BILL ANALYSIS Ó ----------------------------------------------------------------- |SENATE RULES COMMITTEE | AB 829| |Office of Senate Floor Analyses | | |1020 N Street, Suite 524 | | |(916) 651-1520 Fax: (916) | | |327-4478 | | ----------------------------------------------------------------- THIRD READING Bill No: AB 829 Author: Fong (D) Amended: As introduced Vote: 21 SENATE ELECTIONS & CONST. AMEND. COMM. : 4-0, 6/4/13 AYES: Anderson, Hancock, Yee, Torres NO VOTE RECORDED: Padilla SENATE APPROPRIATIONS COMMITTEE : Senate Rule 28.8 ASSEMBLY FLOOR : 76-0, 4/25/13 (Consent) - See last page for vote SUBJECT : Election management systems SOURCE : Secretary of State DIGEST : This bill requires vendors of elections management systems, which track voter registration, to annually deposit a copy of the source code, as specified, for each system component into an approved escrow facility, and stipulates that the Secretary of State (SOS) must have access to these materials under specified circumstances, and requires the SOS to adopt regulations implementing these requirements. ANALYSIS : Existing law: CONTINUED AB 829 Page 2 1. Requires an exact copy of the approved source code for each component of a voting system and a ballot marking system, including the complete build and configuration instructions and related documents for compiling the source code into object coed, to be deposited into an approved escrow facility. This bill: 1. Requires a copy of the source code of an election management system to be deposited into an approved escrow facility. 2. Defines an "election management system," for the purposes of this bill, as a system that is used by a county in the state of California to track voter registration or voter preferences, including, for example, a voter's vote by mail status. 3. Requires the vendor of an election management system, no later than January 31, 2014, and annually thereafter, to cause an exact copy of the source code for each component of the election management system, including complete build and configuration instructions and related documents for compiling the source code into object code, to be deposited into an approved escrow facility. Requires the vendor to place source codes into escrow for each version of the election management system in use in a county in the state. 4. Requires the SOS to adopt regulations relating to the following: A. The definition of source code components of an election management system, including the source code for all firmware and software of the election management system. Requires the firmware and software to include commercial off-the-shelf or other third-party firmware and software that is available and able to be disclosed by the vendor of the election management system. B. Specifications for the escrow facility, including security and environmental specifications necessary for the preservation of the election management system source codes. CONTINUED AB 829 Page 3 C. Procedures for submitting the election management system source codes. D. Criteria for access to the election management system source codes. E. Requirements that the vendor include the build and configuration instructions and documents in the materials deposited in escrow, so that a neutral third party may create, from the source codes in escrow, executable object codes identical to the code installed on the elections management system. 5. Permits the SOS reasonable access to the materials placed in escrow, under the following circumstances: A. In the course of an investigation or prosecution regarding the election management system equipment or procedures. B. Upon a finding by the SOS that an escrow facility or escrow company is unable or unwilling to maintain materials in escrow in compliance with the provisions of this bill. C. For any other purpose deemed necessary to fulfill duties as required under existing law. 6. Permits the SOS to seek injunctive relief requiring the elections officials, approved escrow facility, or any vendor or manufacturer of an election management system to comply with the provisions of this bill. Provides the venue for a proceeding under this bill will be exclusively in Sacramento County. Background Top-to-Bottom Review (TTBR) and Access to Source Code History . In 2007, the SOS conducted a TTBR of several voting machines certified for use in California. The purpose of the review was "to determine whether currently certified voting systems provide acceptable levels of security, accessibility, ballot secrecy, accuracy and usability under federal and state standards." CONTINUED AB 829 Page 4 One of the key components of the TTBR was a review of the source code of each voting system. At the time, state law only required the source code for a ballot tally software program to be deposited in an escrow facility. However since 2004, it had been the practice of the SOS to require voting system vendors to provide all voting system source codes to the SOS upon request as a condition of voting system certification. Additionally, as part of the voting system certification process, voting system vendors are now required to provide the SOS with a copy of the source code for all software and firmware components of the voting system. Similar to the process undertaken as part of the TTBR, all new voting