The Comelec failed to comply with the election automation law or Republic Act (RA) No. 9369 simply because of the missing link; that is, its implementing rules and regulations (IRR). Section 37 stipulates that “The Commission shall promulgate rules and regulation for the implementation and enforcement of this Act.” It’s been seven years but there has been no promulgation.
Is there a problem in preparing for the IRR? None! Where there’s a Will, there’s a Way. Take for example RA10366 entitled “An Act Authorizing the Commission on Elections to Establish Precincts Assigned to Accessible Polling Places Exclusively for Persons with Disabilities and Senior Citizens.” It was approved by President Aquino on February 15, 2013. Then August 30, 2013, only six months later, through Resolution No. 9763, Comelec promulgated its IRR. Kung gusto may paraan, kung ayaw may dahilan! But until now, I can’t think of any reason why Comelec could not come up with the IRR of RA 9369. That is why when they implemented the law in 2010 and 2013, the stipulations regarding source code review, digital signatures, etc. were not complied with. To date, there has been no effort to address these concerns.
Let’s take for example Smartmatic’s interpretation of BEIs and BOCs digital signatures. To them, the digital signatures are those of PCOS’ “machine digital signatures.” How can that be if RA 8792 or e-Commerce Law of 2000 and the Supreme Court’s (SC) Rules on Electronic Evidence of 2001 define such digital signatures as any distinctive mark, characteristic and/or sound in electronic form representing the identity of a person? Smartmatic did not clear this with our top-notch lawyers and unfortunately Comelec allowed this to happen twice.
Why use digital signatures? In the context of BP Blg.881 of 1985, it clearly clarifies about the actual signatures of the BEIs and BOCs affixed in the election returns and certificates of canvass, respectively. These signatures were later converted by the framers of RA 9369 into digital signatures based on RA 8792. The intention then, and as it is now, is to represent the functional equivalent of the actual signatures. Hence, Sections 22 and 25 of RA 9369 state that the election returns/certificates of canvass transmitted electronically and digitally signed shall be considered as official election results and shall be used as the basis for the proclamation of a candidate. If you interpret this literally, there was no basis for Comelec officials to proclaim winners from municipal up to the national level due to missing digital signatures. That’s why, an IRR is required to legally support the provisions of RA 9369 related to digital signing.
Regarding source code review, Smartmatic allegedly released the source code but Comelec announced that the review is open only four days before the May 13, 2013 elections. How can the source code be reviewed over the weekend? That’s impossible! It is also interesting to note that the law stipulated that the source code review should be done and certified three months before the elections, not four days! Further, the law stipulates that a certification that the source code is kept in escrow with the Bangko Sentral ng Pilipinas and a certification that the source code reviewed is one and the same as that used by the PCOS machines. Sorry, Filipinos didn’t see any certifications!
Why do a source code review? It is the technical process of examining the computer program of counting, canvassing and consolidation and election management systems to find and remove programming bugs thereby ensuring that our votes are counted accurately and reflected up to the national board of canvassing. For the 2016 elections, the source code review should start as early as January 2015 and latest by June 2015 so that the code would be certified acceptable by February 2016.
Further, RA 9369 Section 14 mandates Comelec to allow the political parties and candidates and citizens’ arm to examine and test the equipment or device of the AES and the opening of the source code for their review. Months before the 2013 elections, senatorial candidate Richard Gordon had an experience in seeking to compel the poll body to allow political parties to examine and review the source code. How did the Comelec take this? Chairman Brillantes stressed, “Source code review by a political party is not mandatory, it is good for purposes of credibility.” I am not a lawyer but Section 14 is very obvious about its intention. Hence, an IRR is needed to clear any ambiguities in the interpretation of source code review, how should it be done, and the time needed to conduct it.
Let’s face IT! Comelec has to go back to the basics of the RA 9369, understand its technical provisions with the IT experts and promulgate its IRR.