#8 - The case for Free Internet Voting for Small Groups

Thurston County election officials allowed voters to cast their ballots via the internet in 2000 to achieve the benefits of reduce election costs, improved turnout, and greater independence for voters with disabilities. Even though officials considered the pilot a success, and had no security breaches, they have not offered internet voting as an option since then because internet voting critics had identified possible security weaknesses in internet voting systems. Since that time, computer scientists, internet voting system vendors, and election officials have done much work to address those concerns. We believe that county and state election officials could regain their momentum to achieve the benefits of internet voting through several options including a partnership with educational institutions, such as colleges and universities, and a pilot project with selected counties. One option stands out in our minds, however - free internet voting for small groups - because it involves small initial costs to government and offers a gradual way to build trust in internet voting systems. Here is how it would work.

Several vendors offer internet voting systems or services. SafeVote.com has begun to offer their technology, through a "SafeVote Election Partner", as a free service to small groups "for elections, surveys, and decision-making, including Board meeting votes, private elections in associations and schools, by-law changes, budget approval, group decisions, focus groups, and user feedback." Under our proposal the Washington Secretary of State would partner with an internet voting vendor to maintain an "Internet Voting Portal" (IVP) web site where county officials within the state could create, in a self-service fashion, "Virtual Polling Stations" for small groups that want to conduct an election.

Imagine this scenario. You're a fire district official of a small rural district who needs to conduct an election for commissioners. You work as you normally do with your county's election officials. This time, however, instead of creating mail-in ballots, the county election officials use the Secretary of State's "Internet Voting Portal" to create a "Virtual Polling Station" (an URL hosted on the SoS IVP site) for the fire commissioner election. Depending on the features of the vendor's system, the process by which the county election official creates the virtual polling station could be as simple as:

• name the "Virtual Polling Station" uniquely
  
• select voters from the Secretary of State's online registration database who live within the boundaries of the fire district
• list the candidates and important information about them
• publish the site

The cost to the county is the staff time taken to gather information from the fire district official and to create the virtual polling station. The cost to the Secretary of State is the initial development time needed to integrate their online registration database with the vendor's system and then help desk, technical staff and hardware costs to maintain the portal. The savings to the SoS is that they do not have to purchase or maintain the internet voting system. The vendor would do that.

Why would a vendor do that? For the same reason that a wireless internet vendor partnered with the Legislature of Arizona to offer free wireless internet access in the capitol building - brand name exposure to an audience unaware of the benefits of the service and possible future revenue.

#7 - The Case for Internet Voting in Thurston County

The history of voting has seen hands raised high to express a preference, paper ballots, electronic voting machines, and the casting of electronic ballots from web browsers across the internet to an electonic ballot box. Although Thurston County election officials allowed voters to cast their ballots via the internet in 2000, and considered the pilot a success, they have not offered internet voting as an option for casting ballots since then. Lack of confidence in security features of internet voting systems at that time accounts for much of the hesitance to proceed further. Computer scientists, voting system vendors, and election officials have done much work since then to address those concerns. In the spirit of the California Internet Voting Task Force's recommendation to work toward internet voting in phases, we suggest moving to a new phase with the help of a technology evaluation project that would answer this question - is internet voting ready to raise confidence in the state's voting process.

#6 - WA State and Real ID/National ID

The Situation
Congress enacted a law called REAL ID in 2005 that prohibits federal agencies from accepting non-REAL ID compliant state drivers licenses for an official purpose such as boarding Federally-regulated commercial aircraft. Currently, security staff at airport security check points can use state drivers licenses as part of their decision about whether to allow you to board a plane. Lawmakers who passed the act considered the current procedures that states use for issuing drivers licenses too insecure. The REAL ID Act and its corresponding federal regulation (REAL ID Final Rule) attempts to make the process more secure. To receive a REAL ID-compliant drivers license, the applicant must submit to state DMVs certain prescribed documents that verify their identity and legal status. Those who cannot produce federally acceptable identity and legal status documents would not receive a REAL ID compliant drivers license from their state DMV. The REAL ID Act also required states to encode certain information about the applicant in the license card and in a national database. Several states, including Washington, enacted laws prohibiting their state agencies from implementing the REAL ID until the federal government provided funding and enacted stronger security and privacy provisions.

Section 7212 of the "9/11 Commission Implementation Act of 2004," had established a cooperative state-federal process, via a negotiated rule-making procedure, to create federal standards for driver’s licenses. The REAL ID act, however, repealed that section, turning the negotiated process into a legislated notice-and-comment process.

