johns Hopkins University conducted a security analysis of a DRE source code that had been inadvertently leaked on the internet. Their study revealed that the DRE “voting system is far below even the most minimal security standards applicable in other contexts… [V]oters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal software.”17 The machine’s code did not use any cryptography, making it very easy for an attacker to insert his or her own smartcard into the terminal, casting multiple votes or prematurely shutting down a polling place.18
The Johns Hopkins team was not able to perform a complete assessment of the DRE model at issue19, because only a portion of the source code was available on the internet. Source code is defined as follows:
bq. [T]he set of instructions that govern the abilities of computer software. A computer programmer writes the source code in a programming language… such as… Java. Once the source code is completed, the programmer ‘compiles’ the code, a process by which the English-like programming language is translated into a binary code that the computer hardware can understand… Once compiled, ... the source code cannot reliably be decompiled, making access to the exact original source code underlying the software program nearly impossible… [C]ommercial software developers usually distribute only the compiled software program unaccompanied by the source code as one of the primary protections for their intellectual property and trade secrets.20
The manufacturers of electronic voting machines use “proprietary code”, software distributed without the source code.21 Their programmers claim that proprietary code is necessary to protect their intellectual property, yet this protection creates uncertainty regarding how a DRE’s software records and counts votes.22 Furthermore, it forces a certification process that is neither transparent, nor sufficiently rigorous to expose the types of security flaws detected by the Johns Hopkins team.
In 2005, the Commission on Federal Election Reform, co-chaired by President Jimmy Carter and former Secretary of State James Baker, proposed a solution to the conflict between a transparent voting process and the proprietary interests of manufacturers.23 They recommended that “all voting machine manufacturers escrow their source code with the National Institute of Standards and Technology. The escrowed source code would then be made available only to qualified individuals such as computer science experts employed by universities…”.24 Using this scheme, information technology professionals could subject the source code to vigorous scrutiny and disclose security vulnerabilities to the public, but not the source code.25 The Commission recommended that states subject their voting systems to this heightened level of scrutiny, noting that “when California conducted a mock election with new voting machines in 2005, it found unacceptable rates of malfunctions that were not apparent in lab tests.”26
Subsequent studies echoed the concerns raised by the Hopkins and Carter reports,27 and problems encountered by voters in recent elections have magnified them. According to an NBC/Wall Street Journal poll conducted following the 2004 election, more than twenty-five percent of American voters believed the presidential vote-count was unfair, with just one-third of African-American voters indicating their belief that the vote was ‘accurate and fair’.28 Commentators note the “growing distrust in the elections process… [S]ignificant numbers of… voters, including Republicans, have expressed concern over the integrity of the electoral process.”29
Some of these concerns are due to the perception that election officials allow partisan thinking to shape their electoral policies and practices.30 But the persistence of electronic voting machine irregularities, despite technological improvements, spurs much of the alarm. In Florida, where much attention was paid to ensuring electoral integrity in the 2004 election, the following problems occurred:
Almost 40 votes on electronic voting machines were lost in Boynton Beach because of a power failure; 14,000 had to be recounted in Volusia County after a memory card failed; a ballot tabulator in Broward County started counting backwards after reaching 32,000 ballots; computer error gave wrong figures to Escambia County voting officials; and nearly 270 votes were found in a box in Pinellas County two weeks after the election.31
Incidents like these occurred across the country in 2004, and likewise in the 2006 elections.32
The diminished faith in the reliability of our voting systems prompted some states to ban the use of paperless DREs, or to decertify models previously employed.33 Others, such as California and Ohio, followed the recommendations of the Carter commission, and conducted a thorough analysis of their voting machine technology, including the source code, using experts in the field of computer science from various private businesses and academic institutions.34
The results of their studies confirm why the current system employed by most states is so flawed: almost all electronic voting machine source codes subjected to vigorous testing were deemed unfit for electoral use.35 These same machines are employed in many states across the country, certified by federally-approved laboratory testing facilities.36 It is troubling, to say the least, that the same machines that Ohio determined “do not meet computer industry security standards and are susceptible to breaches of security that may jeopardize the integrity of the voting process”37, are the same machines recently recertified by the Pennsylvania Secretary of Commonwealth.38
