A Primer on Automated Election System in the Philippines
19
SMARTMATIC PCOS 2013 A Primer on the Automated Election System in the Philippines By the Automated Election System Watch (AES Watch) (What the Filipino people should know about the Smartmatic PCOS that was proven to be deficient with admitted program errors remaining uncorrected. The use of automation technology without the license from the real software owner, Dominion voting Systems, looms in the coming May 2013 elections with the DVS terminating its licensing agreement with Smartmatic, last May 23, 2012. An ongoing legal battle between Smartmatic and DVS filed in September 2012 in the chancery Court of Delaware, USA reveals the core issue at the heart of the PCOS problem: that the election technology used in May 2010 was not fully functional, had programming errors, with the technology owner accusing Smartmatic of not complying with international standards, a validation of studies by Filipino IT experts and social scientists as early as 2009. The ongoing battle of citizens' watchdogs and the Filipino IT community for the integrity of the vote and accountability in automated elections remains integral with the fight for the Freedom of Information --the right to know- by the public.) Launched on Jan. 18, 2010, the Automated Election System Watch (AES Watch) is now composed of more than 40 organizations, among them, the University of the Philippines Alumni Association (UPAA), National Secretariat for Social Action-CBCP, Center for People Empowerment in Governance (CenPEG), Philippine Computer Society (PCS) Foundation, TransparentElections.org, Computer Professionals Union, Caucus of DLSU- CCS, NAMFREL, Association of Major Religious Superiors of the Philippines (AMRSP), National Union of Students of the Philippines (NUSP), Philippine Computer Society Foundation; Transparency International-Philippines, National Council of Churches in the Philippines (NCCP), Faculty of Ateneo de Manila Dept. of Information Communications System, UP Dept. of Computer Science and ITTC, Philippine Computer Emergency Response, Movement for Good Governance, Concerned Citizens Movement, Dilaab-Hearts Foundation, Solidarity Philippines, Association of Schools of Public Administration in the Philippines (ASPAP), Sisters Association in Mindanao (SAMIN), Computing Society of the Philippines (CSP), Pagbabago (Movement for Social Change), Alyansa Agrikultura, Ecumenical Bishops Forum, Biliran Kawsa, Workers' Election (WE) Watch, Health Alliance for Democracy, and others. Its President Emeritus is former Vice President Teofisto Guingona, Jr. while its first spokesperson was Alfred Pascual, now UP President. For information, please contact: Acting Secretariat Office, 304 CSWCD Bldg., Magsaysay Avenue, UP Diliman 1101 Quezon City; TelFax +9299526; email address: [email protected] AUTOMATED ELECTION SYSTEM WATCH (AES Watch)
-
Upload
dennis-reymundo -
Category
Documents
-
view
234 -
download
3
description
What the Filipino people should know about the Smartmatic PCOS that was proven to be deficient with admitted program errors remaining uncorrected.--- AES Watch
Transcript of A Primer on Automated Election System in the Philippines
SMARTMATIC PCOS 2013A Primer on the
Automated Election System
in the Philippines
By the Automated Election System Watch (AES Watch)
(What the Filipino people should know about the Smartmatic PCOS thatwas proven to be deficient with admitted program errors remaininguncorrected. The use of automation technology without the license fromthe real software owner, Dominion voting Systems, looms in the comingMay 2013 elections with the DVS terminating its licensing agreement withSmartmatic, last May 23, 2012. An ongoing legal battle between Smartmaticand DVS filed in September 2012 in the chancery Court of Delaware, USAreveals the core issue at the heart of the PCOS problem: that the electiontechnology used in May 2010 was not fully functional, had programmingerrors, with the technology owner accusing Smartmatic of notcomplying with international standards, a validation of studies by FilipinoIT experts and social scientists as early as 2009. The ongoing battle of citizens'watchdogs and the Filipino IT community for the integrity of the vote and accountability in automated elections remains integral with the fight for the Freedom of Information --the right to know- by the public.)
Launched on Jan. 18, 2010, the Automated Election System Watch (AES Watch) is now composed of more than 40 organizations, among them, the University of the Philippines Alumni Association (UPAA), National Secretariat for Social Action-CBCP, Center for People Empowerment in Governance (CenPEG), Philippine Computer Society (PCS) Foundation, TransparentElections.org, Computer Professionals Union, Caucus of DLSU-CCS, NAMFREL, Association of Major Religious Superiors of the Philippines (AMRSP), National Union of Students of the Philippines (NUSP), Philippine Computer Society Foundation; Transparency International-Philippines, National Council of Churches in the Philippines (NCCP), Faculty of Ateneo de Manila Dept. of Information Communications System, UP Dept. of Computer Science and ITTC, Philippine Computer Emergency Response, Movement for Good Governance, Concerned Citizens Movement, Dilaab-Hearts Foundation, Solidarity Philippines, Association of Schools of Public Administration in the Philippines (ASPAP), Sisters Association in Mindanao (SAMIN), Computing Society of the Philippines (CSP), Pagbabago (Movement for Social Change), Alyansa Agrikultura, Ecumenical Bishops Forum, Biliran Kawsa, Workers' Election (WE) Watch, Health Alliance for Democracy, and others. Its President Emeritus is former Vice President Teofisto Guingona, Jr. while its first spokesperson was Alfred Pascual, now UP President.
For information, please contact: Acting Secretariat Office, 304 CSWCD Bldg., Magsaysay Avenue, UP Diliman 1101 Quezon City; TelFax +9299526; email address: [email protected]
AUTOMATED ELECTION SYSTEM WATCH (AES Watch)
A Primer on the
Automated Election System
in the PhilippinesBy the Automated Election System Watch (AES Watch)
I. The automated election system (AES)
A. What is the Automated Election System (AES) for Philippine elections?
The AES for Philippine elections is mandated by Republic Act (RA) 9369. RA 9369 amends RA 8436, entitled "An Act authorizing the Commission on Elections to use an automated election system in the May 11, 1998 national or local elections and in subsequent national and local electoral exercises, to encourage transparency, credibility, fairness, and accuracy of elections, amending Batas Pambansa Blg. 881, as amended, RA No. 7166 and other related election laws, providing funds thereof and for other purposes”; “to use an automated election system or systems in the same election in different provinces, whether paper-based or a direct recording electronic election system as it may deem appropriate and practical for the process of voting, counting of votes and canvassing/consolidation and transmittal of results of electoral exercises” a system using appropriate technology which has been demonstrated in the voting, counting, consolidating, canvassing, and transmission of election results, and other electoral process.
SEC. 1 of RA 9369: It is the State policy to ensure free, orderly, honest, peaceful, credible and informed elections, plebiscites, referenda, recall and other similar electoral exercises by improving on the election process and adopting systems, which shall involve the use of an automated election system that will ensure the secrecy and sanctity of the ballot and all election, consolidation and transmission documents in order that the process shall be transparent and credible and the results fast, accurate and reective of the genuine will of the people.
1As AES Watch has always consistently advocated, voter education
and poll watching should focus not only on the external features and operations of the AES but more critically on its internal systems. Vigilant watching should as well monitor the Comelec, the foreign technology provider, and other principal agencies and implementers of poll automation as well as the election cheats. There is no substitute for vigilance and in safeguarding our freedom.
AES Watch is adopting the 12 ALERTS released by CenPEG as an aid for voters and watchdogs on Election Day. Meanwhile, AES Watch believes that all efforts at ensuring that accountability for non-compliance should be a major continuing concern of the Filipino voters and all stakeholders to relentlessly pursue to promote the integrity of the vote and transparency of the elections.
36
B. Under the poll modernization law (RA 9369), why does the country need to automate its elections?
Automating the election, lawmakers said, will eliminate clerical, human intervention-related errors. Other reasons: The conventional manual process is too long and tedious. It takes almost two months before national positions are proclaimed; to remove conditions for dagdag-bawas or wholesale cheating in manual elections.
C. What is the automated process of voting?
AES as contracted to the vendor in 2010 and again in 2013 entails the process of using the computer to electronically count, record, store, transmit and canvass the votes that come in to the machines. In the 2010 elections, the PCOS (Precinct Count Optical Scan) in the clustered precinct of five precincts with 1000 voters at most, was used to accept, count, and store in scanned images the shaded ovals of the 30 inch ballot containing more than 100 names of the candidates. After electronically counting the shaded ovals, the number of votes added by the machines is transmitted to the CCS (Consolidated Canvassing system) server for the MBOC (Municipal Board of Canvassers) to base the canvassed votes.
