Rappler - [OPINION] How to make the automated elections less vulnerable to cheats

12 February 2019

By Emil Marañon III | Rappler

In the 2019 elections, the Comelec will test a Voter Registration Verification System in one-third of the clustered precincts, mostly in Mindanao.

The 2019 elections will be our 4th automated one.

In 2010, the country implemented its first automated elections using Smartmatic’s voting machines called the Precinct Count Optical Scanner or popularly (or infamously, depending on which side you are on) known as the “PCOS machines.”

The 2010 PCOS machines were reused in the 2013 elections.

In the 2016 elections, the PCOS machines were replaced by newer and updated optical mark reader, relabeled as the Vote Counting Machines or the “VCM,” which were also supplied by Smartmatic.

The same VCMs will be used in the 2019 elections.

This may be the 4th automated elections, but many have yet to understand that our Automated Election System or “AES” is not a “fully” automated election system, contrary to what its name suggests. What has been automated are merely the:

  • Appreciation and counting of ballots
  • Transmission of the precinct results to the Boards of Canvassers
  • Ladderized consolidation of results and their canvassing

All other aspects of the election process have remained manual. Voters, for example, still manually cast their vote by shading the ballots instead of, say, touching buttons on a computer screen to register their vote for their chosen candidates.

Verifying the voters' identity

Another crucial aspect of the AES that has remained manual is the “voter verification.” This is the part where the members of the Electoral Boards (EBs) ascertain whether the person before them is the same voter who registered to vote in that precinct. Presently, when a voter presents himself to vote, he will be verified by asking his name and by counterchecking it with the the Election Day Voter’s List (EDCVL). When there is a challenge as to his identity he will be asked to produce a proof of identity, registration, or qualification. Under the General Instruction, it is at this point where the EB “shall identify the voter’s specimen signature and photo in the EDCVL.” If the members of the Electoral Board are satisfied, he will be given a ballot and be allowed to vote.

The voter verification process is supposed to screen illegal voters and impostors. This aspect of the AES is the only discretion left to the members of the Electoral Board and, consequently, the automated system’s weak point. Members of the Electoral Boards can be forced, intimated, bribed or can simply collude with politicians and that’s it! This vulnerability has been exploited by election operators and cheaters since the 2010 elections.

This vulnerability is worsened by the voting machines’ inability to tell whether the person feeding the ballot is really the registered voter who cast the vote. This allowed the cheating scheme of “shading by one” or “feeding by one,” where one or few persons can technically vote for the whole precinct. In some instances, politicians would simply hijack all the ballots and shade them en masse, ending with a 100% turnout and with 100% of the votes cast in his favor!

After the 2010 automated elections, after my law firm boss Sixto Brillantes Jr took the helm of the Commission on Elections (Comelec), one of our immediate priorities was to address this vulnerability by automating voter verification and remove the Electoral Boards’ discretion. This, however, would require a separate voter verification machine that would be integrated into the voting machine – at that time, the estimated cost was P25,000 per unit.

This was how we envisioned it to work: the biometric information (that is, fingerprints) of all the registered voters of a particular precinct would be pre-loaded onto the precinct’s voter verification machine. Persons presenting themselves as the voter would be asked to input their fingerprints, and if there was a match, they would be given a ballot. A biometrics match would also be required before a filled-up ballot were to be accepted and read by the PCOS machine.

This would have easily eliminated the practice of “shading by one” or “feeding by one.” At the very least, it would have made it very difficult for election cheaters to do their thing because the system would require them to produce warm bodies to cast the votes. Unfortunately, our budget proposal for the 2013 elections was stricken down as early as the level of the Department of Budget and Management. Thus, the planned improvement was never implemented. It also did not happen in the 2016 elections.

Partial implementation of verification system

In the 2019 elections, with much credit to the present chairman and commissioners of the Comelec, biometrics-based voter verification will finally be implemented…but with a catch!

First, it will be implemented partially, not in all voting precincts in the country. Of the total of 92,509 clustered precincts that will operate in the 2019 elections, only one-third or a total of 32,000 clustered precincts will have a Voter Registration Verification System (VRVS). According to various Comelec releases, these 32,000 clustered precincts will more likely be in “in selected areas of Mindanao and practically for the entire ARMM (Autonomous Region in Muslim Mindanao).”

