Testimony on Guidelines for Implentation of VRDDownload PDF
U.S. Election Assistance Commission Hearing Regarding
“Proposed Voluntary Guidance on Implementation of
Statewide Voter Registration Lists”
April 26, 2005
Testimony of ACM Committee on Guidelines for
Implementation of Voter Registration Databases
We thank you for holding this public hearing and for considering our comments on the
Help America Vote Act's (HAVA) mandate that all states have statewide computerized
voter-registration databases installed by January 1, 2006. As members of a recently
commissioned study by the Association for Computing Machinery (ACM), we write to
inform you about our work and about some of the critical technical issues that should be
considered in implementing such centralized, potentially vulnerable databases.
ACM is widely recognized as the premier organization for computing professionals,
delivering resources that advance the computing and IT disciplines, enable professional
development, and promote policies and research that benefit society. Members of ACM
have become concerned about potential risks with the HAVA-mandated centralized
ACM commissioned our study to devise technical guidelines intended to help election
officials make voter registration databases reliable and secure, while preserving privacy
to the extent permitted by law and policy. We recognize that such centralized statewide
databases introduce new risks into the voting process. We hope to inform the Election
Assistance Commission (EAC) and state election officials on how to address these risks
within the framework of HAVA’s requirements and the Commission’s guidelines.
Reliability is a constant problem in the implementation of information systems, especially
databases with extremely non-uniform use. Voter registration databases are subject to
large variations in access levels depending on events in the registration/voting process.
Databases with such heavily skewed access are difficult to design, and with the additional
levels of network and system components there is an increased chance of system failure.
Reports abound of voter registration databases not working or being too slow to be useful
on Election Day, 2004. There are known techniques to maximize the reliability of the
systems. Prof. Chris Clifton (Computer Science, Purdue), Dr. Paula Hawthorn (retired
database company executive), and Lillie Coney (Associate Director, Electronic Privacy
Information Center) are producing guidelines for reliability.
Protecting the accuracy and integrity of these databases and their outputs is another
critical factor that we will address. Since centrally managed voter-registration databases
will be tempting targets for hackers, our guidelines for accuracy and integrity will include
protection against improper updates (including by authorized users). They will also
include recommendations for transparency and accountability, both of which are critical
aspects of database accuracy and integrity. The group producing the guidelines for
accuracy and integrity consists of Dr. Rebecca N. Wright (Computer Science, Stevens
Institute of Technology), Dr. Arnon Rosenthal (Research Scientist, MITRE Corporation),
Prof. David Wagner (Electrical Engineering and Computer Science, UC Berkeley), Ralph
Spencer Poore (Consultant, Privacy and Security), and Dr. Steven M. Bellovin
(Computer Science, Columbia).
We are also concerned about the privacy implications of voter registration databases. As
centralized repositories of sensitive data, these databases create new opportunities for
identity theft and lesser forms of harassment. Our guidelines for protecting voter privacy
will discuss policy considerations, access control, legal requirements, and new privacy
risks. Dr. Barbara Simons (retired, IBM Research and former ACM President), Robert
Gellman (privacy and security consultant), Dr. Harry Hochheiser (Computer
Professionals for Social Responsibility), Lillie Coney, Ralph Spencer Poore, and Dr.
Arnon Rosenthal will produce the privacy guidelines.
We anticipate that our guidelines will be completed by Fall 2005; however, we are
planning to provide specific comments on the EAC’s draft guidance by the comment
deadline of May 25. We encourage those who would like more information or would like
to discuss our work to contact Cameron Wilson, Director of Public Policy for ACM, at
(202) 225-9711. We have also attached biographical information on our committee
Thank you again for considering our testimony.
Biographical Information for Members of the ACM Committee
Co-Chair of the Committee, Paula Hawthorn, Ph.D.
Dr. Hawthorn received her Ph.D. in Electrical Engineering and Computer Science from
the University of California in 1979. Her thesis topic was on the performance of database
systems. She has spent much of her career as a manager of database development,
including Vice-President of Software Development for start-ups such as Britton Lee and
Illustra, and both management and individual contributor positions at Hewlett-Packard
(working on database performance issues) and Lawrence Berkeley National Laboratory.
She is now mostly retired, with occasional consulting and continuing involvement with
Co-Chair of the Committee, Barbara Simons, Ph.D.
Dr. Simons earned her Ph.D. from U.C. Berkeley, and was a computer science researcher
at IBM Research, where she worked on compiler optimization, algorithm analysis, and
scheduling theory. A former President of the Association for Computing Machinery
(ACM), Simons founded ACM’s US Public Policy Committee (USACM) and served for
many years as chair or co-chair of USACM. She was a member of the NSF panel on
Internet Voting, the security peer review group for the DoD’s Internet voting project
(SERVE), the President’s Export Council’s Subcommittee on Encryption. She is on
several Boards of Directors, including the U.C. Berkeley Engineering Fund and the
Electronic Privacy Information Center, as well as the Advisory Board of the Oxford
Internet Institute and the Public Interest Registry’s .ORG Advisory Council. She has
testified before both the U.S. and the California legislatures.
Steven M. Bellovin, Ph.D.
Dr. Bellovin is a Professor of Computer Science at Columbia University. He recently
joined the faculty after many years at Bell Labs and AT&T Labs Research. He is an
AT&T Fellow and a member of the National Academy of Engineering. Dr. Bellovin is
the coauthor of Firewalls and Internet Security: Repelling the Wily Hacker (2d ed. 2003),
and holds several patents on cryptographic and network protocols. He has served on
many National Research Council (NRC) study committees, and is a member of the
Department of Homeland Security’s Science and Technology Advisory Committee. He
has been a member of the Internet Architecture Board and co-director of the Security
Area of the Internet Engineering Task Force.
