In less than 24 hours, people who had never heard of Shadow, Inc. started screaming conspiracy, willful incompetence, and much much worse. How is the trust rebuilt? Let’s make this very clear from the start – this article is not about politics, not about the Iowa caucuses, and not about candidates. This is about open source.
You don’t need an intergalactic bounty hunter to fight bad guys. iThemes Security Pro will secure and protect your WordPress sites from the wretched hive of scum and villainy across the internet! Prevent hacks, security breaches, malware and more. This is the way.
The “Shadow Caucus App” (SCA from now own) was commissioned, developed, tested, released, and user trained in a two month period1. This is a lightning fast release schedule for a mission critical app. If we are going to judge projects by timelines, this should have never been executed, any project manager worth their salt would have stood firm and refused such an endeavor. When dealing with the public trust there most definitely exists a fiduciary duty not just to the paying customer but absolutely to the users effected. These users are not just the Iowa Democratic Party (IDP) staff and volunteers but also the users who submitted data – the voters.
The official response is a bit of an apology to voters with a lot of apology to who knows whom2.
We sincerely regret the delay in the reporting of the results of last night’s Iowa caucuses and the uncertainty it has caused to the candidates, their campaigns, and Democratic caucus-goers. As the Iowa Democratic Party has confirmed, the underlying data and collection process via Shadow’s mobile caucus app was sound and accurate, but our process to transmit that caucus results data generated via the app to the IDP was not. Importantly, this issue did not affect the underlying caucus results data. We worked as quickly as possible overnight to resolve this issue, and the IDP has worked diligently to verify results. Shadow is an independent, for-profit technology company that contracted with the Iowa Democratic Party to build a caucus reporting mobile app, which was optional for local officials to use. The goal of the app was to ensure accuracy in a complex reporting process. We will apply the lessons learned in the future, and have already corrected the underlying technology issue. We take these issues very seriously, and are committed to improving and evolving to support the Democratic Party’s goal of modernizing its election processes.Statement from Shadow Inc. CEO, Gerard Niemira
The striking sentence, “Shadow is an independent, for-profit technology company that contracted with the Iowa Democratic Party to build a caucus reporting mobile app, which was optional for local officials to use.” begs more questions than provides answers. What we did not get was a real explanation of the issues.
What does all of this have to do with open source? If this app is going to be proprietary yet dependent on the trust of the electorate, Shadow should release the code as open source. They should provide a full technical description of where and how failures occurred. They should allow external technologists to evaluate the full stack. This can be easily done with open sourcing SCA. It will restore trust that digital tools for elections can be effective in more democratic outcomes. It will also allow for security issues and other bugs (because there always are some) to be brought into the light and squashed.
Update : February 7, 2020 Motherboard adds some great detail to the whole mess. But let’s get to the real scathing indictment:
The consensus was that Shadow had rushed the app, and that it was rudimentary in design.Motherboard
I don’t think it is unreasonable to call for a public audit of code which has caused a lack of trust in the democratic process.