ACM Voter Registration Database Study Calls for More Details in EAC Guidance

Previously, we reported that ACM created a committee to study issues related to statewide voter registration databases and that the Election Assistance Commission (EAC) recently released its draft guidance on this topic, seeking additional comments. ACM’s committee took the opportunity to provide expert comments to the EAC.

The Help America Vote Act requires that all states have statewide voter registration databases in place by January 1, 2006. Seeking to give the states guidance on this law, the EAC released draft guidelines on how to implement statewide registration databases. ACM’s committee felt that the guidance was a good start, but that it covers only a few issues and lacks much of the technical detail that states really need:

“States will face many technical challenges in implementing these databases in a secure, accurate, and reliable manner, while protecting sensitive information and minimizing the risk of identity theft. The databases must also be easy to use and able to withstand the kinds of extreme demands to which they are likely to be subjected on Election Day. While the current guidance recognizes some of these challenges, it addresses the technical issues only at the highest level of detail. We urge the Commission to provide more technical detail on a broader set of issues as it further develops this guidance.”

The heart of EAC’s guidance (which begins on page six) provides clarification and information on four basic issues:

  1. States can consider either distributed or centralized databases;
  2. The statewide voter registration list should be synchronized with local databases at least every 24 hours;
  3. States should coordinate with as many other government sources of information (i.e. death, felony, drivers license, etc. databases) as much as possible; and,
  4. Local election officials should have “immediate” access to the statewide voter registration list; however, access rights (i.e. read vs. write permissions) should match the duties of the user.

Beyond its overarching statement, the committee’s comments focused on the issues identified by the EAC and in particular: securing particularly sensitive data (i.e. Social Security numbers), developing standard schema for data, ensuring the accuracy of integrated databases by avoiding automated merges and purges, and specifying fine-grained permissions for the database.

It is important to note that this guidance is non-binding. As a practical matter, however, many states include federal guidance in their state regulations, so this document may carry some weight.