5 days before election, Comelec not in control

The Comelec has practically relinquished control of Election 2022 to its foreign tech supplier. Five days to E-Day, it has not ascertained the accuracy and reliability of Smartmatic’s vote counting machines (VCMs) and servers. In effect, the Venezuelan firm will have free run of precinct counting to national canvassing. The presence of public school teachers in precincts will only be to identify voters and other manual procedures. Technicals will proceed with or without them. That Smartmatic recently was hacked by insiders dents its credibility. Doubts about election results can spark civil unrest.

The Automated Election Law requires Comelec to have the VCM source code certified by professional bodies. As well, the source codes of the central, backup and transparency servers that will add up each machine’s count. Source codes are the computer commands that run the VCMs and servers. Comelec must secure independent certifications 90 days before E-Day. It missed that Feb. 9 deadline. Now, no one but Smartmatic’s tech masters know if the VCMs and servers are maliciously programmed to add votes to one candidate and subtract from another. Comelec has no way of even verifying if the source code CDs submitted by Smartmatic to the Bangko Sentral are the same as what it will use on E-Day.

Comelec commissioners have been evasive. Asked about the long-delayed certifications, they resorted to mumbo-jumbo. Or, they called in Comelec computer personnel to answer, although left out of the loop to begin with.

Automated Election Watch spokesman Nelson Celis has been sounding the alarm for months in his newspaper column. The commissioners ignored him. It’s as if Celis’ PhD in information technology, past presidency of the elite Philippine Computer Society and decades-long experience in banking digital security mean nothing. He helped Congress craft the 2008 Automated Election Law, and calls out Comelec’s spotty implementation every election. In this case, he questioned Comelec’s issuance of tech clearance last Dec. 3, mock election on Dec. 29, re-issuance of clearance on Feb. 8 due to adverse findings – all done before source code certification. Cart before the horse, he remarked.

One remedy for non-certification is the random manual audit (RMA). Upon close of balloting, the results in one precinct per legislative district are to be manually counted to check against the VCM. For this election, the watchdog Namfrel (National Citizens Movement for Free Elections) shall proceed to the precincts randomly machine-selected.

Here’s the catch. Even the random selection software of that machine has not been certified.

Longtime Namfrel officer Gus Lagman, also one-time Comelec commissioner, has been shaking his head over the blunder. He too had helped write the law.

Former Information-Communication Technology secretary Eliseo Rio suggested transparency safeguards to save the situation. Through UP Vanguard Alumni Inc., the retired general listed four: (1) Open the RMA to the public; (2) Make the precinct inspector-teachers use digital signatures (passcodes) to boot and run the VCMs from the 300,000+ registered with DICT; (3) Provide dropboxes for voter receipts (Voter-Verified Paper Audit Trail) for public manual recount in case of questioned VCM reading; (4) Involve print, broadcast and social media to deter electronic manipulation via quick count and exit poll by reputable outfits. Co-signed by Vanguard national commander Guido Delgado, Rio’s Apr. 21 letter to the Comelec has been unanswered.

There’s worse. Power generators and distributors expect blackouts in the hot, humid first half of May. There’s no word if batteries and backup of Smartmatic’s VCMs, transmission system and servers have been field-tested. The Energy department is unprepared.

*      *      *

Venture Securities is back in full swing. The SEC has restored Venture’s license as stockbroker. A Special Hearing Panel found no bad faith to warrant the previous revocation of its registration, after it was linked to the fraud of another brokerage’s employee.

The panel’s March 29 ruling jibes with an earlier finding by the SEC Investigation and Review Committee. The latter in August 2020 had established, among others, that there was no sufficient evidence that Venture colluded in the fraud under Section 26 of the Securities Regulation Code. The panel ruled that Venture has in place adequate supervisory controls to sufficiently enforce all SEC regulations and securities laws.

The fraud in the other brokerage reached P700 million in client shares and led to its collapse. Venture was linked because the employee of the other firm attempted to hide the scheme by transferring the accounts. Venture was initially penalized with license revocation and a P32-million fine. Appealing its case, it was allowed to continue stock brokering.

Among Venture’s arguments was that it had no knowledge of and participation in the crime. The license scrapping and fine were not commensurate to its alleged infractions. Now it turns out that Venture’s internal safeguards facilitated the discovery and subsequent probe of the wrongdoing.