Standards for e-Enabled Elections: The work of the OASIS Election & Voter Services Technical Committee John Borras Chair Technical Committee

OASIS Overview n OASIS is a member consortium dedicated to building systems’ interoperability specifications n Focus is on applications of structured information standards (eg XML, SGML) n Members of OASIS are providers, users and specialists of standards-based technologies n Include organisations, individuals, industry groups and governments n More than 500 members n International, Not-for-profit, Open, Independent n Successful through industry and government wide collaboration

The Challenge n It is extremely unlikely that in the future elections will not have some e-enabled component(s). It’s probably more a question of how many components and when they are introduced. But there are still many concerns to be allayed and a good deal of confidence that needs to be built before e-voting becomes the norm. n Standards are the base on which to build future e- enabled elections that will be trustworthy, open and creditable.

How to Facilitate Trust n Since democracy was invented - people have sought to “influence” the result of a vote n Our goal has been to reduce the risk that people will use the computer technology introduced into the process to “cheat” in new and interesting ways that were previously not available n Also - computer technology should remove old ways of cheating and therefore minimize the risks that were there previously n People should be able to transparently understand how the computer is handling their information and vote and have the means to independently verify that and hence be confident in and embrace the process.

Essentials for Trusted Voting n Appling the right principles can provide trusted verifiable voting processes n Use of open public specifications is essential n Independent verification and inspection is vital n Each new situation brings its own challenges – no one-size fits all / in-country localization n Future – broad availability of proven infrastructure n Auditability within an Electoral Assurance Framework

Auditability n Transparency and Auditability are key Electoral requirements: l In e-voting systems in particular n Using open interfaces can provide transparency of the whole voting process from the time the votes are cast to the final count. n Full scale deployment of systems within an Electoral Assurance Framework incorporating standards provides: l Secrecy of the voter and their vote l Transparency, verifiability and auditability of the whole election l “Comfort” to the voter

Electoral Assurance Framework n Provides Accreditation, Assessment and Certification of electoral systems and services n Builds trust by enabling public verifiability of the whole voting process n Framework needs to be based on standards n Provides standardised interface points where voting auditing processes can be independently assessed under the Assurance Framework

Why Interface Standards? n Need for information to be exchanged at several points in the election process n Several parties involved n Need to service dissimilar systems and equipment n Interchange has to be an open and transparent process

Targeted Processes n Pre election Declaration of Elections Nominating Candidates Formulating Referendum Registration of Voters n Election Casting of Votes n Post election Declaring Results Audit Analysis

Development of e-Voting Standards n OASIS TC History Formed March 2001 election.com, Accenture, Microsoft Chair since Aug UK Gov’t (currently Ministry of Justice) Committee Membership Governments, Corporations, Election Services providers, Academia

Committee Charter The purpose of the Election and Voter Services Technical Committee is to develop a standard for the structured interchange of data among hardware, software, and service providers who engage in any aspect of providing election or voter services to public or private organizations.

Deliverable – EML (Election Markup Language) n Process and Data Requirements Outlines voting processes Identifies data requirements Contains glossary of terms Addresses security issues n XML Schemas Overview of approach taken in preparing the schemas 38 Individual schemas n White Paper – The Case for EML

Security Issues Key security requirements addressed in EML are: Identity authentication Right to vote authentication Vote sealing and non-repudiation of vote accuracy Vote confidentiality Voting Audit

Current and Future TC work n Version 5.0 approved in Dec ‘07 n Awaiting approval as an ISO Standard n Compiling list of changes for inclusion in next version n Provide more advice and guidance on implementation issues n Assist with national localizations n Develop compliance accreditation processes n Ongoing enhancements to accommodate any changes in voting policies/legislation

Take-up n Council of Europe Ministerial directive Dec ’04 recommends EML as core technical standard n USA Election Assistance Commission’s (EAC) draft Voluntary Voting System Guidelines (VVSG) encourages suppliers to use EML n UK election modernisation programme n Flemish local elections n Australian General Election n California State Elections n EU e-Poll project

Summary n Technology will not go away; future generations will demand its use n Standards are the base on which to build future e- enabled elections that will be trustworthy, open and creditable n EML is the recognised international open standard n With your help we can evolve it to meet the challenges ahead.

John Borras OASIS TC open.org/committees/tc_home.php?wg_abbrev=election