PCIJ: The case for computerized elections

WHEN IT comes to new consumer trends and communication technology, we Filipinos are always at the cutting edge. Our fashion mimics the latest from the West. We quickly took to texting, blogging, and Friendster. The children of our wealthy and middle-class families sport iPods and PSPs, while the rest of us use hi-tech mobile phones to vote on Philippine Idol and play SMS contests. Ironically, while we have toppled government leaders by texting, we cannot seem to use technology to vote them in place. Our electoral system scores very low in the evolutionary ladder, second only to the plastic ballot boxes I recently saw being used in Africa, and voting by a show of hands. Our system is in dire need of a makeover, one that is worthy of the Internet age. Even the Commission on Elections (Comelec) thinks so, although it somehow always shoots itself in the foot every time it tries to bring up the subject. The good news is this July, Comelec is finally going to test an Internet voting system with Filipinos working in Singapore. The plan is not exactly flawless, but it’s still a step in the right direction. As expected, too many naysayers complain loudly whenever computerization and elections are mentioned in the same breath. Their main beef: computerization will make cheating easier. If their assertion is accurate, how come no politician has ever tried stealing via Internet banking? Besides, cheating already exists in our election culture, whether technology is there or not. In fact, we can use the strengths of computers to solve the most persistent headaches we always face during elections: slow count, high costs, miscommunication, and recurring human error. Computerizing elections can only result in: Speed Computerization will mean we no longer have to count the votes manually and one by one. We will know who won within a day or two, instead of waiting a week or more. As of this writing, Pampanga has announced that it will probably have a new governor by Friday, four days after the vote. The rest of the country will probably wait longer. In the most progressive countries (from where we often copy our fashion and cultural trends), their computerized systems allow them to know who won within a day or two. In the United States, the longest count in recent history was in 2000, when George W. Bush and Al Gore had a very tight presidential race and votes had to be recounted. Even their recount took only a few days to do. Other election-related processes will be accomplished with less complications as well. When the Supreme Court disqualified Joselito ‘Peter’ Cayetano at the last minute, the Comelec could no longer remove his name from the ballot. Digital ballots will be easier to correct, should corrections be needed. Cost Savings Digital ballots will bring savings on money, time, and effort. We will use less paper (and even help save trees in the process). Our newly elected officials can go to work earlier. And our losing candidates can also file their disputes earlier. (It might still take the same amount of time for electoral protests to be resolved, but then that’s another issue altogether.) Fewer Errors Previous elections, including this recent one, are constant proof that human counting is inefficient. It is slow and prone to errors. Even our most persistent math teachers are not built for the repetitive and tedious task of ballot counting. Witness the way we count the vote: Teacher Alpha picks out one ballot from the box. She announces a name to Teacher Beta, who scans the board for the right name and ticks off one vote for that candidate. The results are also echoed on paper by another teacher. Then all the scores are counted manually and aggregated on a form (the electoral return) that is submitted to a central location. More often than not, this process can take up until late night to complete. Many things can go wrong during this tedious, manual process. Fatigue and distraction can cause ballot counters to make mistakes. Worse, a malicious person could intentionally announce the wrong name or award a vote to a different person. The election return — a document that is less open to scrutiny — can be intercepted and altered. Or as has happened lately, ballot boxes can be stolen or the precinct itself burned to the ground. In Pampanga where ex-priest Eddie Panlilio is currently leading, the slow count gives more opportunity for malicious elements to disrupt the vote. If we were casting digital votes, our ballots would have been counted by the time we reached home, shrinking the window of opportunity for fraud. Smaller Window for Fraud We know many politicians resort to dirty tricks to cheat the vote. But arguing against computerization because there are cheats is like arguing against the Internet because it has porn. Both problems exist outside of the technology and cannot be used as arguments to suppress the technology itself. In fact, a digital system will give less opportunity for fraud. To improve integrity and minimize the risk of fraud, both low-tech and hi-tech elections use the same basic criteria: (1) make the process as transparent as possible, allowing anyone to follow and check each step, and (2) easily verify that the steps have not been compromised. Both criteria are easier to fulfill with a computerized system rather than our primitive one. Recall the cases where Senators Miriam Defensor Santiago and