

The DNC's voter registration app is now free and open-source software - edavis
http://pauladamsmith.com/blog/2013/01/dnc_voter_reg_foss.html

======
zopticity
I'm not going to register with my information, and here's why:

1) I don't know what this website is, and why it's collecting my information.
Where's the credibility? Now people can use this "open source software" and
can modify the where the endpoints are. I'm a little bit worried than anyone
who has malicious intent can alter the code.

2) Why isn't it even requiring HTTPS/SSL? I don't want anyone to intercept my
sensitive information, especially with someone that can just dump the code
anywhere and pretend to be an "official" voter registration. Take that demo
app for example.

I know this post was meant for something good, but I feel security
measurements are not its strongest points. And I must petition for more
security when the app involves with sensitive information that can be
collected by any 3rd party website. Please correct me if I'm wrong!

~~~
jkonowitch
I think your concern is legitimate. I imagine that organizations wishing to
make use of the app or modify it will imbue it with trust by associating
themselves with it - ie a League of Women Voters logo somewhere on the page.
As the article points out though, there are a lot of regulations in this space
so I'm not sure if that is allowed.

As far as SSL goes yes I think at the very least the production.rb file should
declare `config.force_ssl = true`.

------
btown
The post includes this statement:

> I want to acknowledge the hard work across the organization, from software
> engineers to lawyers, to find a way to give back to the open source
> community and satisfy the concerns of both.

So it seems that this decision was done after careful legal advice was sought.
I'd love to hear what the lawyers actually said about this "advisory." Does
including an advisory remove liability on the code's creators, much like the
"Contents may be hot" advisory removes liability on McDonalds should a
customer burn themselves?

I asked a similar question in a comment on another link: if a coder were to
open-source an app that could _easily_ be repurposed as, say, a search engine
for pirated videos, but they included an "advisory" saying exactly what a
derivative work's creator should do to obey the law, is the original coder
liable? It would seem that the DNC would say "no," but maybe voting law is
different from copyright/piracy law when it comes to liability? But if
anything, I'd expect voting law to be even stricter...

I'd hate to see a civil rights lawyer suing the DNC and invoking
[http://en.wikipedia.org/wiki/MGM_Studios,_Inc._v._Grokster,_...](http://en.wikipedia.org/wiki/MGM_Studios,_Inc._v._Grokster,_Ltd).
as a precedent. "This technology was primarily used for
<strikeout>infringing</strikeout> disenfranchising uses."

o_o

(IANAL)

~~~
ajg1977
I can't speak for this specific case, but when releasing software to others
(open sourcing, licensing, etc) it's common to run the codebase through
something like Black Duck. Everything that comes up as a false positive needs
to be checked into and cleared. Everything that's a true positive must have
its license read to ensure that any terms of its release are being met.

For software that's been released but doesn't have a clear license (e.g. some
"Pull to refresh" implementation on Github) it's often necessary to ask the
author to sign some form of "no, I really won't sue you" release.

If it's discovered that some license was inadvertently violated (e.g.
attribution) then it can be necessary to send a mea culpa to the licensor so
they're not incensed if someone points the violation out to them later.

(IANAL, but I have done this dance before).

------
damncabbage
The demo: <http://voter-registration.herokuapp.com/>

------
michaelfeathers
The code looks very clean and simple. Only 15 methods and 9 specs. No logic in
the models. Nice sweet spot for Rails.

------
jkonowitch
Any thoughts on what could be built out/on top of this application?

~~~
pohl
Maybe the RNC could repurpose it as a voter suppression app?

~~~
pekk
While this is a partisan comment, it highlights the political reason why the
DNC pursues registration drives. It stands to benefit from doing so. Voters in
demographics more likely to support the Democrats are less likely to register
and less likely to be engaged.

~~~
knowtheory
It should be pointed out that the various organs of both the Democratic and
Republican party both run voter registration drives, as do a number of other
groups (with varying degrees of affiliation with official parties).

It's not surprising that each group targets demographics which seek to further
their aims.

Despite that, registering more voters is categorically a good thing. We as a
society require an informed and engaged electorate. Registering to vote is
part of that engagement.

