April 24, 2014

avatar

“E agora José?” The current status of Marco Civil da Internet

I hope non-Brazilian readers will forgive me, but I could not find a better expression to summarize the current situation of the Brazilian Marco Civil da Internet. “E agora, José?” The expression can be translated into English as “What now, José?”, and is quite popular in Brazil, having its origin in a famous poem by Carlos Drummond de Andrade (1902-1987). Although it might carry different meanings, this expression is mainly used in hard times, when people are challenged by a situation in which desirable or ideal solutions just seem impossible. When puzzled by a conundrum, one might say: “E agora, José?”.

Here I will try to explain why I do think that the Marco Civil is facing such a situation. [Read more...]

avatar

Information Facilitating Participation in Elections Must Be Readily Available – Principle #10 for Fostering Civic Engagement Through Digital Technologies

For the final installment of my series of blog posts outlining ten principles that governments and local communities should consider when evaluating whether they are using digital technology effectively to facilitate civic engagement, I will discuss the issue that goes to the core of democracy in our country – the public having access to information about elections. The information that facilitates participation in elections comes from a variety of sources, including local governments ensuring that people are easily able to register to vote, politicians using technology for conversations with the public during campaigns, and members of the public using e-mail, blogs and social media to discuss the candidates’ promises.

Technology as a tool for civic engagement has become an increasingly critical aspect of politics, particularly in urban areas. That’s because one of the factors that has affected political discourse, especially in urban areas – race – is diminishing in salience with the public. In a recent NY Times Op-ed, Thomas Edsall asked the question, “What if Race No Longer Matters in City Politics?” He noted the absence of race as a divisive factor in recent elections in Boston, New York, and Los Angeles. Instead, he argued that income and class shaped the mayoral contests in Boston and New York.

As cities move away from racial politics, the vacuum is being filled, at least in part, by both citizens and politicians focusing on lifestyle issues. Right now, arguably there is nothing that reflects people’s lifestyles more than the wireless devices they carry and the content they choose to consume and share through those devices. And some of that content relates to civic engagement. For example, according to a 2013 Pew study, 67% of all 18-24 year olds engaged in some social network-related political activity in the 12 months preceding the survey. Overall, 39% of adults use social media sites for political or civic activities.

Given that citizens are moving their political activities on-line, it is important that state governments make it easier for people to participate in the political process by making on-line voter registration available. Approximately 15 states currently allow on-line voter registration, while approximately 5 more have passed legislation permitting on-line registration. In addition to added convenience, according to the state of Arizona, paper registration costs 83 cents per registration while each on-line registration costs only 3 cents. To be beneficial for the public though, on-line registration must be secure. CITP Fellow J. Alex Halderman, in an interview with the National Conference of State Legislatures earlier in 2013 recommended, “ensuring that security experts are consulted during design [of an on-line registration system], adequate security testing is undertaken before the system goes live, and ongoing monitoring for threat detection efforts [takes place] while the system is being operated.”

In a recent article in Politico, Columbia University Law School professor Tim Wu suggests that voter participation in Congressional primary elections is so low because of the “convenience gap” between voting and many other modern tasks and proposes increasing participation by moving voting on-line. I disagree with Mr. Wu’s solution partially because I think technology can close the “convenience gap” that makes voting seem burdensome by keeping people connected regularly to the civic and political decision-making process. Since people have the ability through digital technology to be extremely selective about the information they choose to consume, governments and political candidates need to use more targeted methods to reach each constituent with information that’s uniquely important to that person. For example, a person who is registered for Capital Bikeshare – the bike sharing service in the Washington, DC metro area – could register to receive text message alerts about community meetings on bike lanes and transportation policy generally. If a particular series of issues is closely tied to a person’s lifestyle and interests, I think that will drive participation. There will be no need to move to on-line voting now, before the security concerns can be addressed.

People who are invested in their local communities need to continue to experiment with ways to boost civic engagement. In advance of a special election for the City Council in Washington, DC this Spring, three popular local bloggers partnered on the “Let’s Choose DC” website, which posed one question per week to all of the eligible candidates. Candidates provided longer than a sound bite answers to questions about topics such as education, crime, and affordable housing. Readers had the opportunity to vote on the responses. While turnout in the special election was disappointingly low – only 11.32% – participation still improved compared to a 2011 special election that came in at 10.30%. The more that journalists, local businesses, civic activists and government officials recognize the economic and social value of assisting citizens in using technology as a tool for building communities that reflect their members’ needs and aspirations, the stronger local communities will become.

avatar

Wall Street software failure and a relationship to voting

An article in The Register explains what happened in the Aug 1 2012 Wall Street glitch that cost Knight Capital $440M, resulted in a $12M fine, nearly bankrupted Knight Capital (and forced them to merge with someone else). In short, there were 8 servers that handled trades; 7 of them were correctly upgraded with new software, but the 8th was not. A particular type of transaction triggered the updated code, which worked properly on the upgraded servers. On the non-upgraded server, the transaction triggered an obsolete piece of software, which behaved altogether differently. The result was large numbers of incorrect “buy” transactions.

Bottom line is that the cause of the failure was lack of careful procedures in how the software was deployed, coupled with a poor design choice that allowed a new feature to reuse a previously used obsolete option, which meant that the trigger (instead of being ignored of causing an error) caused an unanticipated result.