II. The Right to Vote vs. The Right to Protect Code?
The Supreme Court has long acknowledged that voting is a fundamental right under our constitution.39 The Court couches this recognition in the understanding that “[o]ther rights, even the most basic, are illusory if the right to vote is undermined.”40 The security flaws plaguing electronic voting machines, the lack of transparency regarding their certification process, and the flurry of litigation following recent elections have all served to undermine the ability of our electorate to faithfully exercise their voting rights. If voters’ ballot choices can be easily manipulated by third parties seeking to throw an election, leaving no trace, a shadow of doubt will always be cast on the results of close elections.41 This is true even in situations where there has been no impropriety.42
Commentators predict that in the upcoming presidential election “the possibility of another razor-close election [is] fairly likely in one or more battleground states.”43 While some factors posing a potential threat to an accurate vote count in these states are not easily controllable – human error, for example – the decision to used flawed technology that has not been subjected to vigorous testing is controllable. When election officials accept the assertion that voting machine manufacturers’ source code need not be scrutinized by a variety of independent experts, they place the rights of those manufacturers above the rights of their electorate. As commentators note, allowing this to continue is inconsistent with the important role elections play in our democracy.44 “Elections… require a heightened form of transparency and accountability, to ensure the public their fundamental right to vote… A voting system operating in secret through a proprietary code… is fundamentally inappropriate to a public function of such vital importance.”45
The United States Constitution also recognizes the importance of providing protection to innovators in order to “promote the progress of science and the useful arts.”46 Intellectual property law derives much of its authority from this Constitutional provision. Under the federal Trade Secrets Act, any federal government employee who “publishes, divulges, discloses, or makes known in any manner… not authorized by law any information coming to him in the course of his employment or official duties… trade secrets… shall be fined under this title, or imprisoned not more than one year, or both; and shall be removed from office or employment.” Generally, courts will recognize information as a trade secret if the owner has taken measures to keep the information secret, and that the information derives value from the fact of its secrecy.47
Federal courts also recognize that the Trade Secrets Act should not be a guarantee of confidentiality.48 If an industry is the “focus of great public concern and the subject of government regulation,” the federal government may find disclosure of trade secrets necessary in order to promote the public interest.49 This reasoning may provide the justification for the limited disclosure process used to certify electronic voting machines. Applying that rationale, state governments may request the release of software and source code information to a voting system test laboratory (VSTL) which reviews the software and makes a recommendation regarding certification.50
But this limited disclosure has not done enough to ensure the public interest is protected in all states, as evidenced by the disparate findings in Ohio and Pennsylvania.51 If state election officials decline to call for an independent analysis of the machines and their source codes, individual voters have little recourse. That is why, in light of the fundamental constitutional right at stake, courts must recognize individuals’ rights to request the release of the source code to an independent body of experts, who will subject the code to the sort of testing that will reveal whether vulnerabilities in the code compromise citizens’ right to vote.
Two courts have recognized an individual’s right to source code in the context of a criminal DUI prosecution. One court relied on Florida’s implied consent law,52 while the other cited a provision in the contract between a software vendor and the State of Minnesota. In State of Florida v. Carole Mae Bjorkland, an unpublished opinion, the County Court approved a defendant’s motion to compel the production of the source code for the Breathalyzer used to establish her guilt.53 The defendant claimed she needed production of the source code in order to determine whether it was in compliance with Florida law.54
In approving the motion, the court cited a provision of the implied consent law that requires the state to provide, upon request, “full information” regarding any machine used to test an individual.55 The court held that full information includes the source code, which is “an integral part of the [Breathalyzer].”56 The court indicated that failure to provide the code to the defense for inspection “is tantamount to granting the state authority to use confidential information (i.e. the software code) to establish the guilt of a criminal defendant.”57
Throughout its opinion, the Florida court cites the consequences associated with a guilty verdict as grounds for its decision.58 “An instrument or machine that if believed, establishes the guilt of an accused subjecting them to fines, loss of driving privileges, and loss of freedom should be made available to the defense for open inspection.”59 Citing Florida evidentiary law that permits the disclosure of trade secrets if failure to do so would “work injustice”, the court held that “where defendants face criminal sanctions… to permit the state to assert a trade secret on behalf of its contractor” would be contrary to the purpose of the relevant statutes.60
In 2007, the Supreme Court of Minnesota denied a request for a writ of prohibition seeking to prevent a district court from enforcing a discovery order that compelled the state to produce a Breathalyzer source code.61 In the opinion, the Court relied upon the contractual provision between the manufacturer and the state of Minnesota, which stated in part: “All right, title, and interest in all copyrightable material… which arises out of the performance of this Contract, will be the property of the State.”62 Finding that the contract between the manufacturer and the state resulted in the state owning the Breathalyzer source code, the Court held that the district court did not abuse its discretion in compelling production of the code.63 Upholding the district court’s jurisdiction over the issue, the Court cited Minnesota law permitting a defendant to challenge the reliability of a testing instrument used to establish guilt.64
While these Breathalyzer cases cannot be applied directly to the issue of electronic voting machine source codes, advocates may point to them as instances when courts were willing to limit proprietary code rights when other rights were at stake. That being the case, could the fundamental right to vote trump the right to source code protection? Could a Pennsylvania voter, whose Secretary of State recertified the same flawed machines recently decertified in other states, compel the Secretary to release the machines’ source code to a panel of independent experts?
