Learn From Diebold's California Decertification

G00120825

Analyst(s): |

  Free preview of Gartner research

Summary

California's decision to decertify Diebold Election Systems' (DES's) touch-screen voting technologies offers lessons for other governments and vendors.

News Analysis

Event

On 29 April 2003, the California secretary of state decertified DES's touch-screen voting technology for use in four counties in the state. This decision — which affects 14,000 DES touch-screen terminals, and as many as 2 million eligible voters – reflects the state’s concern that DES allegedly deployed systems in four California counties without required federal testing or state certification. The state further alleges that DES lied about the systems' certification status to the state. The secretary of state has asked the state attorney general to investigate the possibility of criminal and civil fraud charges against DES.

Analysis

If DES knowingly deployed voting systems in the field without required testing and certification, then the state’s decision to decertify DES's voting systems is absolutely justified. Whether DES later lied about the matter is irrelevant, except that it could be grounds for criminal prosecution. Field deployment of uncertified software is completely intolerable in an application in which public trust is a mission-critical requirement.

The software industry has historically favored the rapid introduction of new products, which inevitably leads to high levels of flaws. The release-and-patch approach to software quality and security is no longer acceptable even for consumer-level operating systems, let alone mission-critical applications with major public consequences. The public — which now includes 1 billion Internet users worldwide, all of whom are only too familiar with cybercrime — is simply too sensitive to quality and security concerns. In DES's case, a history of serious security breaches — such as the discovery and worldwide distribution of source code found unprotected on an Internet-connected DES server — and highly critical independent reports alleging security flaws in DES’s products serve to underline the importance of strict attention to testing and certification requirements. California’s refusal to accept any ambiguity regarding the security of DES’s machines is appropriate.

Recommendations:

Governments and other agencies evaluating voting and other critical technologies:

  • Use government agencies' enormous purchasing power to promote higher software quality, by making provable quality a nonnegotiable condition of all software purchases.

  • Legislate multiple independent certification processes for electronic voting systems and software.

Software vendors:

  • Recognize that industry dynamics are changing fast, with software quality becoming a matter of public interest and concern, and allocate development resources accordingly.

Analytical Sources: Richard Hunter and Ray Wagner, Gartner Research

Recommended Reading and Related Research

(You may need to sign in or be a Gartner client to access all of this content.)

© 2004 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Contact us online

  Research

More  

  Webinars

More  

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more