So what does this have to do voting? [Read more...]

avatar

Engineering an insider-attack-resistant email system and why you wouldn’t want to use it

Earlier this week, Felten made the observation that the government eavesdropping on Lavabit could be considered as an insider attack against Lavabit users. This leads to the obvious question: how might we design an email system that’s resistant to such an attack? The sad answer is that we’ve had this technology for decades but it never took off. Phil Zimmerman put out PGP in 1991. S/MIME-based PKI email encryption was widely supported by the late 1990′s. So why didn’t it become ubiquitous?
[Read more...]

avatar

A Start-Up Born at CITP

As is probably the case with many start-ups, Gloobe was born late at night. Early in 2013, on the night of a snowstorm in Princeton, I presented at the student-led Code at Night hackathon an idea for a web site that organized civic information onto online maps of local communities. With experience as a former elected representative of a relatively small community within Washington, DC, I understood the value of easing the availability of information about voting, upcoming community meetings, and regulatory agency actions, but lacked the coding skills to bring the project to life. Jian Min Sim, a student from Oxford who was spending his senior year at Princeton as part of an exchange program, heard about my presentation from a friend and when we got together, pulled out his laptop and said, “I have already built something very similar.” After winning a contest sponsored by the ITU, Jian had built a mapping website designed to provide a platform for NGO employees and others who travel frequently to share information about places that lacked detailed on-line limited maps. A partnership formed.

Over the course of the year, we have talked repeatedly about different ways of using technology to reach different groups of people – young people, people working for the government, in education, or at large corporations – who are looking to share knowledge more effectively. Through all of these conversations, we have sought to figure out what we think is important – a preference for wireless solutions, a simple platform, providing real-time access to information about what’s happening in local communities. Do we think our mission is best served as a for-profit or non-profit entity?
[Read more...]

avatar

Google Glass vuln in QR codes and ballot marking applications

Reading recently about a vulnerability in Google Glass that can be exploited if a victim takes a picture of a malicious QR code made me think about one of the current trends in absentee balloting. A number of localities in the US are trying out absentee ballot schemes where a voter goes to a website and makes his/her choices through a web form, then prints out a ballot that contains his/her choices as a marked ballot plus a barcode (typically a 2D QR code). The ballot is then mailed back to the locality with whatever signature forms are required. When the ballot arrives at the locality, election officials scan the QR code to duplicate the ballot showing the voter’s choices, (hopefully) compare that the voter selections actually match the marks, and then the ballot goes forward. (Commercial products with this feature include Everyone Counts and Scytl.)
[Read more...]

avatar

Internet Voting Snafu at USRowing

USRowing, the governing body for the sport of rowing in the U.S., recently announced the discovery of likely fraud in one of its leadership elections.

Further investigation into this region’s voting resulted in the determination that fraudulent ballots were cast in the Mid-Atlantic election that directly affected the outcome of the Mid-Atlantic Regional Director of the Board of Directors election only. Those responsible for the fraudulent ballots have not yet been identified.

[Read more...]

avatar

Principles #4 and #5 for Fostering Civic Engagement Through Digital Technologies: Engage On-line and Off-line, and Prepare for the Future

As part of my continuing series, today I’ll discuss two more principles for fostering civic engagement and digital technologies. My earlier posts are:
#1 Know Your Community
#2 Keep it Simple
#3 Leverage Entrepreneurial Intermediaries

Principle #4: Utilize Creative Combinations of On-line and Off-line Communications

Whether it’s a grass roots organization, national political campaign or local government agency, any group that wishes to identify and motivate people to become involved in civic affairs needs to use creative combinations of on-line and off-line communications. In today’s post, I will discuss two different situations where I’ve observed people combining new technology and traditional grass roots organizing to foster civic engagement.

On Twitter, I recently came across an account dedicated to a student’s grass roots campaign for Vice President of the student government at The University of Mississippi (Ole Miss). Her tweets below are a simple representation of today’s hybrid on-line/off-line grass roots campaign.

[Read more...]

avatar

Internet Voting Security: Wishful Thinking Doesn’t Make It True

[The following is a post written at my invitation by Professor Duncan Buell from the University of South Carolina. Curiously, the poll Professor Buell mentions below is no longer listed in the list of past & present polls on the Courier-Journal site, but is available if you kept the link.]

On Thursday, March 21, in the midst of Kentucky’s deliberation over allowing votes to be cast over the Internet, the daily poll of the Louisville Courier-Journal asked the readers, “Should overseas military personnel be allowed to vote via the Internet?” This happened the day before their editorial rightly argued against Internet voting at this time.

One of the multiple choice answers was “Yes, it can be made just as secure as any balloting system.” This brings up the old adage, “we are all entitled to our own opinions, but we are not entitled to our own facts.” The simple fact is that Internet voting is possible – but it is definitely NOT as secure as some other balloting systems. This is not a matter of opinion, but a matter of fact. Votes cast over the Internet are easily subject to corruption in a number of different ways.

To illustrate this point, two colleagues, both former students, wrote simple software scripts that allowed us to vote multiple times in the paper’s opinion poll. We could have done this with repeated mouse clicks on the website, but the scripts allowed us to do it automatically, and by night’s end we had voted 60,000 times. The poll vendor’s website claims that it blocks repeated voting, but that claim is clearly not entirely true. We did not break in to change the totals. We did not breach the security of the Courier-Journal’s computers. We simply used programs instead of mouse clicks to vote on the poll website itself.
[Read more...]