Automated polls could lead to new 'Garcis', say IT experts


Posted at Apr 13 2009 09:12 AM | Updated as of Apr 13 2009 06:40 PM

A group of computer experts has warned that the planned automation of national and local elections in May next year will not diminish fraud and cheating and could lead to the rise of a new type of election operator capable of manipulating the results of the automated polls.

Rick Bahague, national coordinator of the Computer Professionals’ Union, said automated large scale cheating could happen with the Commission on Elections’ (COMELEC) plan for automated elections. He said poll automation could give rise to a new "Garci", referring to former Commission on Elections official Virgilio Garcillano who allegedly tampered with the elections results of the 2004 presidential elections.

"Perpetrators of cheating and fraud like Garci will be back in 2010, more manipulative and more systematic than the past elections with the help of [automated elections system] that we have to be ready to preempt their plans," Bahague said in a statement on the CPU website.

Bahague said the proposed automated election system (AES) has several technical vulnerabilities including insider threats, software engineering limitations, network vulnerabilities and lack of required auditing procedures.

He said insiders could manipulate and tamper programs and canvass results to make them appear "mathematically consistent."

He also warned that software problems could affect AES machines and lead to wrong elections results. "As a matter of fact, there are documented reviews in other countries which warn on malicious software that ca be loaded to AES, which can affect the whole election results," he said.

He said securing election data is difficult since the AES machines need to be secured while data should be stored in a manner that the secrecy of the ballots are maintained and the data not tampered. He said the data should be protected from hackers who could alter the data before its transmission.

"In the manual elections, the coordinated manipulation of municipal/provincial canvass is limited by geographical factors. In the AES, tampering in the synchronized provincial canvass can now be done by just manipulating the consolidation servers at the municipal, provincial and national canvassing levels,” he said.

He also said voter trails should be available in the proposed automated election system to ensure "that there is a way to recount and cross-check election results in the event AES fails."

Bahague said the creation of a suitable AES system is still possible as long as it is reviewed by a large number of independent security experts with knowledge in computer security and cryptography. He also said the source code of the system should be open and available to the public. "This will allow all interested and technically-adept individuals and groups to scrutinize the functions of the system. It should have voter-verifiable audit trails for reference," he said.

“A suitable AES should accurately capture voter's intent to actual tally. It should be secured such that ballot secrecy is protected. It should be encrypted and digitally signed so that the ballot data is protected and difficult to tamper with. It should be able to effectively handle a large number of voters. Finally, it should release report faster than the manual elections,” he added.