Smartmatic strikes again! In 2008, while votes were being consolidated in the regional elections at the Autonomous Region of Muslim Mindanao, Smartmatic, remotely from Manila, changed the number of voters in a counting and consolidation server in Wao, Lanao del Sur. In 2010, during the canvass of votes for the President and Vice President in Congress, the canvassing and consolidation system showed 256 million registered voters which Smartmatic corrected, admitting a programming error. In 2013, within the first two hours of voting, the Parish Pastoral Council for Responsible Voting (PPCRV) announced that it had counted 12 million votes, an improbable number. Smartmatic made a correction to the program in the transparency server, revealing in the process an intermediary server, the function of which nobody knows.
The recent “ñ” affair is Smartmatic’s fourth incursion into the automated election system (AES) while in a state of live operations.
In a news briefing, Smartmatic’s Mr. Elie Moreno said that Mr. Marlon Garcia had proactively taken action to correct misspelling of candidates’ names while Chairman Andres Bautista said that the correction was cosmetic. Prior to correction, the names of candidates like Osmeña and Señeres were displayed or printed as Osme?a and Se?eres. The correction wasn’t that important. The error could not have caused a fatal failure in the AES. Nobody really paid serious attention to the erroneous display or print because everybody knew that Osme?a is Osmeña and Se?eres is Señeres, well, unless somebody raised hell over the error, giving Mr. Garcia opportunity to act proactively.
That proactive action is devoid of authority. Mr. Garcia contravened the order made by Commissioner Christian Robert Lim during the hearing of the Joint Congressional Oversight Committee on the AES on March 23, 2016. Responding to a question about the operations of the transparency server, Commissioner Lim declared that “we are now prohibiting Smartmatic from interfering with any of how the political parties will come out with the results (sic).” He did not even care to inform the poll body, political parties, and all interested groups of what he was about to do. He did not stick to security protocols, if such protocols are indeed in place. Is the Commission in control?
That proactive action generated a lot of noise and caused clouds of doubt to hover over the integrity of the AES and the credibility of the results of the just concluded electoral exercise.
How come Mr. Garcia had unimpeded access to the transparency server while lesser mortals like representatives of other organizations authorized to connect to the transparency server via a mirror server were not even allowed to take a peek inside the transparency server room? What protocols are in place and why were these protocols not properly and strictly enforced? Why had the authorities responsible for the transparency server and its operations allowed the introduction of a program script into the transparency server to happen? Had the AES technology been used in prior elections in Venezuela as claimed? If so, how come the Spanish speaking Venezuelan developers of the AES missed to ensure that the Spanish letter “ñ” would be properly recognized by the system?
The claimed minor change that Mr. Garcia made cannot be taken lightly. If he can effect a simple change, he also had the opportunity to change something else. If he moved freely around unimpeded, did he, unknown to the poll body and everyone else concerned, take the same action with the PCOS renamed VCM, the canvassing and consolidation servers (CCS) at all levels, and the central server? After all, the “ñ” problem could have been present across the whole AES, including the central server and the results website. Come to think of it, Mr. Garcia need not move around physically. After all, the security codes stored in the ibutton keys for the VCMs, the USB tokens for the CCS laptops, and the corresponding personal identification numbers (PINs) were all generated by Comelec and Smartmatic. Access credentials to the virtual private network are also known only to them.
Is there more to the “ñ” correction than meets the eye? Following the claimed minor correction, it was noted that vote counts for certain candidates had gone down, the difference credited to other candidates. In an update on the night of May 14, 2016, PPCRV reported that the election return count had gone down only to recover half an hour later. PPCRV said that only the poll body can explain the anomaly but declared in the same breath that the election results had passed its “anomaly test.” Anongmali? In a mid-afternoon update the following day, it was reported that there were discrepancies observed between the official canvass reports and the unofficial reports generated from the transparency server.
Former COMELEC Commissioner Gus Lagman has consistently said that tampering of the AES by an insider is more likely than hacking by external attackers. And Mr. Garcia just proved Mr. Lagman right when he, without authority, implemented a program script in the transparency server which is under the care of the PPCRV.
Is the “ñ” correction a red herring, a distraction?
Let’s face IT. In the eyes of many Mr. Garcia’s action threatened the integrity of the AES and the accuracy of the election results. The matter merits full investigation. It must be done regardless of the personalities involved. It must be done for our country, our Republic. Smartmatic must be held liable.