Source Code Review Mechanisms in Brazil
Last updated on December 17, 2013
Brazil’s electoral commission (Tribunal Superior Eleitoral, TSE) is credited for making the source code to its electronic voting system available for review by electoral stakeholders. In addition to providing access to the source code, the TSE invites computer scientists and interested parties to find system vulnerabilities. Despite these efforts, electoral stakeholders believe that the TSE can take further steps to ensure greater transparency in this process. Among the steps suggested are providing more time for experts to analyze the system and source code, and placing fewer restrictions on public comments resulting from the expert analysis.
The Tribunal Superior Eleitoral (TSE) takes steps to provide transparency for electoral stakeholders by offering access to the source code for the electronic voting system as well as opening the system for hacking competitions. However, the TSE has come under some criticism in recent years because of the manner in which these initiatives have been implemented, which has led to calls for greater transparency with regard to technical aspects of the electronic voting system.
Brazilian electoral law stipulates that the source code should be made available for review by political parties and the Brazilian bar association (Ordem dos Advogados do Brasil, OAM). Electoral stakeholders in Brazil believe that the TSE failed to meet this requirement for the 1996, 1998, and 2000 elections. The TSE did start to make the source code available for review after the 2000 elections, but the manner in which the source code is provided has also come under some criticism. Computer scientists criticize the fact that auditors must sign a nondisclosure agreement and, consequently, any problems found during the audit are not made public. Auditors also point out that only a few days are given for auditing and the examination of the code occurs in very controlled conditions on the TSE’s computers, which are insufficient to comprehensively examine the code. In some cases, the code was modified after it had been given to the parties for review.
To its credit, the TSE has gone beyond its legally mandated requirements to make the source code available for review to independent computer scientists. These computer scientists have generally found the system to be robust, but have made several recommendations to improve the system, including instituting a voter-verified paper audit trail (VVPAT) to enhance the auditability of the system. The TSE has thus far resisted instituting VVPAT in the electronic voting system. Since 2009, the TSE has also organized hacking competitions, inviting computer scientists and other interested parties to find external vulnerabilities in the electronic voting system, but there have been complaints that the TSE does not allow enough time (three days are provided) to thoroughly test the system and that those participating in the competitions do not have enough time to analyze the code.