David Wagner, Ph.D.
Professor Wagner is an Assistant Professor in the Computer Science Division at the
University of California at Berkeley with extensive experience in computer security and
cryptography. David is an Alfred P. Sloan Research Fellow and a CRA Digital
Government Fellow. David was a co-designer of one of the Advanced Encryption
Standard finalists, and he remains active in the areas of computer security, cryptography,
and e-voting. In the past, David has served as a member of the Security Peer Review
Group for the SERVE Internet voting project and as a technical advisor to the ACLU Ad-
Hoc Committee on Touchscreen Voting; currently, David is a member of the California
Secretary of State's Technical Advisory Board.
Arnie Rosenthal, Ph.D
Dr. Rosenthal is a Principal Scientist at The MITRE Corporation, working on databases
and distributed systems. In recent years, his research and consulting has focused on data
sharing, privacy and security. He received a Ph.D. in 1974 from University of California
(Berkeley). He was on the faculty of the University of Michigan and worked at Sperry
Research and Computer Corporation of America. He has held visiting positions at the
Swiss Federal Polytechnic (ETH Zurich) and IBM Research.
Rebecca N. Wright, Ph.D.
Dr. Wright is an Associate Professor in the Computer Science Department at Stevens
Institute of Technology in Hoboken, New Jersey. Her research spans the area of
information security, including cryptography, privacy, foundations of computer security,
and fault-tolerant distributed computing. Dr. Wright serves as an editor of the Journal of
Computer Security (IOS Press) and the International Journal of Information and
Computer Security (Inderscience), and is a member of the board of directors of the
International Association for Cryptologic Research. She was Program Chair of Financial
Cryptography 2003 and General Chair of Crypto 2002, and has served on numerous
program committees, including Crypto, the ACM SIGKDD International Conference on
Knowledge Discovery and Data Mining, and the ACM Conference on Computer and
Communications Security. She received a Ph.D. in Computer Science from Yale
University in 1994 and a B.A. from Columbia University in 1988. She is a member of
the IEEE, the ACM, and the IACR.
Chris Clifton, Ph.D.
Professor Clifton has a Ph.D. in Computer Science from Princeton University, and
Bachelor's and Master's degrees from the Massachusetts Institute of Technology. He first
worked on reliability and availability of database systems at IBM Research in the 1980s.
He also worked on data mining and database security issues while at the MITRE
Corporation, and more recently has been leading research on privacy-preserving data
mining since joining the faculty of Purdue University.
Robert Gellman is a privacy and information-policy consultant in Washington, D.C. He
advises companies, government agencies and other institutions on how to address privacy
concerns on the Internet, implement the federal medical-privacy rules, and integrate
privacy law and policy in their national and international operations. A graduate of Yale
Law School, Gellman has worked on information-policy issues for more than 25 years.
He spent 17 years as chief counsel to a subcommittee in the U.S. House of
Representatives responsible for privacy, freedom of information, government information
dissemination, health-record confidentiality and other information-policy matters. He also
served as a member of the U.S. Department of Health and Human Service’s National
Committee on Vital and Health Statistics (1996-2000), a federal advisory committee with
responsibilities for health-information infrastructure matters, including the Health
Insurance Portability and Accountability Act.
Ms. Coney is Associate Director with the Electronic Privacy Information Center (EPIC).
Her issue areas include, but are not limited to, nanotechnology, surveillance, civil rights
and privacy, census, voter privacy, and electronic voting. The Electronic Privacy
Information Center (EPIC) is a public interest research center in Washington, D.C. It
was established in 1994 to focus public attention on emerging civil liberties issues and to
protect privacy, the First Amendment, and constitutional values. Ms. Coney also serves
as Coordinator of the recently established National Committee on Voting Integrity
(NCVI). NCVI was created in 2003 in response to growing concerns about the reliability
of electronic voting systems.
Ralph Spencer Poore
Ralph Spencer Poore (Principal Consultant at Inovè LLC and Senior Partner at Pi "R"
Squared Consulting LLP) has over thirty years of information technology experience
with emphasis on privacy, security, audit, and control in electronic commerce, enterprise
systems, and enabling technologies. His involvement in national and international
standards for electronic commerce includes participation on two Internet Engineering
Task Force (IETF) working groups and chairmanship of an ad hoc working group of the
Accredited Standards Committee X9, Financial Services, subcommittee X9F Data and
Information Security. He founded and chaired the Standards Review Committee of the
Information Systems Security Association (ISSA) and participates on the Global
Executive Committee of the Generally Accepted Information Security Principles
(GAISP) Committee. Ralph has developed and patented security and privacy products,
taught cryptographic security courses, and provided assurance services across a broad
range of private sector and governmental organizations. He is an inventor, author and
frequent speaker on topics ranging from Privacy to Transnational Border Data Flows.
Ralph is a Certified Fraud Examiner (CFE), Certified Information Systems Auditor
(CISA), Certified Information Systems Security Professional (CISSP), and Certified in
Homeland Security-Level III (CHS-III).
Harry Hochheiser, Ph.D.
Dr. Hochheiser received his Ph.D. in Computer Science from the University of Maryland,
where his research interests included information visualization, bioinformatics, humancomputer
interaction, and the privacy-related systems. A former member of the board of
directors of the Computer Professionals for Social Responsibility (CSPR), Dr.
Hochheiser wrote CPSR's FAQ on Internet filtering systems. He has also written about
the policy implications of Internet privacy protocols. He is a founding member of the
ACM SIGCHI committee on US Public Policy. Dr. Hochheiser is currently working at
the National Institute on Aging developing tools for large-scale analysis of microscopy
images in cell biology.