LAST December 9, 2016, a number of news websites carried the news that President Barack Obama had ordered a full review of possible Russian hacking of the recent United States election. Questioning whether an automated election system (AES) can be hacked or not raises concerns about the integrity of the AES and the credibility of election results that the system generates.
The Philippine experience in automating the elections is no different. Concerns were raised on possible vulnerabilities of the AES used in the last three elections. Everything happens inside the machine and those internal mechanisms are shielded from public observation.
But can the voting machines really be hacked? Just as in the US, none of the vote counting machines (VCMs) used in the Philippine elections is connected to the Internet; they connect to the transmission network only when they are ready to transmit the election returns to the city or municipal canvassing and consolidation system (CCS) and other servers. Hackers would not be able to hack into the VCMs since the transmission network is configured as a virtual private network with the appropriate security measures in place, and the time period to perform hacking activities is very short. Potentially, however, the CCS and other servers are exposed to possible attacks since the CCS and other servers are open for much longer periods while they wait to receive transmissions from the VCMs and CCS.
At the VCM level, an added confidence measure is the printing of the voter receipt which the Supreme Court ordered to be activated a couple of months before the 2016 elections. A post-election random manual audit of the vote count results generated by the VCMs is also mandated by law.
But, as Philippine experience has shown, an insider can very well interfere in the workings of the AES while it is in live operations. It will be recalled that Marlon Garcia of Smartmatic had introduced a program script into the transparency server while it was receiving transmissions from the VCMs. Garcia’s incursion into the transparency server had a negative impact on the credibility of the results of the elections. While canvassing and consolidation reports of the election returns received by the transparency server generated by accredited observers and media outfits are unofficial results, still, the transparency server is part of the AES and the election returns received are official copies. Garcia’s action was without the Commission on Elections (Comelec) en banc’s approval, prompting Commissioner Rowena Guanzon to denounce Smartmatic and call for an investigation into the breach in protocol.
Imagine if such an incursion happened in a bank. A change in a banking system software, no matter how minor, would surely not have been allowed. Any proposed change in a banking system’s software goes through a rigorous process of testing and review before such change is approved. The software change is implemented following strict security and operation protocols.
Going back to the AES, the only way to verify the integrity of the election results is for an audit of the system to be done but the random manual audit mandated by law does not cover an audit of the CCS. And no such audit was performed on the CCS following the claimed cosmetic change incident.
Also, the integrity of the consolidated results generated by various observers and media outfits cannot be ensured since the election returns received by the monitoring groups through the transparency server have been converted into a data format called “comma separated values”. The data format conversion resulted in the stripping of the digital signatures claimed to have been affixed to each election return generated by the VCM and other transmission-related data.
* * *
In a separate development over the weekend, Smartmatic appears to be demanding from the poll body payment of P2 billion for unreturned VCMs. Smartmatic claims that the Comelec failed to return the VCMs on the due date, December 1, 2016, and that therefore the VCMs are already considered sold. Apparently, Smartmatic’s demand is based on a clause in the two contracts of lease with option to purchase for the 2016 elections. One is prompted to ask why the poll body signed the contract with that particular clause, a clause that can be seen as disadvantageous to the government. Had the commission been remiss in its duty to ensure that the government would not be placed at a disadvantage?
Some 92,500 VCMs along with the ballot boxes and their contents and other election paraphernalia are covered by a precautionary protection order (PPO) issued by the Presidential Electoral Tribunal (PET) directing the Comelec to safeguard the integrity of the said equipment and election paraphernalia. The PPO issued was in relation to the protest filed by former Senator Ferdinand Marcos after he lost to Vice President Leni Robredo. For sure, Smartmatic is not unaware of the circumstances surrounding the PPO. The delayed return of the VCMs is not an unforeseen event, which should have prompted the Comelec to advise Smartmatic accordingly. Smartmatic appears to be making an unreasonable demand.
The poll body is reported to have invited Smartmatic to its en banc meeting. Cannot the Comelec simply deny Smartmatic’s demand? What gives?