D. What are the requirements of a credible, secured, and reliable automated election system (AES)?
The Automated Election System Watch (AES Watch), through a committee of IT, business, and management experts came up in 2009 with its System Trustworthiness, Accountability, and Readiness (STAR) Card to comprehensively assess and rate the implementation of AES primarily by Comelec and Smartmatic-TIM. The STAR Card listed 20 items of concerns rated as Pass=3; Qualified Pass=2.5; Warning=2; Danger=1; Fail=0.
a. System set-up (Will the AES be ready for full implementation?)
Timely delivery of machines Quality of machines Technology certification Availability of transmission facilities Deployment of machines Physical security of machines
2amendments for enhancing RA 9369, held dialogs with Comelec, CAC, Congress, DOST, TEC, and other agencies, and the convening of JCOC. In cooperation with UP, it organized the first Filipino IT for Election (FIT4E) national conference in June 2011 where key IT groups, practitioners, academics, researchers, U.S.-based IT scholars, and multi-sectoral groups resolved to make election technology inclusive by tapping the expertise of Filipino IT – a resolution that was backed, at least in principle, by Comelec commissioners.
Likewise, AES Watch and affiliate organizations, for three years, pressed for Congress through its election committees to review the May 2010 election automation and probe into the accountability of the election manager and technology providers. Similarly, several bills were proposed to ensure compliance with the election law. In April 2012 individual conveners and members of AES Watch petitioned the SC for a temporary restraining order against Comelec's option to purchase the Smartmatic machines.
IV. Preparations for the May 2013 mid-term elections
A. What can we as citizens, voters, and election watch groups do for the May 2013 automated elections and for our country?
The right to suffrage is the people's sovereign right to elect officials upon whom they confer the authority to serve the public responsibly, transparently, with accountability, and on a full-time basis. For this reason, it is imperative that the electoral process is credible, trustworthy, reliable, and accurate in serving as the instrument of the people's will.
However, given the learning lessons of the first automated elections, the lack of transparency and accountability in the system, its implementers, and oversight bodies as well as the persistence of traditional fraud which automation itself has not effectively addressed – ensuring the electoral process fair, democratic, and reliable rests on the vigilance of the people.
Automating the election is fine – but it should comply with the law and the high standards of IT and election management. While we continue to push for a reliable technology, we should be alert on the fact that modern technology's capability to eliminate fraud, whether traditional or electronic, remains to be validated.
35
Precinct-specific ballots Resource inventory at voting centers Adequate general instructions
b. Internal security (Will the AES have the necessary safeguards to prevent fraud?)
Source code & its review Verifiability of voting and results Secured transmission of results Initialization of machines Random Manual Audit of vote counts
c. Personnel training and voters' education (Will the teachers and the voters know exactly what to do on election day?)
Training of election personnel Stakeholders education & training Precinct assignment voters
d. Contingency planning
Continuity plan Electoral protest mechanism Alternative election system
E. According to the law, who are responsible for making the AES successful?
Government: Comelec Project Management Office together with system-integrator Smartmatic counterparts; Comelec Advisory Council; Technical Evaluation Committee; DOST-certified IT-capable BEIs; Board of Canvassers; Joint Congressional Oversight Committee (JCOC) on AES; Armed Forces of the Philippines-Philippine National Police; and other state agencies.
Others : International Certification body; election watchers; media such as the Kapisanan ng mga Brodkaster sa Pilipinas (KBP); Partish Pastoral Council for Responsible Reporting (PPCRV), and the National Movement for Free Elections (NAMFREL); Political Parties and Candidates.
3announced recently there will be no source code review – the second time when this vital legal requirement will not be complied with.
Pressed for transparency, Comelec under its new head held dialogs with election stakeholders led by AES Watch. Contrary to claims that it welcomed strong policy recommendations to correct the Smartmatic-TIM AES program bugs and other vulnerabilities in the final analysis Comelec refused to adopt the legally-mandated minimum system requirements such as source code review and digital signature and still exercised its “option to purchase” the PCOS machines for use in 2013. Under its new membership, the Comelec Advisory Council (CAC) welcomed demands for reforming the automation system and recommended the non-purchase of the PCOS machines. Its recommendations were, unfortunately, thumbed down by Comelec.
The Supreme Court (SC) in a Sept. 21, 2010 landmark decision directed the Comelec to release the source code for review by CenPEG and other election stakeholders. The review of the AES 2010 source code was never held due to restrictions imposed by the Comelec that made an independent, scientific, and rigorous review by IT experts impossible.
As expected, the technology provider insisted that its system was sound and boasted to the whole world about its “election success” in the Philippines. Facing persistent demands from citizens' election watch groups, Congress' election-related committees held hearings on electoral reform. As a whole however the lower House endorsed the use of the Smartmatic-TIM system for the 2013 elections. Only dogged follow-ups by AES Watch made the JCOC to convene finally in November 2012. But the assessment of the 2010 poll automation was never clearly part of its agenda.
B. How were these major findings and conclusions addressed by other election stakeholders?
Under its old leadership, the accredited citizens' watchdog, PPCRV, as expected stood for the re-use of the Smartmatic-TIM system in the 2013 elections and never indicated receptiveness to proposals by various citizens groups' including its own ground-level volunteers in the provinces to either reconsider the 2010 PCOS machines or make the technology provider accountable for the errors committed.
On the other hand, since Day 1 after the 2010 elections, AES Watch and its affiliate groups along with other watchdogs lobbied for several
34
F. What is the role of the other sectors in the conduct of AES?
Other sectors/stakeholders mandated by the Constitution and other laws: the civil society community, NGOs, citizens' watchdogs, media, institutions, and the general public.
Their role: 1) right to participate in the electoral exercise as well as in policy- and decision-making; 2) they represent the sovereign will of the people and government emanates from them; 3) RA 9369 gives CSO and other “interested parties” the right to review the election source code, monitor the conduct of elections including the RMA, conduct dialogs with Comelec and related agencies, participate in Congress hearings including proposing amendments to existing laws, and file election protests; 4) to protect the right to suffrage, right to public information and transparency, non-interference by foreign entities, as well as to fair, honest, and credible elections they have the right to hold all government agencies and officials accountable for misdeeds with the actions to include going to court and calling for impeachment.
G. When was the AES first implemented?
The first AES was implemented in ARMM elections in 1996 and then in August 1998. There was an attempt to fully automate the national and local elections in 2004 but the Supreme Court stopped the implementation. The 2007 midterm elections was not automated due to lack of time. The May 10, 2010 presidential elections was the first to be automated.
H. How was the automated system conducted in 2010?
What were the activities – as well as critical problems and issues - on election day (May 10, 2010) and after? Were these problems and issues addressed by Comelec and other concerned agencies?
4irregularities were vivid in Lanao del Sur. (Testing Democracy: The 2010 Automated Elections in Lanao del Sur, Dec. 2010)
People's International Observers Mission (PIOM): “In focusing on the machines, the Comelec lost the people. The elections were not peaceful or violence-free. Neither were the elections fair nor honest.”
Global Filipino Nation (GFN, election observers' team): “…Events put to question the authenticity, integrity, confidentiality, veracity and accuracy of the vote counts in the ERs. The dark cloud rose from disabling critical, legally specified security features, particularly relating to the digital signatures. Thus, no one (both perceived winners and losers) can be sure whether the vote results are true and correct, and reect the real will of the Filipino people. Accordingly, the Election Observers Team of GFN challenges the legitimacy of the election results.”
III. Accountability
A. Are the critical issues and main problems being addressed by Comelec and other responsible agencies?
The critical issues are not being addressed properly or are largely
ignored. Just like in 2010, CF cards will be used again for 2013. The controversial machine-generated “digital signature” will be used again.
The July 24-25, 2012 “mock elections” held by Smartmatic at the lower House revealed a 97% accuracy rating which is lower than the required 99.995% rating. The low accuracy translates to 600 errors out of 20,000 ballot marks (the law mandates only 1 out of 20,000). The deficiencies and inaccuracies of the Smartmatic PCOS system were exposed again – but were belittled by Comelec - during the Feb. 2, 2013 “mock elections” which resulted in machine breakdowns, paper jams, transmission delays, and counting discrepancies.
