The Manila Times : Namfrel proposals: Use of EML and the proper implementation of digital signatures

News & Interviews
18 August 2021

By Lito Averia | The Manila Times

AN issue consistently raised against the automated election system (AES) is the absence of personal digital signatures of the members of the board of election inspectors, renamed electoral board (EB), on the electronic election returns and the members of the board of canvassers (BoC) on the electronic certificates of canvass.

When the AES was first implemented, the Commission on Elections (Comelec), saying that the "Automated Election Law" or Republic Act (RA) 8436, as amended by RA 9369, did not identify who the signatories would be, decided to have the machines digitally sign the respective election reports. The members of the EB and BoC only had to initiate the machine digital signing process, using passwords generated by the vendor and the poll body. There was no way to independently verify the authenticity of the digitally signed, electronically transmitted election reports.

The National Citizens' Movement for Free Elections (Namfrel) has been advocating for the proper implementation of digital signing of election reports generated by the vote counting machines and the canvassing and consolidation servers.

So, what is a digital signature?

The "Electronic Commerce Act" or Republic Act 8792 accords legal recognition to electronic signature as the equivalent of a person's handwritten signature. A digital signature is a type of electronic signature that may be executed by a person using a technology infrastructure called public key infrastructure (PKI).

A person's digital signature affixed to an electronic document is unique to that electronic document and protects it against tampering.

The Department of Information and Communications Technology has set up and operates the Philippine National PKI (PNPKI). The government agency, in coordination with the Comelec and the Department of Education, is at present accepting applications from teachers who will serve as members of the EB and from individuals who will serve as members of the BoC in the upcoming 2022 national and local elections so that they may all be enrolled in the PNPKI.

What then are the benefits of properly implementing digital signing on election returns and certificates of canvass?

First, it resolves the issues raised by critics against the implementation of machine digital signing in the AES.

Second, the credibility of the electronically transmitted election returns and certificates of canvass is strengthened and improved.

Third, the integrity of the election reports stored in SD cards and physically conveyed to the destination canvassing and consolidation system and other servers is preserved and protected against tampering.

Fourth, the authenticity of the digital signatures affixed to the election reports may be verified independently through the PNPKI.

Fifth, the security of the election reports is ensured even if electronic transmission is delayed.

And, sixth, the accuracy and integrity of the electronically transmitted election returns and certificates of canvass may be verified through the digital signatures affixed to them.

Namfrel is also proposing the use of the election markup language (EML) in structuring election results electronically generated by various machines and servers that make up the AES and conveyed or electronically transmitted to various destination servers. EML allows developers of election-related systems or its components to define a standard set of rules for encoding electronic election reports in a manner that are both human-readable and machine-readable.

The AES used in the 2010 and 2013 elections employed EML to structure the election reports. It was replaced with Google's protocol buffer in the AES used in the 2016 and 2019 elections.

Among the servers that form part of the AES is the transparency server. Political parties, citizens' arms and media receive copies of the election returns through the transparency server. The various recipients never received the election returns in their original form as generated by the vote counting machines. Instead, the election returns received by the transparency server were first processed and converted to a format called comma separated values, or CSV, effectively stripping each election return of vital information including the machine digital signature affixed to each election return.

What are the benefits of using EML?

First, the rules for encoding election results will be consistent across the AES components.

Second is the ease of integrating various components of the AES, for example, between vote counting machines and the canvassing and consolidation system.

Third, multi-vendor set-up and integration will be clear.

Fourth, processing and conversion of the structure and format of the election return to CSV, which had raised doubt among critics of the AES will be avoided.

Fifth, since EML is multilingual, the need for last-minute reformatting of data causing issues, such as the checksum error resulting from a change made to the program script to properly display the names of candidates with the Spanish letter ñ encountered during the 2016 elections, will be avoided.

Sixth, the use of EML enables easy end-to-end testing of the AES, making sure that the whole process works. Issues like the glitch in the transparency server in 2019 that led to the seven hours data outage will be avoided.

Seventh, the "metadata" or the vital information about the election returns is preserved when the election returns originally generated by the machines in EML form are transmitted without intermediate processing.

These are two of five standards proposed by Namfrel. Namfrel advocates for the adoption and implementation of these standards by Comelec in order to improve and enhance the credibility of the election results generated by the AES.