III. Go the Way of California and Ohio: How Two Secretaries Tipped the Balance in Favor of Voting Rights
In 2007 two Secretaries of State, Jennifer Brunner of Ohio and California’s Debra Bowen, ordered a “top-to-bottom review of the voting machines certified for use” in their respective states.65 This review included the release of the machines’ source code to independent software security experts from the University of California, Berkeley, the University of Pennsylvania, and Pennsylvania State University.66 The experts’ thorough review of the code sought to “restore the public’s confidence in the integrity of the electoral process and to ensure that… voters… cast their ballots on machines that are secure, accurate, reliable, and accessible.”67
The conclusions reached by researchers in both states were similar. Jennifer Brunner, citing the Ohio panel’s “disturbing” conclusions, indicated that “the findings in this study indicate that the computer-based voting systems in use in Ohio do not meet computer industry security standards and are susceptible to breaches of security that may jeopardize the integrity of the voting process.”68 Debra Bowen withdrew her approval of many electronic voting machines used in California after concluding that: “[E]xpert reviewers demonstrated that the physical and technological security mechanisms provided by the vendors for each of the voting systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results.”69
Of note is that in both California and Ohio the voting machine manufacturers complied with the Secretaries’ of State demands to release the source code to the independent panel of experts.70 Therefore, it seems likely that manufacturers would respond similarly to requests brought by Secretaries from other states. But what about those Secretaries that refuse to call for the code release? What recourse will electors from states like Pennsylvania have?71 The answer may turn on statutory interpretation of Pennsylvania’s Election Code, and citizens’ rights to petition their government for relief when Constitutional rights are threatened.
Section 3031.7 of the Pennsylvania Election Code requires all electronic voting machines used in the Commonwealth to be “suitably designed and equipped to be capable of absolute accuracy, which accuracy shall be demonstrated to the Secretary of the Commonwealth.”72 Further, a voting machine is acceptable if it “records accurately and computes and tabulates accurately every valid vote registered.”73 The Election Code charges the Secretary of State with the responsibility to ensure that all machines employed comply with these standards; his certification of the machines indicates that they are in compliance.74 If there is some doubt about that fact, Section 3031.5 of the Code provides that, “Any ten or more persons, being qualified registered electors of this Commonwealth, may, at any time, request the Secretary… to reexamine any electronic voting system theretofore examined and approved by him.”75
In March of 2006, ten electors asked the Secretary of the Commonwealth to reexamine the recently recertified machines, due to concerns regarding their accuracy and security.76 The Secretary denied their request.77 In response, twenty five electors filed a petition for mandamus, seeking an order “directing the Secretary to de-certify DREs [and] to establish uniform testing criteria that comply with the Election Code.”78 In a 2007 opinion, a Commonwealth court judge overruled all sixteen of the Secretary’s preliminary objections to the petition.79 Finding that the Secretary was certifying DREs “without regard to the requirements of the Election Code”80, the court held that a writ of mandamus was appropriate in light of the Constitutional injury involved.81
A petition for mandamus “is an extraordinary remedy designed to compel official performance of a… mandatory duty where there exists a clear legal right in the plaintiff and a corresponding duty in the defendant …”.82 The Secretary asserted that the plaintiffs were not entitled to mandamus relief because “[e]lectors do not have a clear right to have the Secretary re-examine a DRE in a particular manner.”83 (Emphasis added). Since the voters did not request that the Secretary adopt a particular method when reexamining the machines, the court did not consider that issue.84 However, the court did note that the “Secretary’s testing procedures do not approximate those that are customary in the information technology industry for systems that require a high level of security. The Secretary does not perform a ‘code audit’ ... ”.85
Since the court found that the Secretary’s certification procedures do not approximate those necessary to conduct a thorough assessment of any system requiring enhanced security capabilities, could voters request that he implement a specific certification methodology? That is, do voters have the right to request the release of the machines’ source code to an independent panel of computer software experts, as part of the Secretary’s certification process?
