AES WATCH Post-Election Conference Statement

Just as we are terrified at the devastation wrought by supertyphoon Yolanda in the Visayas and other regions, so do we continue to grieve over the rape of our electoral system committed in the May 2013 mid-term elections – far worse than in 2010. None can compare the tragedy of thousands of human lives gone and the unprecedented economic losses caused by Yolanda and all other disasters that struck our country this year with the way the electoral system was subverted last May. But, as well, we grieve no end over how automated elections have been compromised by the repeated non-compliance by the poll body of the election law, by an unreliable technology marketed by an equally unreliable and rapacious foreign company (Smartmatic), by the persistence of widespread cheating in its traditional – and today “modern” – form.

We are even more appalled by the wall of indifference erected by many Congress leaders including those from the Joint Congressional Advisory Committee (JCOC) against public demands to – as mandated on this oversight committee – assess the poll automation, legislate to repair the system, and heed the clamor for electoral reform. To them we say: Enough is enough, do your work!
Last March or two months before the mid-term elections, the AES Watch through its System Trustworthiness, Accuracy, and Reliability (STAR) Card, rated the Comelec’s poll automation project as not only ill prepared but a “failure” – by legal and technological standards. The rating was validated by how the mid-term automated elections went such as, among others: the non-compliance by the poll body of major safeguards, security, auditability, and other minimum requirements and basic industry standards; massive machine breakdowns and transmission failures; counting discrepancies and millions of missing votes, equivalent to a significant disenfranchisement of voters; a biased and incredible random manual audit; and the premature proclamation of winners based on “projected results.”

The telltale signs of a failed second automated election which we first cited on May 18 have even been more confirmed by months of further research and investigation by AES Watch beginning with the unexplained 12M vote surge only a few hours after polls closed, and by major events that unfolded thereafter. What we disclose in today’s post-election conference is disturbing – and foretells a political disaster in 2016 and future elections – just as we propose urgent and constructive reforms so that we will not be haunted by past albeit deliberate mistakes and violations by poll managers and technology supplier. Our research and investigations reveal: 

  • A huge discrepancy of 59M votes between the Comelec list of winning senatorial candidates (June 5, 2013) and the Comelec public access website (May 17, 2013);
  • Attempts to cover up the election blunders and anomalies through post-election excess ballot printing and the killing of two reporters-whistleblowers;
  • The existence of a suspicious 60-30-10 final share of canvassed votes among the PNoy Team, UNA, and all other candidates – true at all levels of the canvassed votes from the clustered precincts to municipalities/cities, provinces, regions, and the national canvass. The 60-30-10 results remain questionable and disturbing more so given that there has been no conclusive review of the missing voting source code, no credible RMA of the election, and because of the disabling by Comelec and Smartmatic of the various safeguards and accuracy requirements as mandated.
  • Absence of a digital signature, hence, no legal basis for proclaiming “winning” candidates.
  • No public or transparent and uninterrupted counting of votes, as mandated by the Omnibus Election Code (Sec. 206, Article XVIII) as well as RA 9369. The mid-term election canvassing was marked by long interruptions and tampering of the program through “encrypting.”

In the mid-term elections, AES Watch along with other citizens’ election watchdogs, demanded a parallel manual count of votes and, after the May 13 fiasco, the opening of all ballot boxes for a recount. These were, as anticipated, ignored.

WE CHALLENGE the Comelec to disprove our findings by releasing to the public all vital election documents which we, together with other election watch groups, political parties, the Supreme Court, and even legislators have been asking since 2009 – including the real source codes, transmission and audit logs, and other data. The academic community, IT professionals and other stakeholders can only provide complete and no-nonsense studies if equipped with major and critical data disclosed by the election body as a matter of public information.

The corruption and commercialization of the election process continues with the deliberate and systematic denials of critical documents and information by an election body that is beholden to the powers that be and chaired by an election lawyer who – at one time in his professional career counseled the Ampatuans of the infamous Maguindanao massacre – and now takes pride in maligning vocal citizens groups and stifling legitimate dissent by all means such as the use of presidential pork to conduct surveillance of election critics. 

Comelec should first be held accountable for the major violations of law before it is able to take the path to genuine reforms now before the next elections. No reform can be possible without dealing with the culture of impunity that mocks the electoral process.

