Diebold v. North Carolina Board of Elections
With Nowhere Left to Hide, Diebold Pulls Out of North Carolina
Posted by Matt Zimmerman
Following a flurry of litigation that found EFF fighting both alongside and against the state Board of Elections, Diebold on Thursday withdrew from the North Carolina procurement process, ceding the state’s voting machine business to rival ES&S.
In November, Diebold filed suit against the North Carolina Board of Elections in an effort to be exempted from a state requirement that vendors place into escrow (among other things) all source code “that is relevant to functionality, setup, configuration, and operation of the voting system.” The code would be available to the Board of Elections and the chairs of the state political parties for review so that they could look for security vulnerabilities, to the extent they wanted to make such an effort. Diebold argued to the Superior Court that it simply couldn’t meet that requirement, at least in part because they relied so extensively on third party software for critical system functions. EFF intervened in the case on behalf of local voter integrity advocate Joyce McCloy and succeeded in convincing the judge to dismiss the case, leaving Diebold on the hook for criminal and civil penalties if they failed to comply.
Undaunted, and despite Diebold’s admission that it could not meet these requirements, the Board of Elections agreed three days later to certify Diebold.
EFF filed suit against the Board of Elections the next week, arguing that the Board had violated its own obligations to perform extensive security-related tests of all of the code on all certified systems prior to certification. The Board of Elections argued that even though the statute refers to a mandatory pre-certification review of “all” source code, third party software should for some reason be exempted from this process. The court, faced with conceding that the Board of Elections had bungled their certification obligations from the start of the process, denied EFF’s motion. But for Diebold, the damage was already done.
After EFF Litigation, Diebold Pulls Out of North Carolina
Evidentiary Hearing Set for North Carolina E-Voting Certification
Posted by Rebecca Jeschke
As you may know, EFF filed suit last week on behalf of voting integrity advocate Joyce McCloy, arguing that the North Carolina Board of Elections ignored its obligation to test all electronic voting system source code before certifying those systems for use in the state. Wednesday, the judge in the case asked for further briefing on the issue and additional oral argument in a hearing set for Dec. 21.
At issue is North Carolina’s tough election transparency law, which requires the Board of Elections to review all e-voting code “prior to certification.” However, on Dec. 1, the board certified voting systems from Diebold Election Systems, Sequoia Voting Systems, and Election Systems and Software without having first obtained — let alone reviewed — the system code.
North Carolina voters like McCloy have reason to be worried. The state suffered a serious e-voting malfunction in the 2004 presidential election, when over 4500 ballots were lost in asystem provided by UniLect Corp. Meanwhile, e-voting vendors continue to hide their proprietary systems from meaningful review. So we appreciate that the judge recognized the seriousness of the issue, and we’re looking forward to the hearing Wednesday. [Permalink]
December 8th, 2005
North Carolina Sued for Illegally Certifying Voting Equipment
EFF Asks Court to Void Approval of Diebold and Others Without Source Code Review
Raleigh, North Carolina – The Electronic Frontier Foundation (EFF) on Thursday filed a complaint against the North Carolina Board of Elections and the North Carolina Office of Information Technology Services on behalf of voting integrity advocate Joyce McCloy, asking that the Superior Court void the recent illegal certification of three electronic voting systems.
December 2nd, 2005
North Carolina Illegally Certifies Diebold E-voting System
Board of Elections Ignores Rules to Escrow Code, Identify Programmers
Raleigh, North Carolina – The North Carolina Board of Elections certified Diebold Election Systems to sell electronic voting equipment in the state yesterday, despite Diebold’s repeated admission that it could not comply with North Carolina’s tough election law. The Electronic Frontier Foundation (EFF) believes that this raises important questions about the Board of Elections’ procedures as well as the integrity of Diebold’s bid for certification.
Diebold, North Carolina, and the Immaculate Certification
Posted by Matt Zimmerman
On Monday, EFF went to superior court in North Carolina in order to challenge e-voting recidivist Diebold and their attempt to skirt the state’s strong new election transparency rules. Diebold pleaded with the court for an exemption from the statute’s requirement to escrow “all software that is relevant to functionality, setup, configuration, and operation of the voting system” and to release a list of all programmers who worked on the code because… well… it simply couldn’t do it. It would likely be impossible, said Diebold, to escrow all of the third party software that its system relied on (including Windows).
What a difference a few days make.
Despite Diebold’s asserted inability to meet the requirements of state law, the North Carolina Board of Elections today happily certified Diebold without condition. Never mind all of that third party software. Never mind the impossibility of obtaining a list of programmers who had contributed to that code.
And never mind the Board of Election’s obligation to subject all candidate voting systems to rigorous review before certification:
“Prior to certifying a voting system, the State Board of Elections shall review, or designate an independent expert to review, all source code made available by the vendor pursuant to this section and certify only those voting systems compliant with State and federal law. At a minimum, the State Board’s review shall include a review of security, application vulnerability, application code, wireless security, security policy and processes, security/privacy program management, technology infrastructure and security controls, security organization and governance, and operational effectiveness, as applicable to that voting system.”
(See updated 163-165.7(c)).
What’s next? As a result of EFF’s successful court challenge on Monday, Diebold is still on the hook for criminal and civil liability for failing to meet the escrow and programmer disclosure requirements of the statute. But as today’s developments indicate, the North Carolina state government apparently doesn’t have the stomach to resist the full-court press of Diebold, even if it means utterly ignoring statutory obligations. [Permalink]
November 28th, 2005
EFF Convinces North Carolina Judge To Throw Out Diebold E-Voting Case
E-Voting Company Forced to Comply with Election Transparency Laws
Raleigh, North Carolina – Responding to arguments made by the Electronic Frontier Foundation (EFF), a North Carolina judge today told Diebold Election Systems that the e-voting company must comply with tough North Carolina election law and dismissed the company’s case seeking broad exemptions from the law.
November 28th, 2005
North Carolina Judge Throws Out Diebold E-Voting Case
Posted by Rebecca Jeschke
EFF helped score a big win for election transparency in North Carolina today, convincing a North Carolina judge to dismiss Diebold’s attempt to evade the state’s tough electronic voting regulations.
North Carolina has enacted one of the most robust laws in the country, requiring that e-voting companies put their source code in escrow and release the names of all the programmers. But earlier this month — on the day that voting equipment bids to the state were due — Diebold said it could not comply. In a last-minute filing to a North Carolina superior court, Diebold was granted a temporary restraining order that would allow it to continue with the bidding process without criminal or civil liability.
Sounds like a classic case of a big corporation getting to set its own rules, right? But EFF intervened in the case, and today the judge agreed with our arguments. He ruled that Diebold must follow the law if it wanted to continue the bidding process in North Carolina. Score one for election transparency and integrity. [Permalink]
November 17th, 2005
Diebold Attempts to Evade Election Transparency Laws
EFF Goes to Court to Force E-voting Company to Comply With Strict New North Carolina Law
Raleigh, North Carolina – The Electronic Frontier Foundation (EFF) is going to court in North Carolina to prevent Diebold Election Systems, Inc. from evading North Carolina law.