Interestingly, ARMM, now the Bangsamoro Autonomous Region in Muslim Mindanao (BARMM), will once again be the testing ground for the VRVS, like in Comelec’s past electoral experiments. However, to me, it is ripe for judicial determination whether imposing an additional step or requirement or condition on the voters from these 32,000 clustered precincts (while not applicable to the rest) will pass the “equal protection” test of the Constitution.

Unlike the 2013 plan, the 2019 VRVS will not be integrated or connected to the voting machines, but will merely “compliment” them. Biometric matching will not be required before the VCM will accept and count the ballots as envisioned by Comelec in 2013. Also, per Comelec press releases, not passing the VRVS’ verification does not mean a voter won't be allowed to vote. The Electoral Board will retain “discretion” to let the rejected person vote despite failing the verification test. This then begs the question: what will the verification be for? What added value will the machines give to the voting system?

As I understood it, this partial implementation of the VRVS is meant as a “trial” in preparation for its full implementation in the 2022 elections. But is the Comelec even ready?

Quality of biometrics database crucial

One of the major issues that the Comelec will face is the quality and integrity of its biometrics database. The Comelec has been gathering biometrics data for more than a decade or perhaps longer. In that period, different biometrics capturing machines running on different software and from different suppliers had been used. Expectedly, they are of varying performance or accuracy. Also, different people had captured and handled the voters' data, and different suppliers had been in charge of their storage, custody, and analysis.

During my time at the Comelec, we constantly received reports that a significant number of fingerprints in the former ARMM areas were found to be “smudgy” or intentionally made smudgy. There was also the prevalent use of the middle, ring, or pinky fingers, instead of the required thumb and index fingerprint to trick the Automated Fingerprint Identification System (AFIS), which could detect duplication. Migration from one technology to technology supplier, if mishandled, could also affect data integrity. In other words, the inconsistency of the “quality” of the biometrics data is foreseeable and, in fact, confirmed by multiple sources.

To address or compensate for the problematic biometrics database, the Comelec or its VRVS supplier is expected to lower the so-called “Biometric Match Threshold” or BMT. This threshold pertains to the minimum degree of similarity between a pattern (biometric information of the person attempting to vote) and the biometric template preloaded in the VRVS that it will accept before declaring a “match.” The industry uses the word “scores” (or weights) to express the similarity between a pattern and a biometric template. The higher the “score” is, the higher is the similarity between them. The higher the score or similarity required, the higher the certainty that the person attempting to vote is really the voter registered in that precinct.

The quality of Comelec’s biometrics database will be crucial in setting this threshold. The dilemma is that imposing a higher threshold could lead to a higher rejection rate or prevalence of false rejections if Comelec’s biometrics database are of poor quality. The other option is to lower the threshold, but this could mean poor detection, thus a higher acceptance rate (or false acceptance). In a worst-case scenario, with a system adopting a low threshold, impostor patterns could be falsely accepted.

To address this, two steps are necessary. First, the Comelec should conduct an inventory, assessment, and quality check of its biometrics database. Second, for transparency, it should publicly announce the “Biometric Match Threshold” that it will adopt for its VRVS, so as to prevent any surprises or unintended controversy like the shading threshold which exploded out of proportion in Bongbong Marcos’ election protest before the Presidential Electoral Tribunal.

An accurate VRVS can only achieve so much with a poor database; it might even fail. Comelec’s VRVS supplier can simply pass the blame on to Comelec, and that would be like flushing a lot of money down the drain!

If Comelec gives the public a clear and honest assessment of its database and makes the biometric match threshold known, then we can temper our expectations and have a sounder assessment of the 2019’s automated voter verification system. This sound assessment of the efficacy of the 2019 VRVS is crucial for us to know whether it can be expanded nationally or implemented fully in future elections. Or, it can tell us what intervention can be done before 2022? Is there a need to nationally “redo” Comelec’s biometric database?

Personally, I believe in the necessity of a VRVS and think that its full integration into the voting machines is the only solution to close any vulnerabilities and solve many electoral fraud that subsisted in automated election system like the shading and feeding by one. Further improvement of our automated election system should go towards this direction and I congratulate the Abas Commission for taking this bold step! – Rappler.com