REAL ID required state DMVs to:

• accept a federally defined set of documents as proof of identity and as the basis for issuing the license
  
• verify these documents with issuers
• verify the citizenship status of all those who want a REAL ID-approved state driver's license or identification cards (EPIC)
  
• encode certain information on a person's drivers license
• store the same information about the person in a national database
  

The Information Required on the License
"To meet the requirements of this section, a State shall include, at a minimum, the following information and features on each driver's license and identification card issued to a person by the State:

• (1) The person's full legal name.
• (2) The person's date of birth.
• (3) The person's gender.
• (4) The person's driver's license or identification card number.
• (5) A digital photograph of the person.
• (6) The person's address of principle residence.
• (7) The person's signature.
• (8) Physical security features designed to prevent tampering, counterfeiting, or duplication of the document for fraudulent purposes.
• (9) A common machine-readable technology, with defined minimum data elements."

The Documentation Required to Obtain a License (Wikipedia)
Before a card can be issued, the applicant must provide the following documentation:

• A photo ID, or a non-photo ID that includes full legal name and birthdate.
• Documentation of birthdate.
• Documentation of legal status and Social Security number
• Documentation showing name and principal residence address.
• Digital images of each identity document will be stored in each state DMV database.

What this means is that anyone who cannot produce these documents will not receive a REAL ID compliant drivers license.

"DHS does not believe that this rule treats citizens and aliens differently--each is required to prove identity and lawful status to obtain a REAL ID driver's license." (REAL ID Final Rule, pg 5297)


The Problem
REAL ID:

• carries financial burdens for states without offering funding
• raises privacy concerns
• effectively institutes a National ID program
• makes the information more vulnerable to identity theft and misuse (ACLU)
  

The Opportunity
REAL ID offers the opportunity to:

• improve security at our borders
• possibly suppress identity fraud — but by a small amount (CATO referring to an OMB study)
  

Considerations
Critics:

• consider the bill an attempt to build a federal surveillance infrastructure (CATO)
  
• believe the bill does not adequately protect personal information, both on the drivers license and in the national database
  

References
Gregoire news release from March 2007
EPIC's Perspective
CATO link
ACLU
REAL ID Final Rule

#5 - Thoughts on eGov Business Case topics

Here are a few thoughts on topics for eGov business cases.

Aggregation of state agency rulemaking support sites into one portal.

Although a number of Washington state agencies maintain some rules and regulations presence on the web, Washington has no single site that helps the public:

• find and read materials that support proposed rules such as:
• cost-benefit analysis
• impact statements
• public comments
• agency analysis and rationale
  
• comment on proposed rules from any agency
  
• receive e-mail notifications and RSS feeds about changes to:
• specific wac sections, chapters, or titles
• topical areas of rules and regulations
• interact and collaborate during negotiated rulemaking efforts
  

Here is an example from Nebraska. The federal government also maintains a portal for regulations.

#4 - Net Neutrality - how concerned should we be that Broadband ISPs will regularly limit access to content, services, and applications?

Net Neutrality is a principle of good behavior among Internet players that observers feel telecom broadband internet providers have violated. Net neutrality holds that organizations who operate portions of the internet should not restrict: the kinds of equipment that others may attach; the modes of communication; access to content, sites or platforms; and will not unreasonably degrade other communication streams. [1] Deregulation of the Internet, and rules that govern how telecom companies control access, have some observers concerned that the major players in broadband internet access will limit user's access to Internet content on a regular basis. Although some telecom companies have already limited user's access, regulators have prevented broader transgressions. The nature of current regulations, competition, and the current arrangement for regulatory oversight will suffice to keep Internet content freely available to users, contributors, and operators.

The Problem

The following events [1] illustrate that telecom companies do limit Internet user's access to content, services and applications.

• In 2004, a North Carolina telecom company blocked its DSL customers from using Vonage VoIP service.
  
• In 2005, a Canadian telephone company blocked access to one of its labor union's web sites during a labor dispute.
• In April 2006, AOL blocked access to a website that expressed dislike for one of its new policies.
• In September 2006, Verizon Wireless prevented a pro-choice organization from sending text messages to its members.

Although telecom companies have in the past violated the equivalent telecommunications principle called common carriage, they have built a culture and developed relationships with regulatory bodies that have prevented large scale abuses of the principle. The low level of abuses occurs largely because of strong common carrier language [2] in current telecommunication service regulations and enforcement of those regulations. The Internet, on the other hand, is an information service, and has weaker language regulating the behaviors of broadband internet service providers. Critics consider the events described above as abuses and attribute them to the weaker language of information services regulations.

Possible Solutions
Columbia Law School professor Tim Wu coined the term Network neutrality. He believes the best way to avoid abuses, maintain neutrality, and promote equality of network use is to strengthen the language of information services regulations.

Although the FCC has not taken the step of making the language of current information services regulations stronger, it has shown its willingness to prevent abuses. For example, the FCC fined the North Carolina telecom company mentioned above $15,000 and forced them to restore the VoIP service. The willingness of the FCC to correct abuses should help keep internet access neutral. A change in that posture, however, would signal to me a need for stronger language, stronger enforcement, and the building of a culture of intolerance for discriminatory access practices on the part of internet users, contributors, and operators.

[1] - Wikipedia Net Neutrality
[2] - PowerPoint Presentation named "Net Neutrality" from Bob Bocher