The system that will automate the May 2013 mid-term elections has no certification by the international SysTest Labs, Inc. in the absence of approval by the technology owner, Dominion. Comelec said they will use the voting system designed for the aborted 2011 ARMM election which is regional unlike the 2013 mid-term elections with thousands of elective positions at stake. Comelec Chairman Sixto Brillantes also
33
Ph
ase
Issu
eC
om
elec
Act
ivit
y /
S
ub
-act
ivit
y
Ap
pra
isal
of
Co
mel
ec A
ctio
n
Ele
ctio
n D
ayE
lect
ion
mat
eria
ls
inv
ento
ry;
Bo
oti
ng
of
PC
OS
&
sig
nin
g i
n;
Zer
o r
esu
lts
pri
nti
ng
;D
ecla
rati
on
th
at p
oll
is
op
en f
or
vo
tin
g;
Tec
hn
ical
pro
ble
ms
of
bo
oti
ng
an
d s
ign
ing
in
by
BE
I in
sev
eral
cl
ust
ered
pre
cin
cts;
Do
cum
ente
d s
can
ned
v
ote
s al
read
y
dis
pla
yed
on
th
e P
CO
S b
efo
re s
tart
of
vo
tin
g a
s in
Bil
iran
.
2010
: T
he
syst
em w
as a
“r
eso
un
din
g s
ucc
ess!
”
2011
: Th
e sy
stem
was
a
“qu
alifi
ed s
ucc
ess!
”
No
tec
hn
ical
rep
ort
w
as d
on
e w
ith
ac
com
pan
yin
g
do
cum
ents
rel
ease
d t
o
the
pu
bli
c.
Do
cum
ents
ex
pla
inin
g
the
nat
ion
wid
e p
rob
lem
s sh
ou
ld b
e d
iscl
ose
d t
o t
he
pu
bli
c.
Co
mel
ec a
nd
S
mar
tma
tic
con
ten
d
that
th
e p
rob
lem
s w
ere
exp
ecte
d o
f a
new
sy
stem
sin
ce “
no
te
chn
olo
gy
is
per
fect
an
yw
ay.”
Mas
siv
e d
isen
fran
chis
emen
t d
ue
to 1
-bla
nk
bal
lot
Vo
tin
g p
erio
dT
he
old
5 p
reci
nct
s-p
er c
lust
ered
pre
cin
ct-
con
fig
ura
tio
n h
as n
o
Th
e k
ilo
met
ric
qu
eues
o
n e
lect
ion
day
wer
e th
e b
est
arg
um
ent
5…digital signatures in the PCOS machines, contrary to the claims of Smartmatic”; “the PCOS machine contains a console port”; (the Team upon testing) “was able to connect an ordinary laptop computer to the console port of a PCOS machine”. (The Joint Forensic Team, led by Atty. Al Vitangcol III, examined 60 PCOS machines found in the house of a Smartmatic technician in Antipolo, Rizal after the May 10, 2010 elections.)
Christian Monsod, former Comelec Chairman: Our automation was mass-produced in one step, was not really pilot-tested satisfactorily, and was provided by a supplier who had no extensive experience in the technology and seemed to be also learning while it was being implemented. (“The 2010 Automated Elections – An Assessment,” Nov.9, 2010)
Philippine Computer Society (PCS) report on the Biliran fraud case: “There were highly questionable instances where the probability of fraud may have been perpetrated using the PCOS machines …(based on) the audit trail of the PCOS machines and the computer audit trail of the Municipal Board of Canvassers (MBOC). …There were inconsistent protective counters displayed by the PCOS machines.”
Asian Network for Free Elections (ANFREL): “Secrecy of the ballot was virtually impossible…The operation of PCOs machines encountered numerous technical glitches, ranging from minor ones that lasted for a few minutes, to others that led to suspension of polling for hours. Delay and failure of the transmission of the elections results was widely reported.”
Carter Center (U.S.): “Review of the AES's source code was limited to an on-screen presentation conducted under the auspices of COMELEC. Concerned that such a review was inadequate to identify potential problems, many watchdog groups chose to forgo participation and were unable to review the code at all….(There was) significant curtailment of the right to vote by secret ballot in the 2010 elections…(Comelec should) conduct pre-election testing in a real-world and set at an earlier date in order to ensure adequate time to correct any issues identified.
Healing Democracy: The May 10, 2010 election was no different from previous fraudulent, anomalous, and violence-ridden polls in the country. Like in previous elections, Comelec should explain for the technical glitches, transmission failures, as well as incidents of fraud and violence taking place across the country. These election
32
per
vo
ter
rule
; vo
ter
auth
enti
cati
on
to
ok
to
o l
on
g; P
CO
S
bre
akd
ow
ns
(do
cum
ente
d c
ases
)
Vo
tin
g p
erio
dsc
ien
tifi
c b
asis
. It
was
m
ore
of
a co
st-b
ased
d
ecis
ion
(at
wh
at
po
int
it w
ill
be
less
co
stly
th
an D
RE
). N
o
seri
ou
s q
ueu
ing
stu
dy
an
d s
imu
lati
on
wer
e d
on
e to
get
a p
ictu
re
of
ho
w t
he
vo
ter
lin
es
wil
l b
ehav
e o
n
elec
tio
n d
ay a
nd
ar
riv
e at
th
e o
pti
mu
m
nu
mb
er
of
PC
OS
un
its.
that
th
e si
zin
g
met
ho
d (
to d
eter
min
e n
um
ber
of
PC
OS
u
nit
s n
eed
ed)
was
u
tter
ly w
ron
g. I
t re
sult
ed i
n
“vo
lun
tary
” v
ote
r d
isen
fran
chis
emen
t d
ue
to t
he
lon
g
wai
tin
g t
ime.
Th
e in
effi
cien
t v
ote
r id
enti
ty v
erifi
cati
on
st
ep a
gg
rav
ated
th
e si
tuat
ion
fu
rth
er.
Vo
ter
auth
enti
cati
on
&
id
enti
ty v
erifi
cati
on
Th
e V
ote
r R
egis
trat
ion
S
yst
em, a
9-y
ear-
old
p
roje
ct w
hic
h h
as c
ost
at
aro
un
d P
hP
4bn
, is
stil
l in
effi
cien
t an
d
inco
mp
lete
Co
mel
ec i
s so
p
assi
on
atel
y b
iase
d
tow
ard
th
e au
tom
atio
n
of
the
vo
tin
g /
ca
nv
assi
ng
pro
cess
es
giv
ing
les
s p
rio
rity
to
th
e v
ote
r re
gis
trat
ion
sy
stem
, a p
roje
ct
wh
ich
sta
rted
as
far
Eq
ual
pri
ori
ty m
ust
be
giv
en t
o t
hes
e tw
o
core
an
d m
issi
on
-cr
itic
al f
un
ctio
ns
of
the
Co
mm
issi
on
to
re
mo
ve
the
ver
y
vis
ible
mes
sy
dy
sfu
nct
ion
we
saw
in
M
ay 2
010
bet
wee
n
6throughout the country during the May 2010 elections clearly highlighted the aws in the setup and internal security of the automated system, as well as the inadequacies in personnel training, voter's education, and contingency planning. Problems and issues encountered at the various stages of the election process, from voting and counting to canvassing and proclamation, have been recorded/documented in the reports of print and broadcast media, the hearings of the Committee on Suffrage and Electoral Reforms of the House of Representatives, the findings of the Forensic Team constituted by the Joint Congressional Canvassing Committee to examine certain PCOS machines, and the testimonies of various election stakeholders. (Post-Election Report of AES Watch: Recap and Validated of the STAR Card Assessment of the Preparations for the May 2010 Automated Elections, October 2010)
CenPEG: There was a high incidence of technical hitches, blunders, voting procedural errors, and other operational failures throughout the country during the May 10, 2010 automated elections. As The CenPEG Report reveals, these can be attributed to the lack of safeguards, s e c u r i t y m e a s u r e s , a s w e l l a s t i m e l y a n d e f f e c t i v e continuity/contingency measures (software, hardware, technologies, and other system components) that proved damaging to the accuracy, security, and reliability of election returns. Lacking these vital mechanisms, the automated election system (AES) that was harnessed for the May 10 polls was vulnerable not only to various glitches and management failures but also electronic cheating including possible pre-loading of election results. The Comelec is called upon to disclose all election documents – public information – to test and validate its claim of election “success” and debunk allegations of electronic fraud – all for the sake of public interest and voters' rights. (The CenPEG Report, December 2010)
NAMFREL: The preoccupation with new technology and speedy counting to impress the public came at the expense of greater transparency and accountability of the system… In spite of the automation of the voting process, traditional forms of electoral fraud such as vote buying; ballot capturing; use of minors in the campaign as well as in vote buying; threats, intimidation, and violence; and non-observance of secrecy and privacy during voting, remained rampant. (Terminal Report, July 10, 2010)
Joint Forensic Team (Final Report to Congress' Joint Canvassing Committee, June 10, 2010): “…The published hash code (in the Comelec website) is not the same as the extracted hash code”; “no
31
bac
k a
s A
pri
l 20
03
and
wh
ich
to
dat
e is
st
ill
a w
ork
in
pro
gre
ss
them
. If
we
sim
pli
fy
the
fun
dam
enta
l re
qu
isit
es o
f a
tru
stw
ort
hy
ele
ctio
n
we
wil
l ar
riv
e at
on
ly
thre
e co
mm
and
men
ts
(sim
ple
r an
d l
ess
nu
mb
er t
han
th
ose
fo
r g
etti
ng
to
hea
ven
):
1) f
airn
ess
(on
e v
ote
p
er q
ual
ified
vo
ter)
, 2)
pri
vac
y o
r se
cret
b
allo
ts (
vo
tes
kn
ow
n
on
ly t
o t
he
vo
ter)
, an
d
3) a
ccu
racy
(v
ote
s ar
e re
cord
ed a
s in
ten
ded
an
d c
ou
nte
d a
s re
cord
ed).
