[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Initial comments on Boulder County RFP #4717-06 for election system

I submitted the comments below to 
 http://www.co.boulder.co.us/clerk/elections/RFP/471706.htm

but that form is badly designed and completely destroyed all
formatting.  Please accept this form of my input instead, and provide
an RFP more suited to commentary, with more time allotted, as
discussed below.

Thank you,

Neal McBurnett                 http://bcn.boulder.co.us/~neal/
Signed and/or sealed mail encouraged.  GPG/PGP Keyid: 2C9EBA60


To begin with, let me urge the Clerk and Commissioners to carefully
consider the other comments from the public, including especially
those from the ACLU, Joe Pezzillo, Ralph Shnelvar, and Al Kolwicz.

The timing and process of developing this RFP is deeply flawed.  I've
had out-of-town guests during the two business days (!) allowed for
comment.  The form in which the RFP was released makes study and
commentary very difficult, and provides yet another example of the
generally opaque way the Clerk is conducting elections.

The Clerk and or County evidently took special steps to ensure that
the PDF file cannot be searched online, nor can text be copied and
pasted to our responses.  This is unacceptable because it makes it
unnecessarily difficult to even check whether critical issues like
disclosure of source code, conformance with the lastest EAC Voluntary
Voting System Guidelines, etc is included.  It similarly makes it
difficult for vendors to respond.  This is unaccepable for any
government document.  In contrast, e.g., the state of Massachusetts is
about to require that all government documents be produced in the Open
Document standard.  Boulder should follow that lead, and require it of
its contractors also.  Public information must be easy to work with.

The clerk must re-issue the RFP in a form that can be easily searched
for keywords, and from which text can be copied and pasted.  The
public should be allowed much more time for commentary before the RFP
is issued.  The quality of Boulder's voting system depends on a good
RFP, and this is no way to produce it.

Similarly, the RFP itself must require that the vendor responses
be in a searchable format suitable for copy-and-paste.

Section 3.9: requires the vendor to describe compatibility of a DRE
with Hart's Ballot Now system.  But as the ERC documented,
Hart has refused to produce a spec for Ballot Now that includes
information necessary to describe such compatibility.
E.g. acceptable engineering tolerances for what a valid ballot must look
like are unavailable.

The RFP must require support for statistically valid audits as
described at
 http://www.coloradovoter.net/moin.cgi/ManualCountAudit

The evaluation should include preferences for Fully Disclosed, Open
Source and Free software as described at

 http://bcn.boulder.co.us/~neal/elections/disclosure.html

and for expert third-party security evaluations.

In section GC-25: the confidentiality requirements are overly broad
and harmful

Other quick notes:

 Clerk should demand HAVA requirement delay ala
   http://www.themmob.org/hava/havaactions.html
 Clerk should focuse RFP on minimum requirements of the law as recommended
  by Kolwicz.
 Clerk should give preference to Ballot Marking equipment
 Clerk should ask for hand-count systems like the Swiss system.

Finally, note that the citizens helped the clerk avoid disaster 2
years ago when the clerk wanted to buy DREs.  We successfully
predicted problems the last two years when the clerk didn't follow the
rest of our recommendations.  Please leverage the collected advice of
the citizens, which has been demonstrated to contitute the
best-informed and wisest input at your disposal.  Our democracy
ultimately depends on it.