This note suggests that they do, in light of the fact that other procedures conducted to test the security of the process, (i.e., source code review by an in-house security expert or third party laboratory), have not identified the security vulnerabilities of electronic voting systems to the same extent that vigorous source code review has. If probing analysis of a machine’s source code is the only way to ensure that the device will accurately tabulate votes, and it is the duty of the Secretary to certify that the machines do so, then, in light of the threat to the fundamental right to vote, electors have a clear right to compel official performance. Therefore, courts should recognize electors’ rights to compel their Secretaries of State to demand the release of source code from voting machine vendors. Once the Secretary is in possession of the code, she should transfer its control to an expert panel, who will thoroughly analyze the code to determine whether it is fit for use in an election.
Conclusion
The 2008 general election is months away, and more than 10 swing states have a medium-to-high risk of having their election results affected by electronic voting machine malfunction or tampering.86 These states employ machines that have passed VSTL certification tests, but have not had their source codes subjected to independent review. To protect the voting rights of these electors, state election officials must not accede to pressure from voting machine manufacturers seeking to protect their source code. Instead, they should require that all manufacturers release the code to a panel of independent reviewers. Not only will this review identify potential security vulnerabilities in the code, but it will signal to manufacturers that their product will be subjected to greater scrutiny than it has in the past.
Without the right to cast a ballot on a secure and reliable machine, the right to vote is illusory. If election officials refuse to protect the rights of their state electors, advocates should petition for relief under the provision of their state election code that governs certification of voting machines. Courts should recognize these advocates’ right to relief. As Justice Black noted in Wesberry, “the right to vote is too important in our free society to be stripped of judicial protection…”.87 The United States cannot afford another disputed election, nor can we tolerate a result that does not reflect the will of the electorate. If our elected officials will not take steps to ensure the integrity of our electoral process, it is proper for the judiciary to compel them to do so.
1 Kucinich for President, www.dennis4president.com. (Accessed January 25, 2008). (In the days following the New Hampshire primary, Dennis Kucinich sent a letter to the New Hampshire Secretary of State, requesting a recount because of “unexplained disparities between hand-counted ballots and machine-counted ballots”. )
2 United States Election Assistance Commission, Testing and Certification Program Manual, 1 (January 2007). Available at: http://www.eac.gov/voting%20systems/docs/certification-docs-certification-program-manual-omb-3265–0004-exp-6–30-2010.pdf/attachment_download/file (Accessed January 25, 2008).
3 United States Election Assistance Commission, Frequently Asked Questions, 2 (January 2007). Available at http://www.eac.gov/voting%20systems/docs/faqs.pdf/attachment_download/file. (Accessed March 4, 2008).
fn4. Id.
5 United States Election Assistance Commission, Voluntary Voting System Guidelines Fact Sheet, Available at: http://www.eac.gov/voting%20systems/voluntary-voting-system-guidelines-fact-sheet. (Accessed March 4, 2008).
6 United States Election Assistance Commission, supra note 3, at 1.
7 Aviel Rubin et al., Analysis of an Electronic Voting System, 4 (2004). Available at http://avirubin.com/vote.pdf (Accessed March 20, 2008).
8 Trade Secrets Act, 18 U.S.C. §1905 (2002).
9 Help America Vote Act, 42 U.S.C. §15301 (2002).
10 Id.
11 Id.
12 The Brennan Center for Justice, The Machinery of Democracy: Protecting Elections in an Electronic World, Figure 1, 14 (2006). Available at http://brennan.3cdn.net/52dbde32526fdc06db_4sm6b3kip.pdf (Accessed March 20, 2008).
13 Election Data Services, Press Release, February 6, 2006.
14 Brennan Center for Justice, Machinery of Democracy, supra note 12, at 14.
15 Id.
16 Andrew Massey, “But We Have to Protect Our Source!”: How Electronic Voting Companies’ Proprietary Code Ruins Elections, 27 HASTINGS COMM. & ENT. L.J. 233, 234 (2004).