Du
e to
th
is m
essy
V
ote
rs R
egis
trat
ion
S
yst
em c
om
man
dm
ent
#1
was
mo
st l
ikel
y
vio
late
d
7In its report on “The Conduct of the Automated 2010 National and
Local Elections” released only on March 7, 2011, Comelec dubbed the May 2010 AES as credible and successful. However, it downgraded its claim of “resounding success” to ”qualified success” later. The report of CAC (June 2010) described the AES as “not a perfectly executed exercise” but, “despite the mistakes committed by Comelec and Smartmatic-TIM” it “ultimately did work.” However, since the AES has too many problems that need to be solved, it recommended to Comelec not to exercise the option to purchase the Smartmatic-TIM election system for the May 2013 elections.
The House Committee on Suffrage and Electoral Reforms (CSER) in its June 2010 report called its assessment of the AES “a mixed success”: “Automation showed no substantial advantage. On the local level, our assessment is of profound unease.” On the other hand, the JCOC on AES is mandated by law to review the automated polls within one year and recommend whether to use the same technology or a new one. But it convened finally after 2 ½ years only on Nov. 21, 2012. No assessment was ever made until Congress adjourned for the May 2013 polls.
H. What other agencies and groups were involved in the monitoring and assessment and what were their findings?
Citizens' watchdogs, organizations, and institutions that were actively involved in the monitoring and assessment included: the Automated Election System Watch (AES Watch), a broad multi-sectoral group composed of 45 organizations; the Center for People Empowerment in Governance (CenPEG); National Movement for Free Elections (NAMFREL); WeWatch (Workers Election Watch); People’ s International Observers Mission(PIOM) - National Council of Churches in the Philippines (NCCP); Kontradaya; Philippine Computer Society (PCS); and DLSU-College of Computer Studies. Others were the Consortium of Christian Organizations for Rural-Urban Development (Concord through Healing Democracy); Asian Network for Free Elections (ANFREL), Carter Mission, Global Filipino Nation, and others.
I. What major findings and conclusions (or specific highlights) were made by these groups in the monitoring and assessment of the May 2010 AES?
AES Watch: The major concerns raised by AES Watch through its STAR Card were strongly validated by the actual experience in implementing the AES. The glitches, errors, and deficiencies observed
30
Bal
lot
issu
ance
PC
OS
-dri
ven
fak
e b
allo
ts d
etec
tio
n
feat
ure
no
t av
aila
ble
; au
tom
atic
fak
e b
allo
t d
etec
tio
n m
and
ato
ry
feat
ure
did
no
t w
ork
; w
ork
-aro
un
d s
olu
tio
n
usi
ng
han
d-h
eld
UV
sc
ann
ers
was
in
effe
ctiv
e.
Sm
artm
atic
was
al
low
ed t
o u
se u
sed
p
rin
ters
fo
r p
rin
tin
g
the
bal
lots
. Th
is
cau
sed
fai
lure
in
p
laci
ng
an
eff
ecti
ve
solu
tio
n o
n t
he
bal
lots
th
at w
ill
be
det
ecte
d
by
th
e P
CO
S
auto
mat
ical
ly u
po
n
feed
ing
of
the
bal
lots
.
Th
e au
tom
atic
fak
e b
allo
t d
etec
tio
n
feat
ure
is
a M
US
T
sin
ce a
ny
hu
man
-d
riv
en d
etec
tio
n
op
tio
n w
ill
no
t b
e st
rict
ly c
arri
ed o
ut
by
th
e B
EIs
as
wh
at
hap
pen
ed. M
ost
lik
ely
fa
irn
ess
was
vio
late
d.
Act
ual
vo
tin
g
(sh
adin
g)
Vo
ter
pri
vac
y w
as
com
pro
mis
ed d
ue
to
the
len
gth
of
the
bal
lot;
oth
er v
ote
rs c
an
easi
ly s
ee o
ne'
s v
ote
s.
Th
e p
oss
ibil
ity
of
a p
riv
acy
co
mp
rom
ise
cau
sed
by
th
e lo
ng
b
allo
t d
id n
ot
even
co
me
to t
he
min
ds
of
the
Co
mel
ec
imp
lem
ente
rs.
Vo
ter
pri
vac
y o
r v
ote
se
crec
y i
s a
bas
ic r
igh
t o
f th
e v
ote
r an
d w
as
com
pro
mis
ed b
y
Co
mel
ec.
Bal
lot
sub
mis
sio
n
to P
CO
SV
ote
ver
ifica
tio
n b
y
vo
ter
pri
or
to
sub
mis
sio
n t
o P
CO
S,
a m
and
ato
ry
Co
mel
ec i
s so
wo
rrie
d
abo
ut
the
po
ssib
le l
on
g
qu
eue
that
mig
ht
form
if
th
e v
ote
r is
giv
en a
Vo
ters
did
no
t h
ave
a ch
ance
to
rev
iew
th
e v
ote
s re
cord
ed b
y t
he
PC
OS
wh
ich
is
a
8system used is really secured, accurate, and reliable or compliant with minimum requirements of the law, as claimed by the provider and Comelec.
Pollwatchers and voters alike should prepare for the worst. What happened during the February 2, 2013 mock elections involving only a few PCOS machines and staged-managed with ill prepared “voters” and actors' names in the ballots that did not simulate the real conditions on Election Day, has provided only a glimpse of the actual scenario come May 13, 2013. Aside from the usual kits, Watchers should equip themselves NOT only with skills on how to shade and how to cast the ballot into the PCOS, but more with detailed knowledge of the vulnerabilities of the PCOS machines and the environment of the clustered precincts. For cheaters, ignorance is bliss. For enlightened voters and watchers, ignorance is a crime.
F. Why is monitoring and assessment important in the implementation of the AES?
Especially because it is a new election process with its full-blast implementation in the May 10, 2010 synchronized national and local elections, the AES should be subjected to rigorous monitoring and assessment.
Monitoring and assessment are important in order to ascertain how the AES was implemented - from preparations for the May 2010 elections, how it performed on election day, as well as post-election. Assessment is also vital in establishing whether implementation is compliant with the election modernization law (legal); follows the IT standard requirements such as security, trustworthiness, accuracy, auditability, and reliability (technical); and ensures secret voting and public counting, transparency and accountability (management).
An important aspect of the assessment is to validate the AES' goal of electoral reform particularly in minimizing if not entirely eliminating fraud as well as enhancing electoral democracy.
G. Who are mandated by law to conduct the assessment/probe of the AES?
The government bodies that are mandated by law to conduct the assessment are: Comelec, Comelec Advisory Council (CAC), and the Joint Congressional Oversight Committee (JCOC) on the AES. Congress (both the House and Senate) through its concerned committees is also mandated to probe into the conduct of the AES in aid of legislation.
