Last March 22, 2015, Leo Querubin, President of the Philippine Computer Society, wrote Sen. Aquilino “Koko” Pimentel III, chair of the Joint Congressional Oversight Committee (JCOC) on the Automated Election System, a letter pertaining to Smartmatic-TIM. A copy of Querubin’s letter was furnished me by the computer professionals at last week’s hearing of the JCOC at the Senate, where some of them aired the people’s grievances against Smartmatic.
Nothing I heard there, however, equals the import of Querubin’s letter, for it shows in black and white, and later in diagrams I’m reproducing here, how our elections have been tampered with in 2013 and perhaps even in 2010. If we do not do anything about Comelec’s recent award to Smartmatic to lease some 93,977 new units of the Optical Mark Reader (OMR) machines at a whopping P12.6 billion, with offer to purchase (OTP), we may see a repeat of this terrible development---a crying shame for a democracy.
Querubin’s startling letter quoted the Comelec Advisory Council (CAC)’s “Post-Election Report on the Use of the Automated Election System in the 2013 National and Local Elections, submitted to the JCOC AES last January 2014. On Page 18, the CAC report said that contrary to official thinking “it was further found the day after Election Day that a laptop was installed as an intermediary “workfile server” between the Transparency Server and the workstations of four authorized recipients and the Rappler Server.” The report said this was disclosed by Smartmatic-TIM when it met with KBP, PPCRV and Namfrel “to explain the deletion of files” that Smartmatic made at the Transparency Server on the early morning after Election Day.
The report asserted that “This modification may have made the system vulnerable, resulting in security breach, open to online interference or manipulation. (emphasis BOC's)”
Let’s process that paragraph a bit. Day after the 2013 elections a laptop was installed by Smartmatic as a “workfile server,” AN INTERMEDIARY between the Transparency Server operated by the Parish Pastoral Council for Responsible Voting (PPCRV) and four authorized “workstations,” including citizens’ arm groups, to which PPCRV serves election data on who was winning and who was being left behind. What was stunning are two facts: l). the installation by Smartmatic of this intermediary which was not supposed to be there, and 2). the admission by Smartmatic’s Technology Manager, Marlon Garcia, that some files it made at the PPCRV-operated Transparency Server in the early morning after Election Day had been deleted from this server.
As Querubin put it, “In any IT system implementation, no one can delete files unless fully authorized by Management.” He then asserts that “it would be wise to ask Smartmatic and Comelec to show the document (it must have been an en banc resolution) that authorized Smartmatic-TIM to delete such files." In addition, Querubin asserts that Smartmatic should also be asked where the archived files (i.e., deleted files but saved as archived, to be used for audit purposes later) are stored.
I would include summoning PPCRV on how this happened at the Transparency Server it was operating at that time.
But there is still the worst about that episode involving the “Workfile server”, which, as Querubin put it, was “the most worrying statement” in the CAC report. This is that “The Comelec website in the 2013 National and Local Elections derived its data from the ‘Workfile server’ that intermediated the Transparency Server and the four recipients.”
The four recipients were the Majority Party workstation, the Dominant Minority Party workstation, the Accredited Citizens’ Arm (Namfrel) workstation, the Kapisanan ng mga Brodcasters ng Pilipinas (KBP) workstation. These outfits were all receiving their data from the Workfile server and in turn were dishing these out to the entire nation hanging on tenterhooks by then!
But this is not all: this Workfile server also served as the source of data served to the entire nation by the Comelec Website. If this Workfile server was inserted as “filter” by Smartmatic to the Transparency Server of the PPCRV, were these data then corrupted or untrue, or being manipulated to serve the interest of some candidates against those of others?
Querubin of the Computer Society asserts rightly that “The workfile server taints the results of the process. It disrupts the chain of custody of election returns. Hence, it boggles the mind why Comelec would use a tainted source for its Comelec website, knowing full well that the Comelec website is the public facing source of election results.” Querubin says “It will be wise to ask Smartmatic-TIM and Comelec what was the purpose of the Workfile server and who was manning it."
Definitely, PPCRV should also face the inquisition board.
If this happened in 2013, with Smartmatic being involved again by Comelec for the 2016 elections, what would happen then? Something really is rotten and it’s not in Denmark. If this happened in the US, it's easy to imagine how the US Congress would demand no less than a congressional investigation. Let's pray that Koko Pimentel's JCOC on the AES would be equal to the challenge from the IT people---for the sake of the nation.
(Charts supplied by the Philippine Computer Society)