Unless all the problems of accuracy, transparency, and credibility of the voting and counting system are addressed, the results of the automated elections will remain to be contested and the proclaimed candidates will continue to hold office under a shadow of illegitimacy.

As we first stated in October 2010, the Smartmatic PCOS should be junked now! The Filipino IT community and other citizens’ election stakeholders should be involved in designing a new election system compliant with IT standards and best practices, with the right of suffrage, and with the demands of transparency, reliability, and auditability. The right to vote should never be compromised to favor a privatized, unreliable, and unsecured election system.

Advertisements

Machines are useless against fraud; ‘Bantay Presinto, Bantay PCOS, Bantay Salakay’

The think tank Center for People Empowerment in Governance (CenPEG) today warned that election cheating has gone from bad to worse and poll automation is powerless against it. It called on thousands of citizens’ poll watchers to conduct evidence-based Bantay Presinto, Bantay PCOS, Bantay Salakay (Precinct Watch, PCOS Watch, Vote-Buying Watch).

Speaking through its Director for Policy Studies, Bobby M. Tuazon, CenPEG called on poll watchers to anticipate a big number of voting machine malfunctions, transmission glitches, queuing gridlocks, and power outages, among other troubles. This scenario, CenPEG said, is expected to happen based on ground reports gathered by researchers and monitors of the Automated Election System Watch (AES Watch) who covered the final testing and sealing (FTS) from May 2-10. Continue reading

IT experts: ‘Is Comelec fooling us again?’; AES Watch demands full disclosure of deal

IT experts from the Automated Election System Watch (AES Watch) agree: The turnover by the Colorado-based SysTest Labs Inc. (SLI) of the Dominion-owned election source code to Comelec was just for show and is not compliant with the law.

AES Watch today also asserted the freedom of information as it demanded Comelec to lift the shroud of secrecy attending the claimed disclosure: What source code was suddenly released just a few days after the filing of complaints by citizens and reelectionist Sen. Richard Gordon against Comelec before the UN Human Rights Committee and the Supreme Court, respectively? Is the Dominion source code from SLI illegal copy?

Prof Nelson Celis, AES Watch acting spokesperson, asked “Is the source code presented for media photo-ops, the same source code embedded in the PCOS firmwares or is it a chopsuey source code of 2010 and 2011 – which was not tested – to be used for 2013?” “The people have the right to know the terms and conditions of the Comelec-Dominion-Smartmatic-SLI deal and what is in the source code CD,” he said.

Celis, who is also 2012 Most Outstanding Electronics Engineer in IT, said since there was no source code reviewed several months ahead of the May 13 elections, then Comelec is still liable for non-compliance with the election law. RA 9369, Sec. 11.5 stipulates that “A certification that the source code reviewed is one and same as that used by the equipment.”

Besides, Celis, an IT expert who helped craft the modern election law in 2007, said Comelec has not published the hash code of the PCOS in escrow at BSP – as well as that of the election management system (EMS) and the canvassing and consolidation system (CCS). He recalls that in 2010 Comelec published such “hash code.”

“Comelec fooled the people in 2010 on the source code, now they want to fool us twice,” Celis said.

Ernie del Rosario, former Comelec IT director, said there is no way to know now whether the claimed PCOS source code is the one embedded in 80,000 plus PCOS machines that have been deployed nationwide for Monday’s mid-term elections.

Dr. Pablo R. Manalastas, IT Fellow of the Center for People Empowerment in Governance (CenPEG), said “It does not take too much brain matter to come to the conclusion that all these media releases are just for show. We don’t have a real source code for 2013 that is available and open. We’ve been had again.”

“The PCOS binary program that will be used in the May 13 elections retains all the bugs of the 2010 binary program, plus all the bugs added by the 2011 ARMM binary program which was never tested and used,” Manalastas, an IT guru at UP and Ateneo, said.

Which version of Dominion’s source code did Comelec claim to have?

Manalastas: “Is this the version of Dominion’s PCOS computer program that was used in the 2010 Philippine elections, possibly with some minor modifications for use in the 2011 ARMM elections, but without the bug fixes that were requested by Comelec from Smartmatic as a condition for purchasing the PCOS under the OTP provision of the 2009 contract?”

