San Francisco County Grand Jury
• 2017-2018
Civil Grand Jury | 2017-2018 City and County of San Francisco Open Source Voting in San Francisco
⚠️ Translation Notice: This content has been automatically translated. The original English text is the official version. Translation may contain errors.
⚠️ Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
Findings and Recommendations 22 findings
F1
There is not a clear project owner that is responsible for building an Open Source Voting System in San Francisco, which prevents the project from making any progress.
Related Recommendations (1)
R1
Recommends that the Mayor include funding in their next budgeting cycle to hire a “Program Manager” dedicated to shepherd the project forward and own the project. Regardless of the department they report to, the Program Manager will be responsible for communicating with collaborating jurisdictions, engaging experts, managing and tracking project risks, and establishing cost and timeline targets. The Program Manager would need qualifications in technology management, design thinking, and procurement. Funding should be allocated for this process in the next budget cycle. (F1, F2, F3, F8)
F2
Progress on the Open Source Voting project has been limited because responsibility has consistently and ambiguously been passed around between organizations without a clear source of funding or a mandate for completion.
Related Recommendations (4)
R1
Recommends that the Mayor include funding in their next budgeting cycle to hire a “Program Manager” dedicated to shepherd the project forward and own the project. Regardless of the department they report to, the Program Manager will be responsible for communicating with collaborating jurisdictions, engaging experts, managing and tracking project risks, and establishing cost and timeline targets. The Program Manager would need qualifications in technology management, design thinking, and procurement. Funding should be allocated for this process in the next budget cycle. (F1, F2, F3, F8)
R2
Recommends the Mayor's Office set up a working group responsible to centralize the expertise relevant for the OSV project and approve structural decisions made by the Program Manager. The working group should contain (at minimum) a representative from the Mayor’s office, DoE, OSVTAC, COIT, and DoT.37 After planning completes, funding requests for the OSVS would be recommended to the working group by the Program Manager, and would then be recommended to the Mayor for inclusion in the city budget. This group should be formally constructed by October 1, 2018, and should begin a hiring process for a Program Manager as soon as funding is allocated. (F2, F3, F4)
R3
Recommends the Election Commission's OSVTAC should organize and maintain a website to serve as an informational portal on the OSV project. This should include links to (and summaries of) all reports written on the subject (including by the SoS, EC, OSVTAC, CGJ, Slalom, BoS). This resource should be completed by October, 1 2018, and be updated consistently. (F2, F3)
R4
Recommends publishing a quarterly summary of the state of the OSV project. The report should include: an estimate of the completion date, current cost projections, and highlight emerging issues. Until a Program Manager is hired, the reports should be authored by the EC, and afterwards, the report should be authored by the program manager. Reports should commence October 1, 2018, and continue at the start of each quarter until project completion. (F2, F3)
F3
Progress on the Open Source Voting project has been slow because of the large number of stakeholders, and the dispersal of their expertise, and the uncertainty each party has about the overall project.
Related Recommendations (4)
R1
Recommends that the Mayor include funding in their next budgeting cycle to hire a “Program Manager” dedicated to shepherd the project forward and own the project. Regardless of the department they report to, the Program Manager will be responsible for communicating with collaborating jurisdictions, engaging experts, managing and tracking project risks, and establishing cost and timeline targets. The Program Manager would need qualifications in technology management, design thinking, and procurement. Funding should be allocated for this process in the next budget cycle. (F1, F2, F3, F8)
R2
Recommends the Mayor's Office set up a working group responsible to centralize the expertise relevant for the OSV project and approve structural decisions made by the Program Manager. The working group should contain (at minimum) a representative from the Mayor’s office, DoE, OSVTAC, COIT, and DoT.37 After planning completes, funding requests for the OSVS would be recommended to the working group by the Program Manager, and would then be recommended to the Mayor for inclusion in the city budget. This group should be formally constructed by October 1, 2018, and should begin a hiring process for a Program Manager as soon as funding is allocated. (F2, F3, F4)
R3
Recommends the Election Commission's OSVTAC should organize and maintain a website to serve as an informational portal on the OSV project. This should include links to (and summaries of) all reports written on the subject (including by the SoS, EC, OSVTAC, CGJ, Slalom, BoS). This resource should be completed by October, 1 2018, and be updated consistently. (F2, F3)
R4
Recommends publishing a quarterly summary of the state of the OSV project. The report should include: an estimate of the completion date, current cost projections, and highlight emerging issues. Until a Program Manager is hired, the reports should be authored by the EC, and afterwards, the report should be authored by the program manager. Reports should commence October 1, 2018, and continue at the start of each quarter until project completion. (F2, F3)
F4
Progress on the Open Source Voting project has been slow because all parties are appropriately concerned about security, and few within San Francisco government have the technical background to accurately evaluate security concerns.
