Quarters who disagree with the Commission on Elections’s (Comelec) plans for the Automated Election
System (AES) repeatedly echo each other in pointing out four instances where the security of the system was supposedly “disabled”. As is par for the course for these kinds of allegations, it is far easier to sow fear and misunderstanding than to promote facts and reason. But let me try.
First, it is said that there has been no source-code review. This allegation is baseless. To put it as plainly as possible, the AES used in 2010 and 2013 both underwent the legally mandated source-code review by an international certification authority. In 2016 the source- code review was initiated more than half a year before the elections. So, it is bunk to say that there has been no source-code review.
In a recent demonstration of the safety features of the Vote Counting Machines (VCMs) to be used in 2016, the Comelec showed how it can be proven that the individual VCMs carry source-code-reviewed software, using hashcodes—or the “fingerprint” of the software. As explained by the Comelec, each VCM is able to generate a hashcode for the software it is running. When that code is printed out, it becomes simply a matter of comparing the VCM’s hashcode to the hashcode of the source-code-reviewed software which the Comelec, on Wednesday, deposited in escrow with the central bank.
The second myth is that UV scanning wasn’t used in 2010 and 2013. While this is true with regard to 2010, the same cannot be said for 2013, much less 2016. In the same demonstration, the Comelec showed that the ballots had the appropriate UV markings—pictures were even posted online—and that the VCMs rejected ballots that didn’t have UV marks. So, myth busted, am I right?
The third allegation endlessly repeated is that the 2010 and 2013 elections didn’t use digital signatures. This one is a little more difficult to debunk because the proof lies in a Supreme Court (SC) decision. Sadly, finding and reading an SC decision—even online—can be challenging, so sometimes people don’t bother anymore, leading to the perpetuation of the misinformation. But to summarize the Court’s ruling in Roque v. Comelec: the results transmitted by the precinct count optical scan machines in 2010 and 2013 were, in fact, digitally signed; except that this was done in a manner not favored by the propagators of the myth.
Fourth, and finally, they say that the AES has no Voter Verifiable Paper Audit Trail (VVPAT). Again, the fact is that the SC has already said the paper ballot—the one filled out by the voter himself—is actually the best VVPAT. Sadly, this way of doing it was, once again, not what the critics preferred. Nevertheless, the Comelec was able to show that the VCMs to be used in 2016 do have the capability to print voting “receipts” that are more in line with what some quarters are asking for.
****
James Arthur B. Jimenez is director of the Commission on Elections’s Education and Information Department.