There were more than 40 bug fixes requested by Comelec, but these bug corrections were never acted upon because of the court battle between Smartmatic and Dominion in the Court of Delaware. Thus, he said, “the PCOS binary program that will be used in the May 13, 2013 elections retains all of the bugs of the 2010 binary program, plus all the bugs added by the 2011 ARMM binary program, which was never actually tested and used.”

Where did this source code from and can we legally review it?

Manalastas said that for Comelec to follow the law and implement Section 12(14) of RA-9369 which states, “Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof”,  the poll body must secure a license from Dominion granting interested political parties or groups (in the Philippines) the right to review the source code (and propose bug-fixes) of the Dominion EMS and Dominion PCOS.

“This is the only legal way by which the Filipino people through interested political parties and other groups can conduct a review of Dominion’s source code,” Manalastas said. “Truth is, the only license that Smartmatic was able to arrange from Dominion for Comelec is the 2009 license that gives Comelec the right to use the Dominion EMS and Dominion PCOS binary programs for the 2010 elections ONLY. Worse still, neither did Smartmatic nor Comelec secure a license from Dominion that gives interested political parties and groups the right to review the source code for 2010 and for 2013 when the law is clear that this is Comelec’s obligation to do so.”

“I believe that our hope for clean, honest, accurate, secure computerized elections for 2013 has just been reduced to NIL,” the CenPEG IT Fellow said.

AES Watch: Comelec is not off the hook; Calls for parallel manual count

The Commission on Elections (Comelec) under Chairman Sixto Brillantes, Jr. is not yet off the hook after announcing that the Dominion Voting Systems (DVS) has agreed to disclose the source code to the poll body, the AES Watch said today. The broad citizens’ election watchdog also said the PCOS count is unreliable and called for a 100 percent parallel manual count in the coming elections in light of the absence of a source code and other deficiencies of the poll automation system.

Bobby M. Tuazon, co-convener of AES Watch, said the supposed disclosure of the source code by Dominion only bolsters the election watch group’s contention that both Comelec and Smartmatic are liable for automating the elections of 2013 without a source code. “The last-minute disclosure of the source code even if true will not extricate Comelec and Smartmatic from legal liability,” Tuazon said. “They should have revealed the source code last year when Comelec decided to re-use the unreliable Smartmatic-marketed technology to allow political parties and other interested groups to conduct an independent review of the software program as a matter of right.” Continue reading

AES Watch: Comelec is not off the hook; Calls for parallel manual count

The Commission on Elections (Comelec) under Chairman Sixto Brillantes, Jr. is not yet off the hook after announcing that the Dominion Voting Systems (DVS) has agreed to disclose the source code to the poll body, the AES Watch said today. The broad citizens’ election watchdog also said the PCOS count is unreliable and called for a 100 percent parallel manual count in the coming elections in light of the absence of a source code and other deficiencies of the poll automation system.

Bobby M. Tuazon, co-convener of AES Watch, said the supposed disclosure of the source code by Dominion only bolsters the election watch group’s contention that both Comelec and Smartmatic are liable for automating the elections of 2013 without a source code. “The last-minute disclosure of the source code even if true will not extricate Comelec and Smartmatic from legal liability,” Tuazon said. “They should have revealed the source code last year when Comelec decided to re-use the unreliable Smartmatic-marketed technology to allow political parties and other interested groups to conduct an independent review of the software program as a matter of right.”

The fact that the supposed source code is being released just less than a week before the elections constitutes a violation of RA 9369 and is further aggravated by Mr. Brillantes’ arbitrary decision that the review will have to wait after the May 13elections, Tuazon.

“Is this a piece of candy to be given out just to appease the ‘noisy critics’ who persistently demanded the release of the source code as a vital security safeguard to ensure proper operations of the PCOS program?” Tuazon asked.

Section 12 of RA 9369 says, “Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof.”

Dr. Pablo R. Manalastas, IT Fellow of the Center for People Empowerment in Governance (CenPEG) and AES Watch co-convener, asked whether the claimed source code is the version of Dominion’s PCOS computer program that was used in the 2010 Philippine elections, possibly with some minor modifications for use in the 2011 ARMM elections, but without the bug fixes that were requested by Comelec from Smartmatic as a condition for purchasing the PCOS under the OTP provision of the 2009 contract.