29
req
uir
emen
t w
as
dea
ctiv
ated
; giv
en t
he
do
ub
tfu
l ac
cura
cy o
f th
e P
CO
S, t
his
is
a v
ery
ser
iou
s is
sue.
Th
e v
ote
r d
idn
't k
no
w i
f h
is v
ote
s w
ere
corr
ectl
y r
eco
rded
.
chan
ce t
o v
erif
y
wh
eth
er h
is v
ote
s w
ere
reco
rded
co
rrec
tly
th
at
is w
hy
it
allo
wed
S
mar
tmat
ic t
o
dea
ctiv
ate
this
ver
y
imp
ort
ant
mac
hin
e fe
atu
re.
vio
lati
on
of
the
AE
S
law
. Wo
rse,
its
ab
sen
ce r
emo
ved
th
e ch
eck
th
at w
ill
ver
ify
th
e ac
cura
cy o
f th
e P
CO
S. A
vio
lati
on
of
accu
racy
– a
min
imu
m
syst
em r
equ
irem
ent.
Qu
eue
man
agem
ent
No
rea
l an
d
scie
nti
fica
lly
-bas
ed
tim
e an
d m
oti
on
stu
dy
o
f th
e en
tire
vo
ter
iden
tifi
cati
on
an
d
vo
tin
g p
roce
ss w
as
do
ne.
Th
e 5
old
p
reci
nct
s cl
ust
erin
g
dec
isio
n w
as m
ade
via
th
e se
at-o
f-th
e-p
ants
m
eth
od
(o
r w
hat
wil
l b
e ch
eap
en
ou
gh
to
h
urd
le t
he
DB
M
bu
dg
et s
cru
tin
y i
f P
CO
S i
s u
sed
).
9lawsuit filed before the Delaware chancery court revealed and validated the weaknesses and vulnerabilities of AES 2010 including the non-compliance with IT standard practices. The license issue is critical as Dominion Voting Systems can probably sue COMELEC and/or the Philippine Government for using unlicensed software for the 2013 Midterm Elections.
E. Is there anything yet to be done to salvage the wrong or correct the mistakes and ensure against fraud generated by a problematic automated election system if Comelec persists in using the provided technology?
With only two months to go (since publication of this Primer) before Election Day, the Comelec decided not to conduct anymore Mock Elections against the advice and request of the JCOC and AES Watch last February 6, 2013 for “confidence building” after the humiliating February 2 Mock Elections. With major PCOS errors still uncorrected and no source code review done by political parties and interested parties as prescribed by law, the people are left to pursue all course of actions necessary to a) assert the rule of law, b) ensure that the elections push through, c) the voters' right are not violated, d) teachers' duties and rights as BEIs are protected, and e) the integrity of the vote through automation is maintained.
Based on Chairman Brillantes' public statements, automated elections with Smartmatic as technology provider, will proceed as scheduled. As the premier election manager, the Comelec must allow stakeholders, especially political parties and election watchdogs equal access to the following MINIMUM information during election day:
1) Printed precinct audit logs2) Printed MBOC (municipal board of canvassing) audit logs3) Continuing public website (as provided for in the law) where
the canvassed votes in the national server should be posted4) Random Manual Audit immediately after elections conducted
by a competent group 5) Electronic Transmission Results
This should be contained in new Comelec Resolutions and General Instructions since only the copy of the Election Returns (ERs) are provided in RA 9369 and the outdated Omnibus Election Code as documents to be made accessible to dominant and minority political parties. All the above mentioned data are important for political parties and watchdogs to know in order to gain confidence and trust that the
28
Ex
ecu
tio
n o
f cl
ose
of
vo
tin
g p
roce
du
res;
Sh
ift
to p
ost
-vo
tin
g
mo
de;
Pri
nti
ng
of
8 E
R c
op
ies
Pri
nto
uts
of
the
ER
s (o
nly
3.5
-in
ches
wid
e an
d v
ery
, ver
y l
on
g)
are
too
sm
all
wh
en
thes
e ar
e re
qu
ired
to
b
e p
ost
ed o
n t
he
pre
cin
ct's
wal
l an
d
rem
ain
th
ere
for
48
ho
urs
aft
er p
oll
s cl
ose
d
for
the
pu
bli
c to
see
an
d r
eco
rd.
Co
mel
ec a
llo
wed
th
is
des
pit
e th
e cl
ear
inte
nt
that
th
e E
Rs
wil
l b
e p
ost
ed a
t th
e p
reci
nct
w
all
for
48 h
ou
rs a
fter
cl
osi
ng
of
po
lls.
Th
is
wil
l re
qu
ire
the
PC
OS
to
hav
e an
ex
tern
al
wid
er p
rin
ter
wh
ich
S
mar
tmar
tic/
D
om
inio
n's
pro
po
sed
so
luti
on
do
es n
ot
hav
e.
Du
e to
th
is u
nm
et
req
uir
emen
t C
om
elec
sh
ou
ld h
ave
dis
qu
alifi
ed
Sm
artm
atic
bu
t it
did
n
ot.
In
stea
d, o
ur
elec
tio
n s
yst
em w
as
mad
e to
fit
to t
he
solu
tio
n o
f S
mar
tmat
ic, n
ot
the
oth
er w
ay a
rou
nd
. T
his
les
sen
ed t
he
tran
spar
ency
of
the
elec
tio
n c
on
du
ct.
Th
is
vio
late
d f
airn
ess
and
ac
cura
cy.
Dig
ital
sig
nin
gT
he
abse
nce
of
a re
al
and
in
du
stry
-acc
epte
d
dig
ital
sig
nat
ure
fo
r
Co
mel
ec a
llo
wed
a
mac
hin
e si
gn
atu
re -
an
u
tter
ly u
nac
cep
tab
le
Its
abse
nce
co
mp
rom
ises
th
e en
tire
el
ecti
on
's i
nte
gri
ty.
10
Comelec insists that AES Watch's allegations are unmeritorious and should be dismissed outright: Comelec should not dismiss the issues as baseless. In the mock elections conducted before the HoR CSER in July, 2012 and for the public in January, 2013, the same issues and problems were observed. Perhaps some have been resolved and addressed but Comelec has failed to demonstrate the same. Many alternatives by different policy study and IT groups with reputable IT experts and lawyers, including the FIT4E or Filipino IT for Elections as well as by a few lawmakers, have been presented to Comelec, among which is a hybrid of manual voting and counting combined with electronic transmission and canvassing. But Comelec simply has turned a deaf ear and remains fixated on Smartmatic which does not even own the software to be used for the elections.
C. Based on these problems and issues, what is expected to happen in the coming May 2013 elections?
Trustworthiness, reliability, accuracy, and security among others are issues that need to be addressed. While the trusted build activity has been performed (on Jan 10, 2013), the input to the trusted build process, which is the source code of the AES, has not been reviewed by any interested political party or group. If the source code cannot be trusted, how can the output (the executable code which will be loaded in the PCOS and CCS machines) be trusted?
Further, the trusted build process covered only three sets of software. The PCOS software was not subjected to the trusted build process.
The COMELEC has been awfully silent on this issue which arises from the complaint filed by Smartmatic against Dominion Voting Systems, the owner of the PCOS technology supplied by Smartmatic-TIM.
D. If not resolved, what will be the impact of these problems
and issues on the voters and on the integrity of the May 2013 elections?
On May 23, 2012 the real owner of the AES system used in May 2010 terminated its licensing contract with Smartmatic. A subsequent lawsuit filed before the Delaware chancery court revealed and
27
the
ER
s an
d C
OC
s w
as a
ver
y, v
ery
lar
ge
secu
rity
ho
le;
any
thin
g c
an b
e d
on
e o
n t
he
resu
lts
by
an
yb
od
y w
ho
gai
ns
acce
ss t
o t
hes
e re
sult
s.
dec
isio
n f
or
no
wh
ere
in t
he
wo
rld
an
d t
he
IT i
nd
ust
ry c
an a
m
ach
ine
sig
nat
ure
q
ual
ify
as
a re
al d
igit
al
sig
nat
ure
.
