“Bayan o Sarili? The Nation or Myself?” is a question that every Filipino should ask this coming 2016 national and local elections (NLEs). The blockbuster movie Heneral Luna is not only reminding us of the patriotism and heroism of General Antonio Luna but more so in giving us the inspiration to always do everything para sa bayan (for the nation.).
In the movie, we see and hear General Luna say, “Mayroon tayong masmalaking kaaway kaysa mga Amerikano, ang ating sarili!” (We have a larger enemy than the Americans, our selves!). Paraphrasing General Luna: “Mayroon tayong masmalaking kaaway kaysa Hocus-PCOS, ang ating sarili.” (We have a larger enemy than the Hocus-PCOS, our selves.) Those candidates planning to do electronic cheating in 2016 must examine and ask themselves,“Bayan o Sarili?” Let the people’s will prevail!
A person lacking consideration of others and mainly concerned with one’s own personal profit or pleasure is selfish or “maka-sarili” which connotes “all mine and never mind what’s good for the rest.” It may also mean to a greedy person “bahala sila sa kanilang sarili,” (they should fend for themselves), a disregard or disrespect of others. “Moderate your greed” was once a very popular buzzword during the ZTE scandal hearings. Greed is very much synonymous to election fraud via electronic cheating, a more destructive mechanism in killing democracy than the usual “dagdag-bawas” in the manual elections.
In the Joint Congressional Oversight Committee (JCOC) on Automated Election System (AES), one of the buzzwords is IRR or the Implementing Rules and Regulations of RA9369, the automated election law. IRR is stipulated in, mandated by, RA9369 Section 37 which states that “The Commission shall promulgate rules and regulation for the implementation and enforcement of this Act.”
In the recent JCOC hearing on September 17, 2015, Ms. Evi Jimenez of CenPEG/AES Watch said, “…dahil po walang IRR ang RA9369, ang mungkahi po naming ay siguro manggagaling din dito sa Committee ay gawin na po, i-fast-track na ang IRR dahil from time to time, mula noong 2010 ay palaging naglalabas ng iba’t-ibang Comelec rules. Nag-iiba po iyan kaya subject to the decisions ng mga bagong set ng commissioners. Isa po iyan sa nais namin at matagal na naming sisasabi, isang constructive proposal iyan noon pa na hanggang ngayon hindi pa nagagawa.”(“…your honors, because RA9369 (Republic Act 9369) has no IRR, our suggestion, honored sirs, is perhaps for this Committee to make that suggestion its own, order that the IRR be fast-tracked, sirs, because from time to time since 2010 always different, varying, Comelec rules are issued. These rules take different shapes, so they are subject to decisions of new set of commissioners. That, sirs, is one of the recommendations we have been making for a long time, it’s a constructive proposal made long ago but has not been carried out until now.)
Inattention to the required promulgation of the said IRR is negligence. If guidelines instead of IRR is what Comelec prefers, better yet amend the law and remove the word “promulgation.”
At long last, after eight years, the new leader, Chairman Bautista, addressed the IRR issue by replying to Jimenez, “…why don’t you provide us with the draft IRR which the Commission can now consider?” Jimenez responded, “…Bukod sa hindi namin ito trabaho at DAPAT trabaho ng gobyerno, ay magtulungan po tayo (Notwithstanding the fact that this is not our job and SHOULD be the job of the government, sirs, let’s help each other.) …In fact, we have presented a lot of amendments—proposed amendments and proposals pero gawin po ng gobyerno iyong dapat gawin niya. (but the government should do what it should do.)” An act of “magtulugan” or “BAYANihan”is what is being called for, as stated by Jimenez. Being the lead agency, Comelec therefore may initiate the “BAYANihan” to finally draft the elusive IRR and promulgate the same by calling not only AES Watch to participate but also other stakeholders to help. Let’s not forget that the drafting of bills leading to the enactment of RA9369 was a result of “BAYANihan.”
Regrettably, we thought that the issue of drafting the IRR would end with the last JCOC hearing. And that the IRR would be drafted at once under “BAYANihan” principles. We were wrong! Lately, without the required IRR, Comelec approved Resolution No. 9987 regarding guidelines in the conduct of the source code review (SCR) of the Automated Election System for the 2016 NLEs. This raised a lot of apprehensions and questions among the netizens and stakeholders as the guidelines appear to be inconsistent with the SCR’s best practices and the RA9369.
The SCR is a process of examining the human-readable instructions that are converted into the machine-readable code to run the voting systems (i.e., Vote Counting Machines or commonly known as PCOS machines, Election Management System, and Consolidated Canvassing System). Its objective is to determine the security vulnerabilities of such systems that could be exploited to change election results or any related election data. Let’s discuss the major questions below.
First, was the Technical Evaluation Committee or TEC (i.e., RA9369 Sec. 11) consulted regarding the manner on how should the technical review be conducted as they (the TEC) will be the one to certify the configured source codes by February 9, 2015? Comelec should bear in mind that the original Request for Proposal/Terms of Reference specified that the SCR must be based on the Voluntary Voting System Guidelines (VVSG) of 2005 standards. This was overlooked, and this lapse was definitely caused by the absence of the IRR.
Second, how many reviewers or teams will there be? The resolution stated vaguely that all interested parties and groups cannot be accommodated in the venue of the source code review. Is the venue a limitation? Further, it is stated therein that each interested party or group may appoint a maximum of three (3) qualified reviewers for the source code review but only one (1) qualified reviewer is allowed to review the covered system at a time. This is tedious as the job of one qualified reviewer of a certain group might be done after the 2016 NLEs! Comelec should have been advised to follow the best SCR practices as done in the State of California by having three (3) interacting teams with seven (7) members each to do document review, SCR proper and penetration testing. After which, the venue should be an area of consideration! This is another issue about the absence of IRR causing a scenario of having a cart before the horse. Compared that with what is written in RA9369, where it is very clear what the composition of the Comelec’s Advisory Council (CAC) and the TEC should be.
Third, why would the Comelec’s Steering Committee be responsible for the approval of written requests to participate in the SCR when in fact RA9369 is very clear in the mandates of the CAC and TEC? Does Comelec mot trust these committees? Comelec needs to leave the technical part of the AES with these committees. Section 9 of RA9369 stipulates that the CAC shall “Provide advice and assistance in the review of the systems planning, inception, development, testing, operationalization, and evaluation stages.” On the other hand, the TEC shall be responsible for: “(1) The successful completion of audit on the accuracy, functionally and security controls of the AES software; and, (2) The successful completion of a source code review.” Nothing is mentioned in the law about the Steering Committee doingt the above mandates or even approving who should participate in the SCR as conducting the SCR or testing the AES is technical in nature. Let the CAC and TEC do and lead the SCR.
Again, Resolution 9987 is creating confusion and inconsistencies with RA9369 due to the absence of the IRR!
To resolve the issues on Resolution 9987, Sen. Koko Pimentel, JCOC chairman, and/or Chairman Bautista should call a “BAYANihan” meeting soonest to discuss the proper way of conducting the SCR.