What does the FDA have to do with
Black Box Voting? Strange bedfellows, no? Yet, to myself at least, there is a link between the two, in the system of rules that inform our drug and food manufacture system, and that should be informing the regulation of our voting systems in this country. It seems to me that these rules might help us set reasonable expectations for the way we vote and the way we count our votes. They are considered reasonable, and are mandated for anyone manufacturing pharmaceuticals. And all of that industry's well-known lobbying power does not do much to stay these rules.
Some details below. I respectfully invite anyone more familiar with these regulations than myself, to please comment on my assessment, whether right or wrong. Although I worked in the industry, I was never directly responsible for monitoring compliance with these rules, and may have interpreted some of them incorrectly.
The actual FDA document detailing these rules is Title 21 of the Code of Federal Regulations (CFR). Access to the different subsections of this part of the CFR can be gained through this
Cornell University site.
Take a look at the list of topics and you will get a good idea of the breadth of the regulation involved.
21 CFR covers most of the job the FDA is charged with, i.e. the regulation of food and of drug manufacture, testing, and labeling. Some of the main areas to note are the sections for drugs (chemically manufactured entities used for therapy) covered in Parts 210 and 211, biologics, ( drugs manufactured by recombinant DNA methods or derived from human plasma or other biological sources), covered in Part 600, and medical devices, covered in Part 820. There are also many sections devoted to topics relating to food manufacture and testing.
You can get an idea of the motivating thought processes surrounding drug or device approval in this short article, which deals with medical devices. It gives a good idea of the kind of interferences, the possibilities for error, that may occur with a device, in this case.
But what does this have to do with voting? That question brings us to 21 CFR Part 11
.
This is the part of the Code of Federal Regulations that deals with electronic signatures, which is a new technology initiative in the pharmaceutical world. A good example of the concepts behind electronic signatures can be found here. The rules also control electronic records, including their generation, storage and verifiability, and it is this part that seems most applicable to the electronic voting story.
The FDA's guidance as to this subject can be seen, at least in part, in a document entitled Guidance for Industry - Computerized Systems Used in Clinical Trials(pdf). I will highlight some of the guidelines below, but if you are really into the subject of computerized voting, the entire document is worth reading (14 pages.) All of the following quotes are from this document.
So what does the it say? Well, it seems to cover most of the bases with regard to how you guarantee that the data gathered from a procedure, for example a clinical trial for drug approval, generates high quality data that can be certifiably verified at any time in the future, as long as the data is relevant to anything. (All emphases here and below are mine).
Kind of sounds like the way election results should be treated, no?
FDA established the Bioresearch Monitoring (BIMO) Program of inspections and audits to monitor the conduct and reporting of clinical trials to ensure that data from these trials meet the highest standards of quality and integrity and conform to FDA's regulations.
The standard driving this guidance is stated as:
FDA's acceptance of data from clinical trials for decision-making purposes is dependent upon its ability to verify the quality and integrity of such data during its onsite inspections and audits. To be acceptable the data should meet certain fundamental elements of quality whether collected or recorded electronically or on paper. Data should be attributable, original, accurate, contemporaneous, and legible. For example, attributable data can be traced to individuals responsible for observing and recording the data. In an automated system, attributability could be achieved by a computer system designed to identify individuals responsible for any input.
The attributable part doesn't really work quite well for voting, as we don't want to be able to identify the voter, but we do want to be able to identify anyone who alters a vote. See below for more on alteration of records.
Are these standards universally applicable?
Although the primary focus of this guidance is on computerized systems used at clinical sites to collect data, the principles set forth may also be appropriate for computerized systems at contract research organizations, data management centers, and sponsors. Persons using the data from computerized systems should have confidence that the data are no less reliable than data in paper form.
Sounds like a good philosophy as to how to treat electronically generated election results, doesn't it?
There are so many good clips in this document, that it is hard to choose which ones to include here. I would recommend reading the whole document, if you have an interest in this topic, and if it seems relevant. But here a few nuggets.
From Section III: General Principles:
G. Any change to a record required to be maintained should not obscure the original information. The record should clearly indicate that a change was made and clearly provide a means to locate and read the prior information.
H. Changes to data that are stored on electronic media will always require an audit trail, in accordance with 21 CFR 11.10(e). Documentation should include who made the changes, when, and why they were made.
I. The FDA may inspect all records that are intended to support submissions to the Agency, regardless of how they were created or maintained.
-snip-
L. Security measures should be in place to prevent unauthorized access to the data and to the computerized system.
In the section above, read the word record as vote.
Also, the part about always being able locate and read the prior information, even if it has changed by the time the final version is reached, is also a hallmark of any proper scientific documentation, such as a lab notebook. When you make a mistake, you never obscure the mistake. You strike-through it, initial and date it, and then write the corrected answer.
And from Section V: Data Entry (for our purposes, read as voting):
B. Audit Trails
1. Section 21 CFR 11.10(e) requires persons who use electronic record systems to maintain an audit trail as one of the procedures to protect the authenticity, integrity, and, when appropriate, the confidentiality of electronic records.
a. Persons must use secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. A record is created when it is saved to durable media, as described under "commit" in Section II, Definitions.
b. Audit trails must be retained for a period at least as long as that required for the subject electronic records (e.g., the study data and records to which they pertain) and must be available for agency review and copying.
2. Personnel who create, modify, or delete electronic records should not be able to modify the audit trails.
3. Clinical investigators should retain either the original or a certified copy of audit trails.
-snip-
5.* Audit trails should be created incrementally, in chronological order, and in a manner that does not allow new audit trail information to overwrite existing data in violation of §11.10(e).*
And the last quote I will include deals with software.
B. FDA may inspect documentation, possessed by a regulated company, that demonstrates validation of software. The study sponsor is responsible, if requested, for making such documentation available at the time of inspection at the site where software is used. Clinical investigators are not generally responsible for validation unless they originated or modified software.
FYI, the term validation has a very specific meaning, i.e. you can prove that the software and its associated equipment works as it is supposed to, every time, in all conditions, and when it does not work, it lets you know it is not working correctly, or at least, records its mistakes.
As I said, there is a lot more in this document to think about. There is also a list of references concerning this topic.
It seems, to me at least, that Diebold, the other manufacturers of electronic voting machines, and the people who manage our polling system should be held to the same standards as the people that manufacture our aspirin.
After all, it is about our votes.