The Manila Times : Transparency review

16 February 2022

By Nelson Celis | The Manila Times

NOW that the deadline for the acceptance test certifications of all the components of the Automated Election System (AES) has already passed on February 9, it's time to do a transparency review. The AES Law, or Republic Act 8436, as amended by RA 9369, provides that the AES shall be test-certified "not later than three months before the date of the electoral exercises (May 9), categorically stating that the AES, including its hardware and software components, is operating properly, securely, and accurately." Questions arise:

– Will the public be notified about the results of the certification through a press conference, the Comelec website, social media and the broadsheets?

– Had the questions/comments raised by the local source code reviewers been addressed before the release of the certifications?

– Will the joint congressional oversight committee (JCOC), Comelec Advisory Council (CAC) and the technical evaluation committee (TEC) convene to evaluate the certification results?

– Are there TEC and International Certification Entity (ICE) findings and recommendations released? In the past, compensating controls recommended by the ICE were left hanging on air.

– Will the citizens' arms/election watchdogs (CA/WD), dominant majority and minority political parties, and Kapisanan ng mga Brodkasters ng Pilipinas (KBP), be given a chance to ask questions or comment on the possible findings if there are?

In the context of the AES Law, the transparency review actually refers to the evaluation of all the AES project implementation associated with the technical provisions stipulated therein, that is, the six items specified in Section 11, the digital signing in Sections 22, 25 and 30, the secure communication channels in Section 7, the continuity plan in Section 13, fake ballot detection, audit trails, and promulgated general instructions (GIs) related to the AES Law.

As envisioned in the crafting of the AES Law, the framers then thought of adopting the best practices in the banking sector's project management. That's why we had the voter verified paper audit trail (VVPAT or voter's receipt) patterned after the depositor's receipt dispensed after each transaction in a bank's ATM. The framers thought also of including the source code review and putting its finalized code in escrow at the Bangko Sentral ng Pilipinas (BSP). Similarly, the test certifications were adopted not only in the bank's practices, standard system development life cycle but also in the past experiences of Comelec, especially the preparations for the supposedly 2004 automated national and local elections (NLE).

So, how is the transparency review done in cutting over or launching a new or revised automated banking system? Here's how they do it in two simple steps: 1) The proponent of the project presents to the management committee (ManCom) about all report documents related to the contracts, project milestones, resources utilized including project team members, expenditures vis budget, challenges and changes, accountabilities, acceptance criteria, internal and external audits, and compliance with statutory laws. If all things are clear with the ManCom, it recommends the system launching to the board of directors (BoD); and, 2) Presentation re the project launching to the BoD for final approval if there are no issues arising from the board meeting. It is also the BoD that decides the approval of the proposed automation project before the ManCom kicks-off the project with its managers and the project team. As for the AES in the 2022 NLE, how would the transparency review be conducted? Who performs the function of the ManCom and the BoD in the AES environment? What will be the function of the JCOC, CAC, TEC and CA/WD. Let's take a look at the functions of each.

The Comelec is an independent constitutional body and is "authorized to use an AES or systems in the same election in different provinces, whether paper-based or a direct recording electronic election system as it may deem appropriate and practical for the process of voting, counting of votes and canvassing/consolidation and transmittal of results of electoral exercises (Section 5, RA 9369)." Election lawyers in the know interpret authorized as "not mandated." In fact, even with the prevailing AES Law since 1997, our NLEs in 1998, 2001, 2004 and 2007 were all conducted using the conventional manual elections.

Section 9 of the AES Law provides the functions of the CAC, to wit: 1) recommend the most appropriate…technology to be applied in the AES, in whole or in part…; 2) participate as nonvoting members of the bids and awards committee in the conduct of the bidding process for the AES; 3) participate as nonvoting members of the steering committee tasked with the implementation of the AES; 4) provide advice and assistance in the review of the systems planning, inception, development, testing, operationalization and evaluation stages; 5) provide advice and/or assistance in the identification, assessment and resolution of systems problems or inadequacies as may surface or resurface in the course of the bidding, acquisition, testing, operationalization, reuse, storage or disposition of the AES equipment and/or resources as the case may be; 6) provide advice and/or assistance in the risk management of the AES especially when a contingency or disaster situation arises; and 7) prepare and submit a written report, which shall be submitted within six months from the date of the election to the oversight committee (i.e., JCOC), evaluating the use of the AES." The CAC is led by the Department of Information and Communications (DICT).

The TEC functions are defined in Section 11 and it "shall certify, through an established ICE…not later than three months before the date of the electoral exercises, categorically stating that the AES…is operating properly, securely, and accurately…based on documented results of: 1) the successful conduct of a field testing process followed by a mock election event in one or more cities/municipalities; 2) the successful completion of audit on the accuracy, functionally and security controls of the AES software; 3) the successful completion of a source code review; 4) a certification that the source code is kept in escrow with the Bangko Sentral ng Pilipinas; 5) a certification that the source code reviewed is one and the same as that used by the equipment; and 6) the development, provisioning, and operationalization of a continuity plan to cover risks to the AES at all points in the process such that a failure of elections, whether at voting, counting or consolidation, may be avoided." It is headed by the Department of Science & Technology (DoST). Nothing is mentioned about the acceptance test certification of digital signing whether it follows the provisions in the e-Commerce Law (RA 8792) and the Rules on Electronic Evidence of the Supreme Court.

The JCOC's functions in Section 33 defines that it shall "monitor and evaluate the implementation of [the AES law] …conduct a comprehensive assessment and evaluation of the performance of the different AES technologies implemented and shall make appropriate recommendations to Congress, in session assembled…." More than that, the AES Watch appreciated how the JCOC tried to resolve the issues at hand of the AES implementation since 2010.

As stipulated in Section 29, "there shall be a random manual audit (RMA) in one precinct per congressional district randomly chosen by the commission in each province and city. Any difference between the automated and manual count will result in the determination of root cause and initiate a manual count for those precincts affected by the computer or procedural error." Since 2010, RMA has been assigned by the Comelec to a CA/WD.

Relating to the above five questions, which government agency cited earlier or lawmaking bodies could possibly initiate the transparency review? Would there be a chance for these questions to be answered soonest? Which ones would function as the "ManCom" and the "BoD"?' In the absence of the implementing rules and regulations (IRR) of the AES Law since 1997, who checks whether all provisions of the AES Law are covered by GIs? Who checks if all the audit trails (i.e., from vote counting machines, transmissions by the telcos, consolidation and canvassing systems, transparency server to central server and backup servers) are kept intact like the keeping of the source codes at the BSP? Will the voter's receipts be kept in a place where they could be vulnerable to flooding, typhoons or simple rainfall? Who double checks the integrity of the voters' list database — no dead people could vote, no double or multiple voter registrants? Is there anybody validating if all the voting precincts, including those at the far-flung areas, are able to transmit election returns? Are the final testing and sealing procedures a week before the election day comprehensive? What about digital signing assessment?… Or better yet, leave everything to the Comelec to conduct its own transparency review?