The Election Assistance Commission is charged with ensuring that our voting systems are reliable and secure. Each machine is "supposed" to be subjected to rigorous tests before being certified, and the EAC was recently empowered to oversee that process.
At least that's the theory. As Aaron Burstein and Joseph Lorenzo Hall show in their recent opinion piece in Roll Call, however, the revelation that the EAC de-certified a major testing company (Ciber) in the summer of 2006 but did not notify election officials until long after the 2006 election demonstrates that EAC suffers from a culture of secrecy that undermines the very goals it is supposed to protect.
The EAC recently announced a new policy that not only fails to ensure transparency in the future, but affirmatively allows it to shield from the public important information about how and why voting systems are tested and certified. Manufacturers are allowed to deal with test labs privately, keeping communications secret. And while the EAC is publishing test lab reports, it is refusing to publish the test plans it used to certify a voting system — and without that knowledge, the public cannot know whether the tests were in fact rigorous or accurate enough.
As Burstein and Hall note, in the case of Ciber, the results of EAC's secrecy were that approximately 70% of voters in the November 2006 election used equipment that had been "certified" by a company that the EAC de-certified months before the election. Who knows what the next problem will be? As Burstein and Hall put it: "Secrecy isn't working for the EAC or democracy — and there is no reason to think it will in the future."