The Manila Times - What voters don’t know

17 April 2019

By Lito Averia | The Manila Times

IS the saying “what you don’t know won’t hurt you” true?

Many Filipinos are blissfully unaware of the internal workings of computer systems, software programs, or apps as they are referred to nowadays, or do not make a distinction between the internet and Facebook. To many, Facebook is the internet and using a smartphone is a way to access Facebook. Many users of smartphones are not even aware why their mobile devices are called smartphones. They simply refer to them by their brand names.

While users of technology are unaware of how it works, it has surely impacted their lives, whether positive or negative.

PCOS and VCM have hit home, too. Voters who voted in the past elections can easily relate to how ballots are inserted into the VCM. But the same voters are unaware of how the VCM measured the shade on the oval across the name of the candidate of their choice. Neither do they know how the votes are counted and how the election returns are generated.

Sure, voters know that VCMs are distributed nationwide — in all clustered precincts in voting centers. But they are unaware that there is a whole network of machines nationwide that is consolidating election results and pushing and receiving election results through the ether.

All that voters and the public see are the vote counts reported by media or organizations gathering the election returns from the transparency server or its mirror, and, of course, the official results announced by national and local offices of the Commission on Elections (Comelec). In fact, far too many voters don’t know what the transparency server is and how the election returns are transmitted from the VCM to the transparency server. Many are unaware that election returns from clustered precincts are transmitted to their assigned CCS or canvassing and consolidation system server.

Voters, too, are unaware that the machines and computers used in the automated elections keep a record of incidents and activities. For instance, the VCM has a record of activities or events that occurred while in operation, from the time it is powered up to the time it is turned off. The VCM keeps a record of activities whether there is interaction with an election worker — the chairman of the board of election inspectors, the member, or the poll clerk — or the VCM simply executes tasks that it is programmed to do, like scanning a ballot that is inserted by a voter or printing several copies of the election returns. The VCM also “knows” how many ballots have been inserted.

The CCS, the Comelec central server, the transparency server and its mirror, and the servers and computing appliances used in the transmission and delivery of election results, all have logs. Even the telecommunications providers generate and maintain logs, logs which keep a record of which SIM card numbers were used, when and where.

The logs provide a whole chain of evidence that may be reviewed and analyzed. Review of the logs may reveal regularity in the process but could also reveal events and incidents that may be tagged with a red flag which merit deeper investigation.

Wouldn’t the voters want to know what those potentially red flag incidents are?

The joint congressional oversight committee on the automated election system (JCOC-AES) had organized a technical working group (JCOC-AES-TWG) to look into and review some sample logs of the VCMs and CCS machines.

Based on the sample logs reviewed, early transmissions may indeed have occurred but these happened during the testing activities: 1) the logic and accuracy test; and 2) the final testing and sealing.

But, preliminary reports presented during the meeting of the JCOC-AES-TWG showed red flag incidents.

There have been anecdotal reports of pre-shaded ballots being inserted into the vote-counting machines in the past three national elections where the automated election system was used. The logs reviewed showed what might be the resurrection of what was known during the manual elections as ballot box-stuffing. This form of cheating involves the filling up of official ballots with the names of preferred candidates by people behind the scheme. The scheme was detected because the ballots showed similar styles of handwriting. Transported to the automated election system, this cheating scheme involves pre-shading ballots. It would be difficult for humans to detect pre-shaded ballots, but the VCMs would reveal what might be a ballot-stuffing act.

The logs studied by the JCOC-AES-TWG show that four VCMs operated normally during the voting period. The logs each showed the respective number of ballots inserted and counted by the VCMs before closing and powering off: 256 ballots for VCM-1, 156 for VCM-2, 442 for VCM-3, and 15 for VCM-4. After at least an hour, the four VCMs were restarted, rezeroed, and ballots rescanned. Lo and behold, the VCM logs showed the respective ballot counts: 329 ballots for VCM-1, 218 for VCM-2, 654 for VCM-3, and 362 for VCM-4. Possibly cases of ballot-stuffing.

No, it was not a case of exploitation of machine vulnerabilities. Rather it was an attack on the operating procedure and the people operating the machines.

In the context of the automated elections that voters are surely getting used to, is the saying “what you don’t know won’t hurt you” true?

Elections are for the voters. The voters have the right to know. The Comelec should adhere to election transparency by providing the data requested by the National Citizens’ Movement for Free Elections (Namfrel).