Behind the scenes with the Webmasters

OTW elections have always been a bit complicated given the challenges of both preserving voter privacy and ensuring that elections are fair with an entirely virtual organization. We’ve implemented procedures surrounding our election technology to assure that the results of the vote are verifiable, that there are multiple corroborating sources to disallow any possibility of tampering, and that we have created an audit trail. A lot of that work falls on the Webmasters Committee so, to better explain what goes into election planning, we thought we’d give voters a look at the work that this group does to ensure a successful election process.

The OTW Webmasters are quite busy in the weeks leading up to the election — they apply updates, double-check software, and conduct rigorous tests of both the ballot and the ballot tallying. Then two weeks out before the election, the Elections site is locked down. All existing site accounts (including those belonging to all other staff) are deleted, leaving only two. Those two Web staffers then create the ballot according to the Elections Officer’s instructions.

In the following week, the OTW Development & Membership committee delivers a list of eligible voters’ email addresses to the Elections Officer. That list gets divided in half and each half is deposited into the elections Web staffers’ vault spaces, a secure storage account maintained by the OTW and visible only to the individual account holder. Those two Web staffers begin to create the voting accounts using random.org to generate an 8-digit random number to use as an account name, which they pair with a voter email address. No list is created of these accounts, and no record of which number goes with which email is easy to generate. It’s not impossible, just too much trouble for someone to do accidentally. All of these accounts are created as inactive, which becomes important in the next step.

One week prior to the voting period all of our voters get their informational email, which includes the account information created by those Web staffers, and a link that will lead to the ballot once it goes live. A basic outline of how the process will work is written by the Elections Officer, and the elections Web staffers enter that text as an automatic website message that is triggered when the accounts are activated.

The final week before the elections is when we follow-up on any emails that went astray and correct them before voting day. Email spam filters are a frequent culprit. The elections Web staffers also make any necessary edits or additions to the Elections site, since they are the only ones with access — such as elections-related news posts.

On the day the election opens, the elections Web staffers change the automatic account activation message to new text that announces that the ballot is open and contains all necessary voting information. Then, just before the ballot becomes active (it’s on an automatic timer), they trigger the email message to all voters by deactivating all voter accounts and then reactivating them.

The elections Web staffers split the 48-hour voting period into eight-hour shifts, each taking three. Each shift means that the person “on call” is ready to troubleshoot any account access problems the Elections Officer contacts them about, and they also help to create an audit trail. At the end of each shift, the elections Web staffer on duty takes a screenshot of all ballot results as of that moment, zips the resulting images, and drops them into the Election Officer’s vault space. All results are capped each time, meaning that any changes to existing votes would be apparent in the case of examination. Both elections Web staffers are on duty for the final few hours, and both make separate screenshot packages and deposit them in the vault.

Once the ballot has closed, the Elections Officer communicates the results to the candidates and to the voters and posts them publicly. If any candidate chooses to question the result, the screenshots made throughout the process in the web administrative interface would be examined and recounted, as well as potentially corroborated with information from the Systems committee.

Spotlight

Comments are closed.