2019 elections assessment: Worst!
BY NELSON CELIS, TMT
MAY 22, 2019
SAME old song, Comelec has declared the 2019 automated elections successful! That was heard for the nth time and AES Watch was not surprised. On the contrary, AES Watch says otherwise. Let’s be objective and figure out the scorecard prepared by the election watchdog.
There were several AES Watch meetings convened at the University of the Philippines three months before the 2019 elections to rate the overall performance of the Comelec in the implementation of the automated election system (AES) law in the 2019 national and local elections (NLEs). The Center for People Empowerment in Governance (CenPEG), being the steering head of AES Watch, adopted the same grading sheet used in past poll exercises by classifying the critical major points that Comelec should have taken into serious consideration. The scorecard is called system transparency, accountability and readiness (STAR) card.
Presiding at the meetings, professor Temario C. Rivera, CenPEG board chair and co-convener of AES Watch, explained that the scoring was from “0” to “3” — 3 being the passing score or deemed compliant with the AES law (RA 9369).
Under transparency are 16 criteria that Comelec had to pass, to wit:
- Guidelines in implementing the AES (Section 37), “0”: The implementing rules and regulations (IRR) shall direct Comelec on how to implement the AES law like the correct application of BEIs and BOCs’ digital signatures, source code review, continuity plan, etc. Since the IRR has not been promulgated since 1997, it resulted in wrong interpretations of the provisions of the law. To clarify, in oral arguments at the Supreme Court before the 2016 elections, the Comelec argued that 1) the ballot itself is the voter verified paper audit trail (VVPAT), or voter’s receipt; and 2) the use of machine digital signatures has been the right digital signing for BEIs and BOCs.
- Joint congressional oversight committee (JCOC) evaluation of technologies used and recommended technology (Section 33), “0”: Not done yet since 2010. It is Comelec’s responsibility to support JCOC in its major decision-making.
- VVPAT (Sections 6e and 6n), “2”: This was implemented but there were several cases of irregularities in OAV wherein the voters found out that the votes reflected in their respective VVPATs were not the same as what they shaded in the ballots.
- Comelec Advisory Council or CAC (Section 9.1), “0”: The CAC, headed then by Secretary Salalima of the DICT, recommended mixed technologies in 2017 but Comelec did not yield to this.
- Field testing and mock elections (Section 11.1), “2”: Kontra Daya observed that there were transmission problems and ballot jamming.
- Audit of security controls (Section 11.2), “1”: Pro V&V audited the AES, though there’s none in their report about the actual test of digital signing.
- Continuity plan (Section 13), “1”: In its meeting on April 8, the technical working group of the JCOC was advised by the technical evaluation committee (TEC), headed by DoST, that they would submit the continuity plan to Comelec, but that never happened. Besides, there was no news published by Comelec in at least two newspaper of national circulation and no posting at their website regarding the said plan at least 15 days prior to elections. No copies were furnished to political parties and other stakeholders. The only consolation was the promulgation of Comelec Resolution 10497 defining the contingency measures on what to do or say when the VCM malfunctioned.
- Completion of equipment test participated by political parties, citizens’ arm groups and candidates/reps participation in examination and testing of AES equipment source code review (Section 14), “1”: The local source code review has not been completed. In the same meeting on April 8, the reviewers raised so many issues that the Comelec has not addressed yet.
- SD cards should be strictly write-once-read-many (WORM), “0”: One of the two SD cards of VCMs is WORM. Hence, data stored in the primary SD card containing the election returns (ERs) may be corrupted. The TOR about the use of WORMs can be traced as far back as the 2010 elections.
- Fake ballot detection (Section 15), “2”: QR codes are used in the ballots but it’s best if such are used in the VVPATs and ERs to ensure no padding of votes.
- Integrity of databases, “0”: This is not in the law, but we had bad experiences of having the wrong number of registered voters (i.e., 256 million in NBOC-Batasan and 150 million in NBOC-PICC) in the 2010 elections when in fact that there were only 50 million voters at the time. There’s no report on this matter. However, we were advised by Gil Ramos, principal analyst — of the US-based SurveyNgBayan, that the voters’ lists were last cleansed from 1995 to 1998 resulting in at least 2 million dead names being deleted. Using Comelec and Philippine Statistics Authority data, he used simple mathematics and concluded that this year’s elections were padded with 6 million ghost voters! That means, stakeholders should be given access to these databases and pursue Ramos’ theory. Makes sense This is similar to Namfrel’s request for open data. Why not?
- Secure electronic transmission of results/digital signatures (Sections 7, 22, 25 and 30), “0”: This was not implemented in 2008 (ARMM) elections and in the past three NLEs. Ironically, it was implemented for the supposedly automated 2004 elections.
- Availability of transmission facilities – related to the preceding criterion, “0”: There was no information released re the inventory of transmission facilities, IP addresses, MAC addresses and presence of queuing servers. The inventory should tell us whether all precincts and canvassing centers would be able to electronically transmit ERs and COCs.
- Source code review of VCM, CCS, & EMS, “1”: — Not completed.
- DoST/TEC test-certified VCMs, CCSs, EMS and SET and end-to-end test certification/ AES technology certification (Section 11.2), “0”: No TEC certification for each AES component.
- Procedures on final testing and sealing or FTS (Section 14), “2”: Comelec Resolution 10487 was promulgated. However, during the OAV and May 13 elections, there were reports of corrupted SD cards. This is quite similar to the 76,000 CF cards fiasco in 2010.
For accountability:
- Adequate general instructions, including electoral protest mechanism, “1”: Comelec promulgated Resolutions 10460 and 10527 for the electoral board (aka BEIs) and Resolution 10485 for BOCs. However, nothing was mentioned about digital signing of the BEIs and BOCs.
- Random manual audit (RMA) of vote counts (Section 29), “1”: Comelec Resolution 10458 was promulgated. Namfrel had requested relevant information to conduct a better and scientific methodology in handling RMA which the Comelec declined; hence, Namfrel withdrew its participation as a citizens’ arm of Comelec in performing the RMA. Even AES Watch had a Skype meeting with Kathy Dopp, an RMA expert in the US, who said that the sample size should be raised from 700 to 2,500 for real accuracy.
- Source codes of EMS, VCM and CCS are kept in escrow with BSP (Sections 11.4 and14), “1”: The local source code review was not completed.
For readiness:
- Precinct assignment of voters/Election Day computerized voters lists, “2”: There were incidents of voters who just went home when they were unable to locate their precincts or could not find their names in the precincts.
- Precinct-specific ballots, “3”: Done.
- Training of election personnel BEIs and BOCs (Section 3), “3”: Done.
- Stakeholders education and training (Section 31), “3”: Done.
- Operationalization of a continuity plan (Section 11.6), “0”: None.
- Efficiency of AES components and paraphernalia at voting and canvassing centers (e.g., marking pens, SD cards, VCMs, CCSs, electronic transmissions and technical support), “0”: Lots of problems encountered in 2019 elections related to corrupted SD cards, marking pens, and defective VCMs.
Hence, the AES Watch overall STAR card assessment of 2019 elections was “1” (Fail). This is similar to the past elections except that we experienced the worst so far based on the sheer number of technical problems, especially the mysterious seven-hour lull between May 13, 6 p.m. to May 14, 1 a.m.
For the 2022 presidential elections, AES Watch recommends a hybrid technology, where public counting (i.e., pure manual or computer-aided) is done in the precincts, while electronic transmission and consolidation, and canvassing would remain automated.