My homeowners association in Virginia is contemplating using electronic means to vote at annual mtgs. The assoc has 74 lots and fewer owners and about half of the members are 60 years old with little (and lessening as they get older) tech facility.
The board has been considering how to make this happen consistent with the law (below) for several years. I’m a firm believer in democracy and voting, but I also know that the non-electronic votes process has violated the law since the HOA was created. To me, there are two questions: Can “ensuring” only people who are assoc members happen in a way manageable by non-tech people? and Is the process supporting the voting cumbersome? (See F, below)
A member who is a self-described IT and security expert who works for a big company like PEPCO suggests that the website be migrated to Drupal or WP from Squarespace as the latter is cumbersome and the others have plug-ins that could be used for voting. I switched to SS b/c it’s stupid simple and the assoc wasn't contemplating electronic voting at the time. I fear changing platforms will just make it harder for no good reason.
Anyway, the member suggests the HOA issue unique voter IDs for each lot and tell assoc members not to share their password. Again, the board goes back to “ensure.” If all the board does is tell members not to share, not sure that this qualifies as “ensuring.”
Finally, since signature is mentioned, could the board simply use one of the online signature services (like I used when I sold my house)? I know the board will still be left with the “ensure” question, though.
Virginia law Property Owners' Association Act § 55.1 https://law.lis.virginia.gov/vacodepopularnames/property-owners-association-act/
§ 55.1-1832. Use of technology A. Unless expressly prohibited by the declaration, (i) any notice required to be sent or received or (ii) any signature, vote, consent, or approval required to be obtained under any declaration or bylaw provision or any provision of this chapter may be accomplished using electronic means.
B. The association, the lot owners, and those entitled to occupy a lot may perform any obligation or exercise any right under any declaration or bylaw provision or any provision of this chapter by use of electronic means.
C. An electronic signature meeting the requirements of applicable law shall satisfy any requirement for a signature under any declaration or bylaw provision or any provision of this chapter.
D. Voting on, consent to, and approval of any matter under any declaration or bylaw provision or any provision of this chapter may be accomplished by electronic means, provided that a record is created as evidence of such vote, consent, or approval and maintained as long as such record would be required to be maintained in nonelectronic form. If the vote, consent, or approval is required to be obtained by secret ballot, the electronic means shall protect the identity of the voter. If the electronic means cannot protect the identity of the voter, another means of voting shall be used.
E. Subject to other provisions of law, no action required or permitted by any declaration or bylaw provision or any provision of this chapter need be acknowledged before a notary public if the identity and signature of such person can otherwise be authenticated to the satisfaction of the board of directors.
F. Any meeting of the association, the board of directors, or any committee may be held entirely or partially by electronic means, provided that the board of directors has adopted guidelines for the use of electronic means for such meetings. Such guidelines shall 𝐞𝐧𝐬𝐮𝐫𝐞 that persons accessing such meetings are authorized to do so and that persons entitled to participate in such meetings have an opportunity to do so. The board of directors shall determine whether any such meeting may be held entirely or partially by electronic means. (emphasis added)
> A member who is a self-described IT and security expert who works for a big company like PEPCO suggests that the website be migrated to Drupal or WP from Squarespace as the latter is cumbersome and the others have plug-ins that could be used for voting. I switched to SS b/c it’s stupid simple and the assoc wasn't contemplating electronic voting at the time. I fear changing platforms will just make it harder for no good reason.
What is your relationship with the HOA? Are you just a member or are you a paid employee? Do you really need this headache in your life? Unless running IT for your HOA is your lifelong ambition, you might consider deferring control of this system to the gentleman who wants electronic voting and let him spend the time and effort implementing the nonsense he advocates.
I'm not a lawyer, but it sounds like you are going down a rocky road (forcing technology on an unwilling audience) because you think you are supposed to. The easiest solution is probably just to get a lawyer to confirm your understanding of the law and potentially just keep voting the way you are currently voting.
A few responses: 1. The board knows (and I'm totally aware) that the state law doesn't require the HOA to use electronic voting. But there are number of association members who want to and keep bringing it up. And the one doing the recommending, for example, suggests we use a secure Gmail account (2FA making it secure) to collect ballots/notices of ballots with three people having access to the account, but no board members necessarily.
2. Yes to the lawyer. I think this issue is in line for review (that's how much crap is happening).
3. Proxies are prohibited by the covenants. Since there are already legal challenges to previous changes, I would not recommend changing them.
4. Had not thought of by-phone voting. I love that the IRS does this (did not know before reading here). Chuckling thinking about our implementation!
Again, thank you all. I knew I could count on you.
That right there will create significant 'befuddlement' for any attempt at 'electronic voting'.
> Can “ensuring” only people who are assoc members happen in a way manageable by non-tech people?
Simply put: no.
Consider that all methods of "authentication" of a human at a remote computer involve the computers verifying that "the human typing" can provide some "secret answer". [1] But "knowing secret answer" only verifies that "the human typing" is the actual authorized human when no one "shares secret answers" with anyone. I.e., all the correct secret answer verifies is "some unknown human responded with the correct response". If there is no "secret sharing" then "provided correct response" reasonably assures that the "unknown human" is the actual authorized one. If secrets are shared, then "provided correct response" does not guarantee that only "the correct human" is typing.
> tell assoc members not to share their password.
While this might prevent a potential "malpractice" lawsuit by having given notice "not to do" something, it does not, in fact, prevent any members from sharing their passwords with anyone. Someone who plans to be on a ship in the south-pacific doing ocean temperature research, out of contact range with the world, during the time of the vote can still "share their password" with their wife/husband/brother/cousin/etc. if they also really want their vote put it (they, of course, also have to trust that their 'proxy' actually votes the way they want). Simply telling a group of people "not to share" their passwords in no way guarantees that all of the group will abide by the request.
[1] do not take 'typing' and 'secret answer' literally, read them broadly as "some user providing a response" in whatever way necessary.
Even if you can only use paper for (say) 50% of the votes, it can reduce your legal issues & uncertainty, while making the technology-challenged members feel less disenfranchised.