Tra
nsm
issi
on
of
resu
lts
Tra
nsm
issi
on
of
the
ER
s d
id n
ot
foll
ow
th
e m
and
ato
ry
hie
rarc
hic
al s
equ
ence
an
d d
irec
tio
n t
hu
s o
pen
ing
th
em t
o
po
ssib
le f
rau
d.
Co
mel
ec a
llo
wed
un
rest
rict
ed
tran
smis
sio
n s
equ
ence
an
d d
irec
tio
n t
hu
s v
iola
tin
g w
ith
im
pu
nit
y t
his
m
and
ato
ry p
roto
col.
T
ran
smis
sio
n w
as d
on
e to
wh
ich
ever
had
an
o
pen
lin
k a
t th
e ti
me
of
tran
smis
sio
n.
Th
e co
rrec
t h
iera
rch
ical
tr
ansm
issi
on
pro
toco
l o
f fi
rst
to t
he
city
/m
un
se
rver
was
no
t fo
llo
wed
wit
h
Co
mel
ec's
ap
pro
val
; w
e d
id n
ot
kn
ow
if
the
PC
OS
wer
e tr
ansm
itti
ng
firs
t to
a
rog
ue
serv
er
som
ewh
ere
wh
ere
resu
lts
can
be
do
cto
red
o
r th
e ce
ntr
al s
erv
er
itse
lf a
lso
ser
ved
as
the
rog
ue
serv
er.
It i
s 1,
634
tim
es m
ore
11
The only WORM devices are CD or CD-R and DVD or DVD-R, both optical storage devices. Other optical storage devices are CD-R/W and DVD-R/W. The R in the nomenclature refers to RECORDABLE. The R/W in the nomenclature refers to READ/WRITE.
Authoritative sources may be found in Google.
On the “Chain of Custody:” While Comelec claims that it cannot abrograte unto
itself the duty of taking custody of ballot boxes it must be pointed out the city/municipal treasurers are under its supervisory control during the elections. Comelec failed to ensure that proper chain of custody of election paraphernalia is observed. Cases in point:
The PCOS machines in the custody of the technician who brought the said PCOS machines home
The CF cards found in a garbage dump in Cagayan de Oro City
The CF cards in the possession of certain candidates
Those who failed in the observance of proper chain of custody should have been sanctioned
Comelec's election officers, provincial election supervisors, regional election directors, and project management officers, including perhaps, the commissioners concerned , too, should have been sanctioned under the principle of command responsibility
On the wrong tally of registered voters: Indeed, the error stems from the erroneous program script. But the error greatly affected the credibility of the elections and the automated election system. This is also indicative of the poor or weak project management, analytical, and programming skills of Smartmatic's project managers, analysts, and programmers.
On the RMA sampling method: The May 2010 RMA was certainly Comelec simply does not listen to suggestions and does not engage in intelligent discussions of alternatives.
26
dif
ficu
lt t
o c
oer
ce
/co
op
t p
eop
le
man
nin
g o
ne
serv
er
site
th
an 1
,634
set
s o
f p
eop
le i
n 1
,634
sit
es
(th
e n
um
ber
of
citi
es
and
mu
nic
ipal
itie
s).
Tra
nsp
aren
cy w
as
clea
rly
vio
late
d h
ere.
Tra
nsm
issi
on
to
th
e ci
ty/
mu
nic
ipal
co
nso
lid
atio
n s
erv
er
FIR
ST
Th
e co
rrec
t h
iera
rch
ical
tr
ansm
issi
on
pro
toco
l o
f fi
rst
to t
he
city
/m
un
se
rver
was
no
t fo
llo
wed
wit
h
Co
mel
ec's
ap
pro
val
; w
e d
id n
ot
kn
ow
if
the
PC
OS
wer
e tr
ansm
itti
ng
firs
t to
a
rog
ue
serv
er
som
ewh
ere
wh
ere
resu
lts
can
be
do
cto
red
o
r th
e ce
ntr
al s
erv
er
itse
lf a
lso
ser
ved
as
the
12
of procedure in this regard. It is IT best practice that when there is a change in any part or component of the system, a Change Request document is generated. The Change Request is then routed to the appropriate parties so that the impact of such change can be analyzed. Having failed to follow and implement IT best practice, the appropriate parties within the Smartmatic organization and Comelec's Project Management Office, the team that is assigned to prepare the CF Card Configuration, were not informed of the design change.
(As a note, the CF Card Configuration includes the names of the candidates; the positions being contested; the precinct identity which includes the precinct number, the barangay, city/municipality, and province; and the number of registered voters). It should be pointed out, however, that Smartmatic claims that the problem of the CF card misconfiguration stemmed from an erroneous technology provided by Dominion (see Smartmatic complaint against Dominion Voting Systems).
The matter of the CF Card being or not being a WORM device has been a subject of debate between AESWatchers and Comelec/Smartmatic. To put this matter to rest, it is suggested that Comelec/Smartmatic demonstrate that, as they claim, the CF Card is a WORM device.
AES Watch has always held that the CF Card is not a WORM storage device. Hereunder is a technology enumeration:
CF Cards are of the same technology as USB Thumb/Flash drives, memory sticks, and SD Cards.
SD cards are used in smartphones. CF Cards are also used with Digital SLR Cameras. CF Cards, USB Thumb/Flash drives, memory sticks,
and SD cards differ only in (physical) packaging The CF Card technology base is EEPROM or
Electronically Erasable Programmable Read Only Memory (admittedly an oxymoronic term). The predecessor technology is PROM or Programmable Read Only Memory. PROMs can be written into only once. EEPROM technology is an improvement over PROM as EEPROM is rewriteable.
25
rog
ue
serv
er. I
t is
1,6
34
tim
es m
ore
dif
ficu
lt t
o
coer
ce p
eop
le m
ann
ing
o
ne
serv
er s
ite
than
1,
634
sets
of
peo
ple
in
1,
634
site
s.
To
th
e ce
ntr
al/
KB
P
serv
ers
sub
seq
uen
tly
;
Pri
nti
ng
of
22
add
itio
nal
ER
co
pie
s;
Bac
k-u
p &
sh
utd
ow
n
of
PC
OS
Th
ere
are
val
id
gro
un
ds
that
th
e C
F
card
is
no
t a
Wri
te-
On
ce-R
ead
-Man
y
(WO
RM
) st
ora
ge
med
ium
th
us
op
enin
g
the
po
ssib
ilit
y o
f ta
mp
erin
g e
ith
er t
he
resu
lts
or
the
bal
lot
con
fig
ura
tio
n a
nd
o
ther
ser
iou
s fr
aud
.
Co
mel
ec a
llo
wed
th
is
des
pit
e b
ein
g a
m
and
ato
ry r
equ
irem
ent
wh
ich
in
ten
ded
fo
r a
CD
-R o
r D
VD
-R
reco
rdin
g m
ediu
m.
Th
e S
mar
tmat
ic/
Do
min
ion
p
rop
ose
d s
olu
tio
n d
id
no
t h
ave
eith
er a
n
inte
rnal
or
exte
rnal
C
D/
DV
D d
riv
e.
We
clea
rly
saw
th
e C
F
card
mes
s th
at
hap
pen
ed 5
day
s b
efo
re e
lect
ion
day
an
d
on
ele
ctio
n d
ay i
tsel
f.
Had
Co
mel
ec a
dh
ere
to t
he
tech
nic
al
spec
ifica
tio
ns
thes
e co
uld
hav
e b
een
p
rev
ente
d.
Tra
nsp
aren
cy a
gai
n
was
a v
icti
m h
ere.
13
There are two parts in the definition of electronic signature in RA8792: (a) that an electronic signature is any electronic mark adopted by a person and (b) that the execution of an electronic signature involves the use of a procedure.
nd “Digital signature” is consistent with the 2 part of the
definition as “digital signature” technology involves the use of a procedure.
“Digital signature” technology also provides a feature of independent verification and authentication of a “digital signature”.
The “machine digital signature” implemented in the PCOS used in the 2010 Elections could not even be independently verified and authenticated.
Further, Comelec argues that in dismissing the petition filed by several parties, the SC, in its decision, stated that “the PCOS are capable of producing digitally-signed transmissions”. Indeed the PCOS machines can. But as discussed in the foregoing “machine digital signatures” are not recognized by law.
Similarly, the exchange between Justice Carpio and Atty Lazatin who are both lawyers takes root from a myopic interpretation of RA9369.