Loren Legarda questioned the electoral results. The only way to verify the result was to audit the trail — go back through the process and check each step, reviewing all the returns and counter-checking them against the original ballots. On the local level, double-checking or recounting is daunting. At the national level, it will be horrendously expensive, as both Santiago and Legarda will probably attest. We could speed up the manual audit process by employing as many people as possible, say, 1,000. Each of these auditors can sift through the data, review the calculations, and form their own conclusions. But that would mean reproducing 1,000 copies of electoral returns and ballots. And, as we all know, physical reproductions tend to lose a lot of information available from the originals. Some accredited pollwatching groups, in fact, are now complaining of having been handed copies that are practically blank sheets. In contrast, in an electronic process, computerized ballots and returns can be embedded with encryption keys that give off a warning signal when they have been compromised. The Comelec could also opt to publish the process on the Web. Citizens could then visit the site to independently check the results. They could review electoral returns in their precinct and even their own ballot (by entering a personally registered password). Imagine the possibilities that this transparent, electronic system would allow us: * If I were concerned about the results of my precinct, I could visit a Web page where I can check the returns of my precinct. Then I could even log in, enter my personal password, and check my ballot. * In this transparent system, I can theoretically ask the other voters in my precinct to also check their ballots. Then, we could all theoretically authorize the Website to pool our votes together and show us the results. Through this, we can cross-verify the count quickly and with less effort than in a manual system. * My ballot could have an embedded trigger that will send me email or a text message in case my ballot is not counted or if it is altered. NOW YOU see why news about Comelec’s planned electronic voting experiment in Singapore is positive. Last April, the commission even caused ripples in the global geek ecology when it invited hackers all over the world to try breaking into the Internet voting system, which runs from July 10 to 30. For the Comelec, it’s a big leap. Previously, its attempts to push the computerization agenda were done mostly in the political arena and resulted in dead-end debates. But now it has stopped talking and just went and did it. Okay: some legal challenges forced the commission to lower its expectations and make it a mock vote instead. But this latest move by the Comelec sends a good message. “Our system is secure," they seem to be saying, “and you can try finding holes in it." By doing this, Comelec provides us an opportunity to see the digital system in action and then see its weaknesses and strengths. This early, some geeks have already raised some concerns about the Comelec implementation. One of the main criticisms against it is that it is built on a patented, proprietary system — specifically, one developed by the Spanish company Scytl Consortium. As any self-respecting geek would tell you, a patented software system is dangerous, since the system will likely be expensive and not entirely open to scrutiny. It also makes the user, i.e. our country, highly dependent on the firm that sold it. Instead, government could have preferred to use Free and Open Source Software (FOSS). FOSS will cost a fraction of the price tag of a patented system. It will also allow many techies to join in the process, check the software for security holes, and patch it efficiently and at less cost to the government. In contrast, a patented software system will lock us with the foreign vendor. Making changes to the patented software is also likely to introduce higher maintenance costs. We will not be able to shift easily to other, cheaper service providers, since the source code is the foreign firm’s property. Another criticism levelled against the mock Internet elections is that malicious hackers would most probably keep mum about security holes that they find during the event. They could then exploit the holes to their advantage at a later date, i.e. when real e-elections are held. Holding one mock vote should also not fool us into thinking that the system will forever be secure. Let's be clear on one thing. In the real world — as it is in the electronic world — nothing is absolutely secure. Locks can be picked or disassembled. Boxes can be pried open. Documents and ballots can be altered. These risks have not stopped us from holding elections. The same reasoning applies to the digital world: we can conduct electronic transactions with an acceptable degree of security and risk. In the same light, we can safely vote, count, and declare winners in electronic elections before malicious people can corrupt the system. Provided, of course, that we remain vigilant and have no brownouts. - Philippine Center for Investigative Journalism Ruben Canlas Jr. is CEO and Chief Knowledge Consultant of Dig It All Solutions Inc., an IT consultancy and software development firm. He is also a consultant for various private and government agencies and nongovernmental organizations, an IT columnist for Entrepreneur, and a blogger for GMANews.tv.