17 Rubin, Analysis of an Electronic Voting System, supra note 7, at 1.
18 Id. at 9–11.
19 Id. at 4. (The Diebold Accuvote –TS, one of the most widely used DREs in the nation.)
20 Massey, “But We Have to Protect Our Source!”, supra note 16, at 238–239.
21 Id. at 239.
22 Id. at 242.
23 American University, Center for Democracy & Election Management, Building Confidence in U.S. Elections: The Report of the Commission on Federal Election Reform, 27 (2005). Available at http://american.edu/ia/cfer/report/full_report.pdf (Accessed March 20, 2008).
24 Stephanie Philips, The Risks of Computerized Election Fraud: When Will Congress Rectify a 38-Year-Old Problem? 1148, 57 ALA. L. REV. 1123 (2006).
25 Id.
26 Id. at 1149
27 See Thomas P. Ryan and Candice Hoke, GEMS Tabulation Database Design Issues in Relation to Voting Systems Certification Standards (2007). Available at: http://www.usenix.org/events/evt07/tech/full_papers/ryan/ryan.pdf. (Accessed March 2, 2008).
28 Richard L. Hasen, Beyond the Margin of Litigation: Reforming U.S. Election Administration to Avoid Electoral Meltdown, 62 WASH. & LEE L. REV. 937, 942 (2005).
29 Id. at 982–983.
30 Id.
31 Id. at 953.
32 See Common Cause, High Profile Paperless Voting Machine Failures, Available at: http://www.commoncause.org/site/pp.asp?c=dkLNK1MQIwG&b=3871663. (Accessed on March 4, 2008). See also Bill Toland, If You Think the Computer ‘Flipped Your Vote’ You’re Not Alone; Though Solid Evidence Is Hard to Pin Down, Complaints Abound About Voting Machines, A8, Pittsburgh Post-Gazette (December 10, 2006).
33 See Colorado’s Republican Secretary of State De-Certifies E-Voting Machines After Failed Testing, www.NationalExpositor.com (Accessed January 26, 2008). (California, Ohio, Florida, and Colorado have all taken steps over the past year to move from paperless DREs to optical scan machines using paper ballots.)
34 See Brunner, infra note 59. (Voting machine manufacturers cooperated with the States’ request to provide the source codes of all voting equipment.)
35 Id.
36 The Commonwealth of Pennsylvania, Department of State, Amended Certification of the Diebold Election Systems’ Accuvote TSX Direct Vote Recording Electronic Voting System. Available at http://www.hava.state.pa.us/hava/lib/hava/votingsystemexamination/ Diebold_AccuVote_TSX_Electronic_Voting_System_(Amended)_011706.pdf (Accessed March 2, 2008). (In Pennsylvania, the Diebold Accuvote TSX, initially decertified by the Secretary of State, became recertified after Diebold officials, “responded, to the satisfaction of the Secretary and his consultant, to the questions raised by the Department” in a letter to the Secretary.)
37 Brunner, infra note 63, at 74.
38 PA Department of State, supra note 24.
39 See Reynolds v. Sims, 377 U.S. 533, 562 (1964), “As long as ours is a representative form of government… the right to elect legislators in a free and unimpaired fashion is a bedrock of our political system.” See also Wesberry v. Sanders, 376 U.S. 1, 14 (1964), “No right is more precious in a free country than that of having a voice in the election of those who make the laws under which, as good citizens, we must live.”
40 Wesberry, 376 U.S. at 14.
41 See Calandrino et al., Source Code Review of the Diebold Voting System, 1 (2007). Available at http://www.sos.ca.gov/elections/voting_systems/ttbr/diebold-source-public-jul29.pdf. (Accessed March 2, 2008). “By breaking the seal on just one voting machine, a criminal could launch a vote-stealing virus that could spread to every machine in a county.”
42 See Hasen, supra note 17, at 947. (“[F]airly serious problems with vote counting technology, inconsistent rules for counting and aggregating votes, and potential human error make the American election administration system a poor measuring device when there is a close election requiring election officials to produce an exact count of votes. In a very close election, the margin of error is likely to exceed the margin of victory.”)