On the matter of rogue servers: It must be pointed out that the transmission should have also been done individually to the servers of: (a) the majority political party, (b) dominant minority party, (c) the accredited citizens' arm, and (d) the KBP. Instead, transmission of the ERs was made to a common server identified as the KBP server which was placed under the restrictive control of PPCRV located at Pope Pious Center at UN Avenue. This is a violation of the relevant provision of RA9369.
On the CF Card is not a WORM device: Indeed the May 3, 2010 CF Card fiasco is not at all related to the CF not being a WORM device but it is the opinion of IT security experts at AES Watch that the CF Card fiasco is a problem of misconfiguration which stemmed from the change in design of the local face of the ballot. The local face was adjusted to physically show a double-spaced listing from the original single-spaced listing. There was a failure
24
Ele
ctio
n m
ater
ials
in
ven
tory
;
Pre
cin
ct r
epo
rt
wri
tin
g;
Th
e C
hai
n-o
f-C
ust
od
y
of
sen
siti
ve
com
po
nen
ts (
bal
lots
, b
allo
t b
ox
es, C
F c
ard
s,
PC
OS
un
its,
etc
,) o
f th
e sy
stem
was
no
t se
cure
en
ou
gh
to
ass
ure
th
at i
t is
no
t b
rok
en a
ny
wh
ere
in t
he
chai
n. W
ors
e,
reco
un
ts s
tart
ed o
nly
10
mo
nth
s af
ter
elec
tio
n
day
, so
mu
ch t
ime
to
frau
du
len
tly
tam
per
th
e b
allo
ts t
o m
atch
th
e E
Rs.
Co
mel
ec s
eem
ed t
o b
e n
ot
seri
ou
s in
p
rese
rvin
g a
n
un
bro
ken
ch
ain
-of-
cust
od
y o
f se
nsi
tiv
e co
mp
on
ents
of
the
syst
em w
hen
th
is
asp
ect
defi
nes
wh
eth
er
an e
lect
ion
is
tru
stw
ort
hy
or
no
t es
pec
iall
y i
n t
he
con
tex
t o
f p
rote
st c
ases
.
Re-
pac
kin
g o
f P
CO
S
and
acc
esso
ries
;
Pre
par
atio
n f
or
RM
A i
f th
e p
reci
nct
is
sub
ject
to
RM
A;
14
Melo, preferred the use of its invented “machine digital signature” because, as he admitted in the hearings of the HoR CSER, implementation of industry recognized and accepted digital signature technology would have cost the Comelec 1billion Pesos.
Comelec's implementation of what it refers to as “machine digital signature” stems from the awed interpretation of RA9369. Atty. Jose Tolentino, interpreting RA9369 to the exclusion of all other election laws, RA8792 or the Electronic Commerce Act, and the Rules on Electronic Evidence promulgated by the Supreme Court, explained to House of Representative Committee on Suffrage and Electoral Reforms, in hearings conducted immediately following the 2010 Elections, that RA9369 did not identify who will sign on Election Returns and the Certificates of Canvass. Atty. Tolentino's explanation is quite myopic.
It should be pointed out that RA9369 amended several election laws, including among others BP881 or the Ominibus Election Code. BP881 required the BEI to sign the election returns and the BOC to sign the certificate of canvass. The provision of RA9369 where the election returns and certificates of canvass be digitally signed should have been read with BP881, among other laws. Nothing in RA9369 amended nor repealed the relevant provisions of BP881 as to who will sign the election returns and the certificates of canvass.
No Philippine Law, rule, or regulation accords legal recognition of “machine digital signature”
RA8792, which is specifically referred to in RA9369 in the manner of authenticating digital signature, accords legal recognition to electronic signatures and defines electronic signature as a signature that of a person. The principles of functional equivalence and non-discrimination between a person's handwritten signature and the same person's electronic signature is enshrined in RA8792.
While RA8792 does not make a direct reference to “digital signature”, the accepted definition “digital signature” is that it is a technology implementation of electronic signature.
23
Init
iali
zati
on
of
city
/m
un
icip
al s
erv
ers
Co
nso
lid
atio
n a
t th
e ci
ty/
mu
n s
erv
ers;
Dig
ital
sig
nin
gT
he
abse
nce
of
a re
al
and
in
du
stry
-acc
epte
d
dig
ital
sig
nat
ure
fo
r th
e E
Rs
and
CO
Cs
was
a
ver
y, v
ery
lar
ge
secu
rity
ho
le; a
ny
thin
g
can
be
do
ne
on
th
e re
sult
s b
y a
ny
bo
dy
w
ho
gai
ns
acce
ss t
o
thes
e re
sult
s.
Co
mel
ec a
llo
wed
a
mac
hin
e si
gn
atu
re -
an
u
tter
ly u
nac
cep
tab
le
dec
isio
n f
or
no
wh
ere
in t
he
wo
rld
an
d t
he
IT
ind
ust
ry c
an a
m
ach
ine
sig
nat
ure
q
ual
ify
as
a tr
ue
dig
ital
si
gn
atu
re.
Its
abse
nce
co
mp
rom
ises
th
e en
tire
ele
ctio
n's
in
teg
rity
.
Tra
nsm
issi
on
to
ce
ntr
al/
KB
P s
erv
ers
Init
iali
zati
on
of
cen
tral
se
rver
Co
nso
lid
atio
n a
t ce
ntr
al s
erv
er
15
criss-crossed the lines but there were only a maximum of 200 voters per precinct.
On the UV ink: The fact that the UV ink detection was disabled is tantamount to non-delivery of an offered / promised security feature for which Smartmatic should have been PENALIZED. The purchase of handheld UV lamp should have also been charged to Smartmatic at no cost to taxpayers' money.
On the serial numbers embedded in the bar code: The serial numbers could be used to trace the voter to the ballot. An observer with intent to identify the ballot to a voter could easily observe the issuance of the ballot and the sequence by which the voter “feeds” the ballot into the PCOS. This is a violation of vote secrecy guaranteed under the Constitution.
On voter verification: There is lack of transparency in the PCOS simply because the voter is deprived of the ability to ascertain if the machine correctly appreciated his ballot. Comelec's response (issuance of a replacement ballot in case machine appreciation of the voter's ballot is correct) indicates that the PCOS is not responsive to the requirements of our election laws.
On Comelec's comment on public verification of accuracy. The May 3, 2010 CF Card fiasco was indicative of the inaccuracy of the PCOS. Recall that the CF Cards were recalled nationwide and had to be replaced.
On the time and motion. As earlier indicated, the number of voters in a clustered precinct in 2010 was the cause of the long queue. BEIs had to attend to 5 times the number of registered voters. At what cost must we ensure that elections are conducted properly? If more PCOS machines were required, then more should have been provided.
On Digital Signature: For all its repeated claims, it is best to challenge Comelec and Smartmatic that the digital signature implemented in the AES can be independently verified and a u t h e n t i c a t e d . F u r t h e r , C o m e l e c a r g u e s o n t h e procedural/operational aspect which could have been easily addressed. Comelec, under the stewardship of Chairman Jose
22
Can
vas
sin
g a
t C
om
elec
Cen
ter
&
Join
t C
on
gre
ssio
nal
C
anv
assi
ng
Cen
ter
Th
e sh
ock
ing
ly w
ron
g
tall
y o
f th
e n
atio
nw
ide
tota
l v
ote
s (1
50+
m
illi
on
in
th
e C
om
elec
C
anv
assi
ng
ser
ver
an
d
250+
mil
lio
n i
n t
he
Join
t C
on
gre
ssio
nal
C
anv
assi
ng
ser
ver
wer
e ig
no
red
by
th
ese
two
b
od
ies;
th
is i
s an
o
bv
iou
s te
chn
ical
err
or.
Co
mel
ec e
cho
ed
Sm
artm
atic
's e
xcu
se
that
th
e w
ron
g t
ally
w
as a
res
ult
of
app
lica
tio
n e
rro
r
Th
is i
s a
BU
G o
f te
rrib
le
po
ssib
le c
on
seq
uen
ce
wh
ich
co
uld
hav
e b
een
d
etec
ted
had
a p
rop
er
ind
epen
den
t so
urc
e co
de
rev
iew
was
al
low
ed. T
he
larg
e n
um
ber
as
per
in
du
stry
p
ract
ice)
is
sup
po
sed
to
b
e th
e so
-cal
led
sy
stem
ch
ok
e p
oin
t (t
he
po
int
for
the
max
imu
m
nu
mb
er o
f b
allo
ts t
hat
ca
n b
e co
un
ted
set
as
a p
aram
eter
of
the
syst
em).
