IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Commentary: Building Public Trust in California’s Election Infrastructure

The Little Hoover Commission, a California government watchdog agency, recommends that the state invest in a publicly owned, open source elections system. In this system, expert “white hat” hackers and interested members of the public could review the source code and report potential vulnerabilities to the California Secretary of State’s Office. Only authorized personnel would be allowed to physically modify the code.

The following commentary is excerpted from one published Thursday by the Little Hoover Commission, a California government watchdog agency.

Earlier this week, the San Francisco Board of Supervisors unanimously passed legislation that would authorize an open source voting pilot program to be conducted during the Nov. 8 election in San Francisco.

The legislation now awaits Mayor London Breed’s signature. If signed, the pilot program will also need to be approved by the California secretary of state before it can be implemented.

Though the Little Hoover Commission noted that California’s elections are extremely secure, we also underscored the importance of bolstering the system even more in our March 2019 letter to the governor and Legislature and our April 2021 report, California Election Infrastructure: Making a Good System Better.

In that report, the commission found that California relies on a for-profit model for developing election infrastructure. This model, the commission also learned, has its limitations. The process to test and recertify election infrastructure is extensive. Security upgrades for existing models are not incentivized.

To help California better address any security vulnerabilities, the commission recommended that the state invest in a publicly owned, open source elections system. In this system, expert “white hat” hackers and interested members of the public could review the source code and report potential vulnerabilities to the California Secretary of State’s Office. Only authorized personnel would be allowed to physically modify the code.

Opening the source code to the public means that not just bad actors can have their eyes on it. More review of the source code means more opportunities to correct security flaws before they impact elections.

Such a system would allow counties to structure their election infrastructure in a way that best suits their needs. They can use this code to create and manage their own voting systems. Or, for a more off-the-shelf solution, counties can work with voting equipment manufacturers to create hardware, service and support packages.

In addition to its versatility, open source elections systems offer greater financial savings and align with a state goal to use open source software across government.

California’s election infrastructure is strong. The November 2020 election was the most secure in history. The commission’s recommendations will help the state build on this strength and keep up with evolving technology and knowledge.

These changes will also increase transparency, allowing California to showcase its strength and help build public trust in the state’s voting systems.