Related Recommendations (1)
R2
Recommends the Mayor's Office set up a working group responsible to centralize the expertise relevant for the OSV project and approve structural decisions made by the Program Manager. The working group should contain (at minimum) a representative from the Mayor’s office, DoE, OSVTAC, COIT, and DoT.37 After planning completes, funding requests for the OSVS would be recommended to the working group by the Program Manager, and would then be recommended to the Mayor for inclusion in the city budget. This group should be formally constructed by October 1, 2018, and should begin a hiring process for a Program Manager as soon as funding is allocated. (F2, F3, F4)
F5
Today, only one company can operate California certified Ranked Choice Voting Elections - Dominion Election Systems. San Francisco has a continuing legal obligation to purchase systems from Dominion, regardless of cost or competitiveness, due to county RCV rules, restrictions on procurement due to LGBT discrimination in other states, and state certification requirements.
Related Recommendations (2)
R5
Recommends the Office of the Controller set up a process to trigger review of city RFPs that only receive one bidder, and, when feasible, perform a market analysis to determine why the procurement process has not induced participation of additional vendors. This process should be in place by April 1, 2019. (F5, F6) 37 The DoE would function as the expert on election administration and certification; the DoT as the expert on open source software and technology development; COIT for weighing city funding priorities, and the OSVTAC as the expert on open source election software.
R6
Recommends the Office of the Controller evaluate the premium San Francisco pays for its Voting System compared to (1) the price paid by other California counties that use Ranked Choice Voting, and (2) the price paid by California counties that do not use RCV, and (3) the price paid by cities/counties outside of California who use RCV. This analysis should be published by April 1, 2019. (F5, F6)
F6
The operational cost charged by Dominion Systems increased from 1.1 million per year to 2 million per year between the contracts from 2006 to 2018 and 2018 onward. San Francisco did not have a viable alternative to accepting this price increase.
Related Recommendations (2)
R5
Recommends the Office of the Controller set up a process to trigger review of city RFPs that only receive one bidder, and, when feasible, perform a market analysis to determine why the procurement process has not induced participation of additional vendors. This process should be in place by April 1, 2019. (F5, F6) 37 The DoE would function as the expert on election administration and certification; the DoT as the expert on open source software and technology development; COIT for weighing city funding priorities, and the OSVTAC as the expert on open source election software.
R6
Recommends the Office of the Controller evaluate the premium San Francisco pays for its Voting System compared to (1) the price paid by other California counties that use Ranked Choice Voting, and (2) the price paid by California counties that do not use RCV, and (3) the price paid by cities/counties outside of California who use RCV. This analysis should be published by April 1, 2019. (F5, F6)
F7
The California counties that use Ranked Choice Voting are in the same financial predicament as San Francisco when it comes to procuring their voting system software. This makes them ideal partnership candidates, as they face the same set of challenges under the same regulatory authority.
Related Recommendations (2)
R9
Recommends that San Francisco’s Elections Commission conduct a systematic evaluation of partner interest in using the OSV system developed in SF. This evaluation should reach out to all Departments of Elections in all counties within California, focusing on potential use and cost sharing. This analysis and reporting should be completed by April 1st, 2019. (F7, F9, F10, F11)
R13
Recommends that the Department of Elections, working with the Elections Commission, establish a Memorandum of Understanding with the California Secretary of State that addresses how the California certification process will accommodate modular development and vulnerability patches, to align the SoS’s process with open source best practices. The discussion of this memo should begin by January 1st, 2019. (F7, F12, F13, F17, F18)
F8
Too many variables remain unresolved to draw confident analysis about completion cost or timeline of the OSV project.
