Computerized Elections System Faulty, Vulnerable to Cheating

Concerns are being raised that the automated elections system (AES), which is supposed to be used in the coming elections in May, is vulnerable to cheating and that the Commission on Elections has been so inept in the preparations.

with a report by Angelica de Lara

MANILA — For the first time, the Philippines will use the Automated Elections System (AES), which promises a quicker count and supposedly less fraudulent election. The counting, the Commission on Elections say, would be so quick there would be no time to cheat.

The automated system being eyed for use in the coming elections in May should have been a welcome change from the previous manual elections’ interminable counting and tallying marked by violent incidents of ballot box snatching and reports of dagdag-bawas (vote padding and vote shaving). But so far, the welcoming note is lost among Filipino voters who are skeptical not because the system is new, as the Comelec keeps saying, but because the Comelec’s preparations leave so much to be desired. This early, legislators are already talking of possible failure of elections.

The Comelec’s ineptness “especially in providing the teachers with voters’ education and basic knowledge regarding poll automation is already causing panic among the teachers and the voting public in general,” said Prof. Myfel Paluga, regional coordinator of ACT Teachers’ Party.

In a voters’ education project of the Ecumenical Institute for Labor Education and Research (EILER) and Computer Professionals’ Union (CPU), they have identified at least 32 vulnerabilities in the current preparation of AES “that can actually make cheating easier and less apparent than in manual processes.

The key vulnerabilities revolve around the source code or software that will be used; the seemingly unregulated administrator access to machines and passwords to be used by the Board of Election Inspectors (BEIs) in transmitting the results; and the questionable verifiability of voting and results.

Under the AES law, the Comelec is required to share the source code to any interested group for purposes of reviewing the code when the technology for the AES was chosen. But up to now, when the government had already purchased it, they still have not shared the source code to these parties. The source code is important because it instructs the machines on what to do, said Alfredo Pascual, convenor and spokesman of AES Watch during a monthly “national discernment” gathering of priests, nuns and laypersons in Manila.

Without a source code review by interested parties, CPU said a malicious code can be inserted into the software program that runs the Precinct Count Optical Scan (PCOS) machines, “thereby automatically and secretly adding or subtracting votes for or from targeted candidates,” a widely used practice in elections called “dagdag-bawas” in Filipino.

It is another matter, too, to see to it that what was reviewed would actually be the one used during the elections, Pascual said.

As for passwords, the government has decided that it will be created by the private Smartmatic/TIM, the provider of the machines, and not by the BEI members themselves, contrary to legal requirements. Interested parties who have access to passwords may thus tamper with the election results, the CPU warned.

It does not allay fears of tampering that there are no guidelines for administrator-access to machines and that the voters cannot verify or check if the machine has correctly read his or her votes. Also, it is not clear whether the canvassers and watchers will be able to verify that the right election results are transmitted to different levels of canvassing.

“Printed election results maybe different from those transmitted — another set of “election results” may have been stored in the memory of the computer,” AES Watch’s Pascual said, adding that there is as yet no system that will facilitate comparison of the printed election results from the precincts with the results arising from the canvassing centers.

Following the Comelec’s “pattern of delays” in receiving the machines, testing and certifying it, and its failure to adequately report on how it would distribute and secure the said machines and ballot boxes, as well as ensure there would be sufficient transmission facilities and security guarantees as stated in the AES Law, the AES Watch group declared last week that “overall, the AES is in the danger zone.”

The trustworthiness of AES is in question due to Comelec’s inability to install needed system safeguards, Pascual said.

Just because it is automated does not mean it would be free from fraud. In truth, Pascual of the AES Watch explained that if there would be cheating, it would have to be performed before the first ballots are “counted” by the machines, unlike in the manual system when cheating is done during the counting and transmission of results.

Share This Post