43 Id. at 944.
44 Massey, supra note 11, at 242.
45 Id.
46 U.S. Const. Art. I, 8, cl.8.
47 See Economic Espionage Act of 1996, 18 U.S.C. §1831, see also Mai Systems Corp. fn48. Peak Computer, Inc. 991 F.2d 511 (1993).
49 Ruckelshaus v. Monsanto, 467 U.S. 986 (1984).
50 Id. at 1007.
51 See David Wagner, A Primer on Source Code and Its Role in Elections, 2 (2007). Available at http://www.sos.ca.gov/elections/voting_systems/ttbr/source_code_info.pdf. (Accessed on March 2, 2008). (“Five states appear to require source code for certified voting systems prior to their use (FL, NY, TX, UT) or have the authority to demand source code at their discretion (CA). Two states go farther and require that the vendor provide source code to representatives of the major parties upon request (NC, MN)”.)
52 See generally Brunner, infra note 63; see also Pennsylvania Department of State, supra note 36.
53 §316.1932(1)(a), Fl. Stat. (2005).
54 Case No: 2004 CT 014406 SC (2004).
55 Id. at 2.
56 Id.
57 Id. at 5.
58 Id. at 4.
59 Id. at 4, 7.
60 Id. at 4.
61 Id. at 7.
62 In Re: Commissioner of Public Safety, 735 N.W.2d 706 (Minn. 2007).
63 Id. at 708.
64 Id. at 713.
65 Id. at 711.
66 State of California, Secretary of State Debra Bowen, Voting Systems Review, http://www.sos.ca.gov/elections/elections_vsr.htm, (Accessed on March 2, 2008).
67 State of Ohio, Ohio Secretary of State Jennifer Brunner, Project EVEREST: Evaluation and Validation of Election Related Equipment, Standards, and Testing, Report of Findings, 35. Available at http://www.sos.state.oh.us/sos/info/EVEREST/00-SecretarysEVERESTExecutiveReport.pdf (Accessed on March 2, 2008).
68 Debra Bowen, Voting Systems Review, supra note 65.
fn69.Jennifer Brunner, Project EVEREST, supra note 66, at 74.
70 State of California, Secretary of State Debra Bowen, ??WITHDRAWAL OF APPROVAL OF
DIEBOLD ELECTION SYSTEMS, INC.,GEMS 1.18.24/AccuVote-TSWAccuVote-OS DRE & OPTICAL SCAN VOTING SYSTEM AND CONDITIONAL RE-APPROVAL OF USE OF DIEBOLD ELECTION SYSTEMS, INC.,GEMS 1.18.24/AccuVote-TSX/AccuVote-OS DRE & OPTICAL SCAN VOTING SYSTEM??, Available at: http://www.sos.ca.gov/elections/voting_systems/ttbr/diebold_102507.pdf. (Accessed March 2, 2008).
71 See Brunner, supra note 50, at 73.
72 Common Cause lists Pennsylvania as one of 17 states that have a high “possibility that a miscount caused by machine malfunction or tampering could alter the outcome of an election.” Common Cause, Voting at Risk: 2008, Available at: http://www.commoncause.org/site/pp.asp?c=dkLNK1MQIwG&b=3878953. (Accessed March 4, 2008).
73 Requirements of Electronic Voting Systems, 25 P.S. §3031.7(11).
74 Id. at (12).
75 Examination and approval of electronic voting systems by the Secretary of the Commonwealth, 25 P.S. §3031.5(a).
76 Id.
77 Banfield v. Cortes, 922 A.2d 36, 41 (Pa. Cmmwlth. 2007).
78 Id.
79 Id. at 41–42.
80 Id. at 42.
81 Id. at 43.
82 “[E]lectors have a right under Article I, Section 5 of the Pennsylvania Constitution to have their votes honestly counted… because Electors have no way of knowing whether their votes will be honestly counted by DREs that are not reliable or secure and that provide no means for vote verification or vote audit, Electors have pled injury under Article I, Section 5.” Id. at 48.
83 Id. at 42.
84 Id.
85 Id.
86 Id. at 41.
87 Common Cause, supra note 58. (E-voting machines in Pennsylvania, Florida, and New Jersey have a high risk of failure, while the machines used in Oregon, Colorado, New Mexico, Wisconsin, Michigan, Ohio and New Hampshire have a medium risk.)
88 Wesberry, 376 U.S. at 7.