Related Recommendations (1)
R1
Recommends that the Mayor include funding in their next budgeting cycle to hire a “Program Manager” dedicated to shepherd the project forward and own the project. Regardless of the department they report to, the Program Manager will be responsible for communicating with collaborating jurisdictions, engaging experts, managing and tracking project risks, and establishing cost and timeline targets. The Program Manager would need qualifications in technology management, design thinking, and procurement. Funding should be allocated for this process in the next budget cycle. (F1, F2, F3, F8)
F9
Though certification by the California Secretary of State is an indication that an election system is reasonably secure, certification does not guarantee election system security.
Related Recommendations (1)
R9
Recommends that San Francisco’s Elections Commission conduct a systematic evaluation of partner interest in using the OSV system developed in SF. This evaluation should reach out to all Departments of Elections in all counties within California, focusing on potential use and cost sharing. This analysis and reporting should be completed by April 1st, 2019. (F7, F9, F10, F11)
F10
The security of an Open Source Voting System would reflect the ratio of the number of good actors to bad actors that are looking at it to find vulnerabilities, which makes getting the attention of external security experts a top level priority for the OSV project.
Related Recommendations (1)
R9
Recommends that San Francisco’s Elections Commission conduct a systematic evaluation of partner interest in using the OSV system developed in SF. This evaluation should reach out to all Departments of Elections in all counties within California, focusing on potential use and cost sharing. This analysis and reporting should be completed by April 1st, 2019. (F7, F9, F10, F11)
F11
If an Open Source Voting system is going to be used only by San Francisco, it is unlikely to attract the requisite attention of security experts and white-hat engineers necessary to be confident in its security.
Related Recommendations (1)
R9
Recommends that San Francisco’s Elections Commission conduct a systematic evaluation of partner interest in using the OSV system developed in SF. This evaluation should reach out to all Departments of Elections in all counties within California, focusing on potential use and cost sharing. This analysis and reporting should be completed by April 1st, 2019. (F7, F9, F10, F11)
F12
The ability to efficiently patch vulnerabilities in open source software is a foundational property of successful and secure open source projects, and certification by the Secretary of State poses an unscoped period of delay to any patch to an OSVS system.
Related Recommendations (1)
R13
Recommends that the Department of Elections, working with the Elections Commission, establish a Memorandum of Understanding with the California Secretary of State that addresses how the California certification process will accommodate modular development and vulnerability patches, to align the SoS’s process with open source best practices. The discussion of this memo should begin by January 1st, 2019. (F7, F12, F13, F17, F18)
F13
Although patches to open source systems are common, any patch of an election system will necessitate recertification by the California Secretary of State. The timeline and cost of this recertification can vary wildly depending on the size of the fix, and its urgency. There is some evidence that modular certification can be supported by the Secretary of State.
Related Recommendations (1)
R13
Recommends that the Department of Elections, working with the Elections Commission, establish a Memorandum of Understanding with the California Secretary of State that addresses how the California certification process will accommodate modular development and vulnerability patches, to align the SoS’s process with open source best practices. The discussion of this memo should begin by January 1st, 2019. (F7, F12, F13, F17, F18)
F14
There are a large number of non-profit organizations that are willing and eager to help develop an OSV system, as both developers and advisors.
Related Recommendations (2)
R11
Recommends that the Department of Elections, along with the Election Commission, reach out to 18F and the USDS to evaluate a possible partnership to build the OSV system with them. These communications should be issued by October 1st, 2018, and the results of those inquiries should be made publicly available after discussion concludes. (F14, F15)
R12
Recommends that the Elections Commission establish a coalition of supportive non-profit organizations in a formal structure to support the project. This list of collaborators and contacts should be constructed and published by January 1st, 2019. (F14, F16)
F15
Federal agencies specializing in developing reusable Open Source Technologies, such as the USDS and 18F, are ideal partnership candidates for an OSV project, but their involvement would require that some federal funds be used for the project.
Related Recommendations (2)
R10
Recommends that the Department of Elections evaluate the possibility of incorporating 2018 HAVA funding into the development of the OSV system, so that federal technology agencies have jurisdiction to help develop the project. The feasibility of this should be formally evaluated and published by the Department of Elections by January 1st, 2019. (F15)
R11
Recommends that the Department of Elections, along with the Election Commission, reach out to 18F and the USDS to evaluate a possible partnership to build the OSV system with them. These communications should be issued by October 1st, 2018, and the results of those inquiries should be made publicly available after discussion concludes. (F14, F15)
F16
No organization within San Francisco government has formed formal partnerships with non-profit organizations to develop, test, or to advise on OSVS best practices.
