(1) Basic Operational Elements of the Online Voting System.
(A) System is web-based.
(B) System has an intuitive, easy-to-navigate interface.
(C) System is localized (in terms of date, time and address formats) to major areas in the world.
(D) System can handle five thousand voters over ten days, with likely spikes in use at beginning and end of voting period.
(A) System interoperates with a wide variety of client-side platforms, including:
(i) Microsoft Windows;
(iii) Other common operating systems (Linux, etc.);
(iv) Internet Explorer version 3 or higher;
(v) Firefox version 3 or higher;
(vi) Safari version 1 or higher;
(vii) Opera version 3 or higher;
(viii) Netscape version 3 or higher; and
(ix) Chrome version 1 or higher.
(C) System detects whether browser accepts images and provides alternate interfaces.
(D) System works for users who use screen readers.
(E) System works for users who access the Internet using a text-only browser.
(F) System is sensitive to low-bandwidth/slow-modem environment of some users.
(3) Verification of Voters.
(A) System verifies a voter's member number, password and PIN number.
(B) System alerts administrator of suspected efforts at fraud (including repeated guesses of passwords, excessive votes from a single PC).
(4) Secret But Verifiable Ballots. System implements secret balloting, while allowing independent third-party monitors to verify that the ballots counted are the same as the ballots cast.
(5) Support for Ballot Marking Rules. System either:
(A) Does not allow mismarking of ballots; or
(B) Checks validity of ballots immediately upon submission, and returns ballot to voter for resubmission if there is an error.
(6) Data Security.
(A) System protects the security, integrity, and confidentiality of members' personal data.
(B) System protects the security, integrity, and confidentiality of ballots.
(C) Ideally, system provides no way for anyone (even vendor employees) to determine how an individual voter voted; at a minimum, system provides reasonable safeguards to prevent such data access.
(7) Verifiability of Software and Procedures.
(A) System and vendor make it possible to verify that the software performs according to specification.
(B) System and vendor make it possible to verify that the vendor is running the software correctly.
(C) Vendor will allow independent third-party monitors to review:
(i) Software, before and during election; and
(ii) Procedures (how many people have access to what parts of the system, how passwords are issued, how backups are done).
(D) System incorporates safeguards to assure that vendor employees do not cast votes for users who do not vote.
(E) System provides mechanism for verifying that the system is operating the way it is supposed to; this may involve mathematical procedures or cryptographic protocols that will reveal if ballots have been tampered with, audit trails, or other mechanisms suggested by the vendor.
(F) System automatically verifies the number of ballots sent in and the size and consistency of the database(s), and warns the administrator and stops the voting until the administrator manually authorizes it to continue.
(8) Vendor Transparency and Openness.
(A) Vendor will be sufficiently transparent and open about the system's design and function so as to foster confidence among users.
(B) Vendor will allow independent third-party monitors to verify that the voting system is working according to the specification and proposal.
(9) Vendor Capability.
(A) Vendor is committed to the success of the voting system.
(B) Vendor provides access to 24-hour technical support during the 10-day voting period.
(C) Vendor has tested its voting systems in a production environment.
(D) Vendor will test the voting system prior to the election.
(E) Vendor has, and provides reference for, prior experience with similar systems.