Wh
y w
ere
thes
e tw
o p
aram
eter
s se
t at
3 a
nd
5 t
imes
th
e n
um
ber
of
reg
iste
red
v
ote
rs?
Giv
en a
tu
rno
ut
of
40 m
illi
on
, wh
ere
did
th
e 11
0+ m
illi
on
an
d 2
10 m
illi
on
plu
s ex
tra
bal
lots
co
me
fro
m
16
Herewith is AES Watch's Rejoinder to the Comelec on the following problems and issues (Note: AES Watch received a copy of Comelec's 13-page reply (undated) to the AES Watch Primer first release presented to the Catholic Bishops Conference of the Philippines dated January 26, 2013):
Even if contingency plans were put in place, it is BEST practice to ascertain the cause of problems observed in an automated system and find resolutions to such problems, not just troubleshoot each problem as it comes.
For example, the issue of different timestamps on the election returns. The reason by Smartmatic was that the internal battery may have been dislodged from its receptacle during transport. Many IT experts and practitioners who have worked with PCs from the time computers started to invade the office space in the 1980s never encountered internal batteries dislodged from their receptacles. The reason given by Smartmatic is simply indicative of the low level quality of the PCOS. If their reason is true and correct, the PCOS clock should have reset itself to a common base date/time, not random date/time. Another example is the ballot does not fit the PCOS insertion slot which happened in May 2010. BEI members had to trim the the edge of the ballot to be fed successfully. Had Smartmatic determined the cause of the problem, it could have been avoided during the February 2 mock election at the UP-IS.
On the number of ballots per clustered precinct: The number of ballots is determined by the number of registered voters assigned to a polling precinct plus the number of BEI members. This could have easily been configured in the system – not a complicated thing to do. After all, Smartmatic owns the EMS and could have easily added a formula, “Number of Ballots=Number of Registered Voters+Number of BEI members,” a one line instruction that could have been added to the EMS program.
On long queues: It was not the criss-crossing of voters that resulted in long queues. No time and motion study was done by Comelec as it prepared for the 2010 elections. The long queues were a result of clustering of precincts with a maximum of registered voters at 1,000. In elections prior to 2010, voters also
21
sin
ce t
hes
e n
um
ber
s w
ere
reac
hed
by
th
e tw
o c
anv
assi
ng
cen
ters
?
Po
st E
lect
ion
Ran
do
m M
anu
al
Au
dit
(R
MA
)
Th
e R
MA
was
co
mp
lete
ly w
ron
g d
ue
to t
he
wro
ng
sam
pli
ng
m
eth
od
plu
s th
e sa
mp
les
are
no
t re
pre
sen
tati
ve
of
the
elec
tio
n c
on
test
s th
at
wer
e au
dit
ed; g
iven
su
ch, n
o d
efen
sib
le
stat
isti
cal
con
clu
sio
n
can
be
gle
aned
fro
m
the
exp
ensi
ve
effo
rt
thu
s d
efea
tin
g t
he
fun
dam
enta
l p
urp
ose
o
f th
e la
w p
rov
isio
n f
or
tran
spar
ency
.
Co
mel
ec i
s N
OT
p
roh
ibit
ed f
rom
im
pro
vin
g o
n t
he
law
p
rov
isio
n f
or
RM
A. Y
es,
it t
ried
to
im
pro
ve
the
pro
vis
ion
by
gea
rin
g f
or
5 sa
mp
les
per
dis
tric
t in
stea
d o
f o
ne
per
law
re
qu
irem
ent.
Bu
t th
e sa
mp
lin
g u
sed
was
co
mp
lete
ly w
ron
g,
hen
ce, t
he
sam
ple
s w
ere
no
t re
pre
sen
tati
ve
of
the
do
mai
ns
aud
ited
. E
rgo
no
use
ful
or
val
id
con
clu
sio
n c
an b
e m
ade
fro
m t
he
RM
A r
esu
lts.
It
en
ded
up
as
just
an
ex
pen
siv
e an
d w
aste
ful
mad
e-fo
r-m
edia
th
eatr
e o
f ze
ro a
ud
it v
alu
e.
172.1. Source Code Review2.2. Use of digital signature2.3. Voter verification2.4. Use of storage devices 2.5. Other technical provisions like accuracy 2.6. Pre-tested technology2.7. Certification and role of TEC (Technical Evaluation
Committee)2.8. Role of the CAC (Comelec Advisory Council)
3. Major implementers including the Comelec and its major citizens' arm accredited for major technical tasks like conducting random manual audit (RMA) of the system lack knowledge, competence, and appreciation of the technical complexities.
4. Safeguards (and therefore, non-compliance and violations of the laws, TOR, agreements and contract) to ensure security, accuracy and reliability of the system are conveniently set aside or disregarded and made as excuses to give way to “lower cost,” “lack of time,” and “better alternative to manual (defined as “fraudulent”) elections.”
5. Sovereignty in running the elections is compromised when the implementers rely too heavily on a foreign technology provider which does not own the operating license of the technology. (Note: the case between Smartmatic (technology provider in the Philippines vs Dominion Voting System (PCOS technology owner) remains unsettled in Delaware, USA since it was filed in September 2012.
Because of these, VOTE buying is no longer a major problem in automated elections. With the lack of major safeguards in the hardware and software components of the system, the problems in PILAHAN (long queues), BILANGAN (inaccurate counting), at BENTAHAN (not just vote buying but program system buying) are emerging as modern-day problems in election. If left unchecked, automated election forms of cheating like CF card buying, PCOS machine buying and transmission jamming plus the clustered precinct long queue-delaying tactics will prevail alongside traditional forms of cheating, wholesale fraud and violence.
20
Pro
clam
atio
nP
rocl
amat
ion
s w
ere
no
t ef
fect
ed a
s ca
refu
lly
as
they
sh
ou
ld b
e re
sult
ing
in
pro
test
s n
um
ber
ing
big
ger
th
an
in p
ast
man
ual
el
ecti
on
s.
Pro
test
sP
rote
sts
wer
e in
eff
ect
futi
le f
or
the
reco
un
ts
wer
e d
on
e 10
mo
nth
s af
ter
elec
tio
n d
ay, m
ore
th
an t
ime
eno
ug
h t
o
lose
th
e au
dit
val
ue
of
the
resu
lts.
Bo
tto
mli
ne,
th
e 20
10
AE
S d
uri
ng
its
use
on
el
ecti
on
day
an
d a
fter
b
ecam
e a
bla
ck b
ox
in
fest
ed w
ith
so
man
y
wo
rms
wh
ich
ate
its
in
teg
rity
, sec
uri
ty a
nd
tr
ansp
aren
cy.
18II. Monitoring and assessment of the AES from May 10, 2010 –
present
A. What are the critical issues on the AES?
1) Legal – Lack of compliance with provisions of law, like (1) the use of digital signatures to sign the election returns and certificates of canvass and (2) review of the AES source code by interested political parties and groups.
2) Technical – Use of CF cards is insecure. A write-once-read-mean storage medium was specified in the Request for Proposal for the automation of the 2010 elections. CF cards will be used again in 2013, in violation of COMELEC's defined requirement. CF cards can be transplanted with new data.
3) Management – Considering that the same number of PCOS machines will be deployed for the May 2013 elections, clustering of precincts will be maintained. COMELEC has to prepare for more voters per voting precinct, perhaps assign more BEI members for voter verification.
B. What have been main problems in the implementation of the Election Modernization Law or the Automated Election Law (RA 9369) since 2008?
1. Lack of transparency by the premier election manager in the country, the Commission on Elections (Comelec) in dealing with various groups of citizens' election watchdogs, Filipino IT community, research groups and other stakeholders when it comes to ensuring safeguards for security, accuracy and reliability of the chosen technology in the automated election system (AES) used for elections.
1.1. The right to know and access public information on the AES has become an exclusive domain of only a few favored or “approved” individuals and/or groups;
1.2. The Filipino IT community on the whole continues to be excluded and treated as second class to foreign provided technology and know-how.
2. Inconsistent and varied interpretations of provisions of the Poll Automation Law (RA 9369), among which are the following:
19