Related Recommendations (1)
R12
Recommends that the Elections Commission establish a coalition of supportive non-profit organizations in a formal structure to support the project. This list of collaborators and contacts should be constructed and published by January 1st, 2019. (F14, F16)
F17
No organization within San Francisco government has begun formal discussions with the Secretary of State about the potential for partnership.
Related Recommendations (1)
R13
Recommends that the Department of Elections, working with the Elections Commission, establish a Memorandum of Understanding with the California Secretary of State that addresses how the California certification process will accommodate modular development and vulnerability patches, to align the SoS’s process with open source best practices. The discussion of this memo should begin by January 1st, 2019. (F7, F12, F13, F17, F18)
F18
The Department of Elections has familiarity with the election system certification process, as most recently demonstrated by their work with Dominion in 2017 to get a patch for the “spectre/meltdown” bugs certified by the California Secretary of State.
Related Recommendations (1)
R13
Recommends that the Department of Elections, working with the Elections Commission, establish a Memorandum of Understanding with the California Secretary of State that addresses how the California certification process will accommodate modular development and vulnerability patches, to align the SoS’s process with open source best practices. The discussion of this memo should begin by January 1st, 2019. (F7, F12, F13, F17, F18)
F19
Developing Election Systems is currently outside of the mandate for San Francisco's Department of Elections.
Related Recommendations (1)
R8
Recommends that the DoE not directly build the software for an Open Source Voting system in the near future, because they lack in-house critical faculties and experience in software development. (F19, F20)
F20
San Francisco's Department of Elections has no experience developing critical software.
Related Recommendations (1)
R8
Recommends that the DoE not directly build the software for an Open Source Voting system in the near future, because they lack in-house critical faculties and experience in software development. (F19, F20)
F21
San Francisco's Department of Technology has demonstrated willingness to undertake open source projects.
Related Recommendations (1)
R7
Recommends that the DoT not directly build the software for an Open Source Voting system in the near future, because they have not demonstrated the in-house capacity to tackle a software development task of this magnitude. (F21, F22)
F22
San Francisco's Department of Technology does not have extensive experience developing open source technology that is in use beyond San Francisco.
Related Recommendations (1)
R7
Recommends that the DoT not directly build the software for an Open Source Voting system in the near future, because they have not demonstrated the in-house capacity to tackle a software development task of this magnitude. (F21, F22)
Conclusions 1
-
CL1Developing an Open Source Voting System has the potential to bring the City and County of San Francisco a number of concrete and principled benefits in the long term, including cost savings, increased election security, and public ownership over the critical infrastructure of democracy. It is likely to free the city from the constraints of vendor lock-in, and the accompanying risk of financial exploitation. The value of these long-term benefits needs to be weighed against the security and completion risks that the project must overcome in order to achieve them. Election system security should be paramount to the design and implementation of the project. The security of the resulting system depends on it being used by multiple jurisdictions, and garnering the attention, respect, and scrutiny of the open source community. That means keeping the finished product in front of as many minds and eyes as possible. Doing this requires deliberate effort to build generic features to support use outside of San Francisco, empower the open source community to engage with the development, and keep the project true to its ideological roots of transparency and availability. Partnerships will be critical to completing an OSVS successfully. Partnerships with nonprofits could fill in gaps in the city’s expertise, or even develop the software in its entirety. Early coordination with regulatory authorities and state officials has the potential to dramatically decrease the cost of the project while shortening the timeline for development and certification. Finally the city should look to extend partnership opportunities to other counties within California to share costs and offer an election platform under a single certification authority. The complexity of the proposed system and the need for the efforts of a wide range of city stakeholders make it paramount that a small set of responsible persons be brought together to own structural decisions necessary to advance the program, and an explicit role of project owner be assigned to a person who can shepherd the venture forward. San Francisco clearly stands to benefit if it can develop an open source voting system, but the City is not on track to complete that endeavor. The project does not have a clear advocate nor a logical home within the existing operations of San Francisco government. Excitement for the project is misaligned with authority and funding. All paths that ultimately lead to a successful project require a clarified consolidation of expertise, responsibility and authority, and decisive commitment under strong leadership. 2017-2018 SFCGJ - Open Source Voting in San Francisco 19
No Responses Found 1
Government entities assigned to respond to this report. No response documents have been linked in our database.
San Francisco
City