systems that are submitted for certification to the SOS undergo a source code review. However, during the TTBR one voting system vendor initially did not provide the SOS with a copy of the source code for review. After the SOS attempted to retrieve the source code for that voting system from the escrow facility in which it had been placed, the vendor provided the voting system source code to the SOS. History of the Escrow Requirement . While the requirement that the source code from a voting system be placed in escrow primarily has become a tool in ensuring the security of voting systems, that requirement was created with an additional practical purpose in mind - ensuring that state and local jurisdictions would have access to voting system materials if the vendor who produced that system went bankrupt. As part of the voluntary standards for computerized voting systems that were adopted by the Federal Elections Commission (FEC) in 1990, the FEC recommended that states adopt procedures for escrowing voting system software and documentation for all voting systems. As part of the implementation plan for the 1990 voting system standards, the FEC noted that the escrow process contained multiple benefits, including that jurisdictions would have "guaranteed access to all deposit materials as a last resort in the event a vendor's business fails." The FEC also noted that, in the event of an election dispute or litigation, the escrow process would allow for "verification of software used in an election against the clean archival copy" of the source code that was placed in the escrow facility. California enacted its requirement that a voting system source CONTINUED AB 829 Page 5 code be deposited with an escrow facility by AB 986 (Mountjoy, Chapter 235, Statutes of 1989). According to a floor analysis of that bill, the requirement was adopted, in part, in anticipation of the "adoption of voluntary federal standards which requires an escrow system for software programs." Previous Legislation SB 1376 (Perata, Chapter 813, Statutes of 2004) allowed the SOS to have "reasonable access" to the source code placed in escrow under certain specified circumstances and allowed the SOS to seek injunctive relief requiring any vendor or manufacturer of a voting machine, voting system, or vote tabulating device to comply with the requirements relating to the placing of source codes in escrow, among other provisions. AB 2758 (Krekorian, Chapter 198, Statutes of 2008) required a copy of the source code for all components of a voting system, instead of just for the ballot tally software, to be placed into an escrow facility. AB 1929 (Gorell, Chapter 694, Statutes of 2012) established processes and procedures for the review and approval of ballot marking system, including requiring the source code for all ballot marking systems be deposited into an approved escrow facility. FISCAL EFFECT : Appropriation: No Fiscal Com.: Yes Local: No SUPPORT : (Verified 6/21/13) Secretary of State (source) American Association of University Women California Association of Clerks and Elections Officials California Common Cause ARGUMENTS IN SUPPORT : According to the author's office, each county elections office uses an election management system to perform critical functions during the conduct of an election. For instance, election management systems are used to track voter registration and voter preferences, such as a voter's vote-by-mail status. Consequently, election management systems, much like voting systems, play a critical role in the conduct of CONTINUED AB 829 Page 6 an election. Existing law requires voting system vendors to place their source code in an escrow facility. This requirement ensures the security of the voting system and protects these systems from unauthorized tampering. In addition, this requirement was created with a practical purpose in mind to ensure that state and local jurisdictions have access to voting system materials if the vendor who produced that system goes out of business. This bill protects the integrity of our state's elections by mirroring the source code requirements already in place for voting system vendors. Additionally, this bill ensures state and local jurisdictions have reasonable access to the source code material placed in escrow in order to investigate potential election law violations and to ensure counties can continue to conduct elections if a vendor goes out of business. ASSEMBLY FLOOR : 76-0, 4/25/13 AYES: Achadjian, Alejo, Allen, Ammiano, Atkins, Bigelow, Bloom, Blumenfield, Bocanegra, Bonilla, Bonta, Bradford, Brown, Buchanan, Ian Calderon, Campos, Chau, Chávez, Chesbro, Conway, Dahle, Daly, Dickinson, Donnelly, Eggman, Fong, Fox, Frazier, Beth Gaines, Garcia, Gatto, Gomez, Gordon, Gorell, Gray, Grove, Hagman, Hall, Harkey, Roger Hernández, Holden, Jones, Jones-Sawyer, Levine, Linder, Logue, Maienschein, Mansoor, Medina, Melendez, Mitchell, Morrell, Mullin, Muratsuchi, Nestande, Olsen, Pan, Patterson, Perea, V. Manuel Pérez, Quirk, Quirk-Silva, Rendon, Salas, Skinner, Stone, Ting, Torres, Wagner, Waldron, Weber, Wieckowski, Wilk, Williams, Yamada, John A. Pérez NO VOTE RECORDED: Cooley, Lowenthal, Nazarian, Vacancy RM:d 6/24/13 Senate Floor Analyses SUPPORT/OPPOSITION: SEE ABOVE **** END **** CONTINUED AB 829 Page 7 CONTINUED