Transparency is the primary requirement


The first round of the source code review covering the base source code of the automated election system (AES) is over. The reviewers, or whoever else is left, are waiting for the next round—review of the customized source code.

The base source code is the generic version of an application software. An application software requires customization so that the process cycles and rules specific to the end-user’s requirements may be included in the software. The application software of the AES, consisting of the election management system (EMS), the vote counting machine (VCM), and canvassing and consolidation system (CCS), is presently undergoing customization to make it compliant with the Philippine election system requirements and rules defined in Philippine election laws and related issuances.

A new model of the PCOS or the precinct count optical scan, now renamed VCM, will be used in the 2016 elections. The software that will execute in the VCM is reportedly entirely new. Doesn’t the Election Automation Law, Republic Act No. 8436 as amended by Republic Act No. 9369, require that “the system procured must have demonstrated capability and been successfully used in a prior electoral exercise here or aboard”? Every time a software is customized, it can be considered untested.

Critics demand that four security features required by law be implemented.

First is the printing of the voter verified paper audit trail or VVPAT that will show to the voter his choices as marked on the ballot. Concerns have been raised in this regard. What if the VVPAT does not show accurately the choices of the voter? Or, what if a voter, to cause delay, claims that the VVPAT does not accurately reflect his choices? If accuracy of the PCOS/VCM is doubted, why continue with its use in the first place? The fear that the VVPAT will also be used for vote buying has also been expressed. Measures can be put in place to prevent voters from taking the VVPAT out of the voting precinct. The new model of the PCOS/VCM reportedly has a bigger display screen. Instead of printing a VVPAT, the voter’s choices will be displayed on the screen.

Second is the activation of the ultra violet (UV) mark detection feature. It will be recalled that in the 2010 elections the UV mark detection feature was disabled because the PCOS machine failed to detect the UV ink marks on the ballot. The UV mark detection feature was reportedly activated with the same PCOS machines used in the 2013 elections. The feature will reportedly be activated in the new PCOS/VCMs for use in the 2016 elections.

Third, the implementation of the digital signing by the members of the Board of Election Inspectors (BEI). It will be recalled that the general instructions issued for operations of the PCOS machines in the 2010 and 2013 elections instructed the BEI members to respond with a “NO” when asked if they wished to digitally sign the election returns. In 2010, during the hearing of the House of Representatives Committee on Suffrage and Electoral Reforms, the Commission on Elections, thru its Executive Director, Atty. Jose Tolentino Jr., admitted that machine digital signature was implemented because the law did not specify who will sign the election returns. To critics, this reasoning was not acceptable. First, signing is a free and voluntary act. Machines do not have free will and, therefore, cannot express a free and voluntary act. Second, there is no law that accords legal recognition to machine digital signatures. Third, history and legal tradition had established that BEI members sign the election returns. Will the PCOS/VCMs to be used in the 2016 elections include digital signing by BEI members? It seems that the BEI members will be issued keys to execute digital signatures. But this goes against the principles of digital signing. Signers, after going through the process of registration, will have in their possession what is referred to as a key pair – a public key and a private key. The private key (akin to ATM PIN code), which is personally generated by the signer, will be used to digitally sign an electronic document, while the public key may be used to check if the integrity of the electronic document has been preserved and to verify the identity of signer. Digital signing of the election returns generated by the PCOS/VCMs will still not be a free and voluntary act if the BEI members are assigned the key pairs. Implementation of this particular feature presents an operational challenge to the Comelec.

Fourth, the conduct of the source code review by interested political parties and groups. As earlier mentioned, review of the base source code has been completed and review of the customized code is being awaited.

Let’s face IT. Even if the four features are properly implemented, transparency of the election process is the primary requirement of the law. In the last two automated elections: Did any voter see how the PCOS evaluates the vote marks on his ballot? Did any voter see how the marks on his ballot were recorded as votes? Did any voter see how his votes were counted? Did any voter see how the elections returns were generated? Does an ordinary voter understand what goes on inside the machines used in the AES? It will be the same in 2016 and the answer to these questions will be NO!


Please follow our commenting guidelines.

1 Comment

  1. And don’t forget that no matter how “secure” the PCOS is, Smartmatic can always modify and delete files in the canvassing server. This happened in 2013, perpetrated by Marlon Garcia of Smartmatic.