“ There were more than 40 bug fixes (or enhancements, using the words of Smartmatic) requested by Comelec, but these bug fixes were never acted upon because of the court battle between Smartmatic and Dominion in the Court of Delaware,” Manalastas said. To date, this court case between technology owner Dominion, and its Philippine licensee and system integrator Smartmatic, has not yet been resolved. So the PCOS binary program that will be used in the May 13, 2013 elections retain all of the bugs of the 2010 binary program, plus all the bugs added by the 2011 ARMM binary program, which was never actually tested and used.

Manalastas also asked, under what kind of license is the Dominion source code being released? He said: “Until we see the licensing agreement under which the Dominion source code is being made ‘open’, we do not know what Brilliantes means. Is Dominion giving Comelec a license to read and modify Dominion’s PCOS source code? Is Dominion giving Comelec a license to read the source code and propose modifications to be carried out by Dominion? Is Dominion giving the political parties and interested groups a license to read and modify Dominion’s PCOS source code? Is

Dominion giving the political parties and interested groups a license to read the source code and propose modifications to be carried out by Dominion? Is Dominion licensing the PCOS program as an open source program? If so, why is it not making the source code available for public download?”

Is the release of the source code going to improve the credibility of the 2013 elections, and is this Comelec’s obedience to the prescriptions of Section 12 of RA-9369?, the CenPEG IT Fellow also asked. “The answer to both questions is a big NO. A review done after May 13, of the source code of the May 13 elections will not help solve the bugs of the May 13 binary programs. To the second question, the Comelec has tried to disregard the provisions of Section 12, from the very beginning in 2009, to the present. It has stonewalled the proponents of source code review by imposing source code review qualifications and source code review conditions that are impossible, even for Comelec’s own IT people to meet.”

Another co-convener of AES Watch, IT security expert Lito Averia said there is nothing to rejoice with the news that the source code of the PCOS machines will be made available for review. “Even as Smartmatic-TIM has released the source code of the election management system (EMS) and the canvassing and consolidation system (CCS), the source code of the PCOS machines has long been withheld,” Averia said.

“How will candidates, political parties, and voters know that the errors found in the PCOS program that will run the machines have been corrected even after handing down the supposed source code?” Averia noted.

Tuazon, who is also the director for policy studies of CenPEG, said that a source code review done only after the mid-term elections will only be a farce. “All malicious bugs and errors that will be found then could no longer be corrected let alone the manifest deficiencies that would make the election results questionable,” he added.

Just the same, AES Watch challenged Brillantes to show immediately that the source code mentioned is the same one loaded in some 78,000 PCOS machines now deployed all over the country – with several being used for the FTS – and verified via hash code matching.

Tuazon said the Smartmatic PCOS machines cannot be trusted to count properly and do their job accurately and securely. The Comelec under Chairman Melo and now under Brillantes in complicity with its foreign technology provider bungled the implementation of the Poll Automation law (RA 9369) in the country.

He added: “Comelec wasted three years to prepare the source code and the PCOS machines for the 2013 polls. AES Watch individual conveners and members filed a strong complaint last May 3 with the international community, the UN and elevated their case to violations of civil and political rights of Filipino voters and watchdogs. The Comelec has lied about the source code many times in the past and labelled critics as election saboteurs. Afraid of the international backlash of continued

violations of the country’s own poll automation law, now the Comelec is announcing the release of the elusive source code in the company of its foreign partners but only to be reviewed AFTER the elections contrary to the provision of RA 9369 that source code review shall be available for independent review as soon as the technology is chosen.”

Brillantes is also under obligation to disclose the terms and conditions reached with Dominion on the alleged disclosure of the source code especially because this company was not – and has never been – a party to the 2009 contract awarding the provision of election technology to Smartmatic. “How much money did the Filipino taxpayers pay for such disclosure brokered no less by Comelec?”, Tuazon asked.

Without the source code review to be done before election day AES Watch challenges Comelec to do Parallel Manual count as contingency, to ensure the PCOS software will count right and the machines will operate according to the law.

“We just cannot trust the machines to count accurately and do their job properly, given the countless glitches from wrong counting, mismatches, and erratic transmissions,” Tuazon concluded.

For details, please contact:

AES Watch Acting Secretariat
TelFax +9299526