Browse > Home / Current Events, Internet, Politics & Gov't, Technology / e-Lections 2: The Power of Text

e-Lections 2: The Power of Text

February 7, 2007

In a previous post, I had discussed on how to take Philippine elections into cyberspace as a tool to prevent fraud. Of course, the discussion was not exactly as detailed as I would have liked — blame it on weekend “katam” (that’s “sloth” to you non-Noypi speakers) — so perhaps later the post could be amplified. Kudos, by the way, to visitor Arbet who pointed out some useful details on the identity validation and ballot mechanisms.

In this post, I’ll be talking about a brainwave a friend had… and what a revolutionary idea it is. Given that the e-Lection infrastructure is set-up (with particular emphasis on identity validation), there’s one more method of execising the right to suffrage that can and will empower the citizenry:

e-Lections via cellphone.

Granted, the idea is not new, neither in other countries nor in the Philippines — text voting has been made an essential aspect in reality entertainment (i.e., Pinoy Big Brother, StarStruck, et cetera), beauty contests (think “People’s Choice” awards), programs with some sort of social relevance (”Debate: Mare at Pare”, for instance), and a host of other shows that maintain some sort of audience interaction. Heck, AM radio has pretty much capitalized on listener reaction — I can recall many instances of listening to the AM radio programs on the FX rides from Laguna to Makati, where listeners text in their reactions to issues and commentaries. So how would text voting be done for government officials?

Before we get into that, we would need to discuss in detail the “normal” voting procedures. Assuming that e-Lections infrastructure and identity validation has been set up, we would have to begin with the registration process. The registration process could perhaps be started seven months before the scheduled elections. Registration procedure:

1. (e-Lections T-minus 7 months) COMELEC performs initial purge of voters from the voters’ list (citizenship change, convicted and serving time, death, et cetera).

2. (e-Lections T-minus 6 months) COMELEC schedules registration of first time voters (validation of identity via cross-referencing against identity repository then issuance of voter’s ID at COMELEC local or embassy).

3. (e-Lections T-minus 5 months) Voter (first time or otherwise) goes to his local COMELEC office or embassy, or logs in from a cybercafe, home, or office PC, using his ID name, voter ID serial number, and PIN.

4. (e-Lections T-minus 5 months) Voter validates and updates his current address, length of stay in address, and other election jurisdiction information.

5. (e-Lections T-minus 5 months) Voter validates and updates other ID serial number information (validation information) as necessary (driver’s license SN, passport SN, seaman’s book SN, OWWA ID SN, SSS/ GSIS number, TIN, et cetera).

6. (e-Lections T-minus 5 months) As an additional security measure (because of the existence of vote-fraud perpetuators like Ma’am and Garci), the voter will be asked to provide a unique alphanumeric security word that will be known only to the voter. I would recommend that security words can be stored in a database SEPARATE from the identity repository for further security.

7. (e-Lections T-minus 3 months) COMELEC performs final purge of voters from the voters’ list. Purge in this instance refers to re-allocation of voter to correct status and electoral area of jurisdiction; e.g., if the voter has moved away from Baguio City to Taipei, Taiwan, the voter’s status is changed from local voter (one who can vote for the roster of officials from local to national) to absentee (one who can vote for national officials only).

8. (e-Lections T-minus 3 months) COMELEC prepares the final list of voters.

9. (e-Lections T-minus 3 months) Strongly-recommended optional: International watchdog and NAMFREL validates that the COMELEC-prepared final list of voters does not contain any “ghost” voters. (Okay, so I don’t trust COMELEC, but and especially after Garci, nobody can blame me for thinking about COMELEC as a tainted institution).

10. At no time after the final validated list is released will the list be modified by ANYONE, even by COMELEC (a tainted institution).

The normal voting procedure at the precinct would be as follows, for a local voter:

1. Voter goes to COMELEC precinct and is processed (show voter’s ID, show of clean hands — though the identity validation system would declare this superfluous — et cetera).

2. Voter logs in at COMELEC secure workstation with voter’s ID SN and PIN.

3. In the event the system detects that the ID has been already been used — fraudulently, of course (e.g, some Garci decided to pre-program the voter’s ballot — “Papataasin natin, Ma’am”) — the registered voter can override the fraudulent ID use and ballot cast.

Back-end system: To ensure that the override and ballot overwrite is valid, the registered voter will need to provide:

a) full name as listed on the voter’s ID;

b) voter’s ID SN;

c) voter’s ID PIN;

d) the correct SN/ alphanumeric group/ word corresponding to a key chosen at RANDOM from his list of serial numbers and information (e.g., the system will choose at random: passport number, voter’s maiden name, mother’s maiden name, spouse’s maiden name, TIN, et cetera);

e) the security word provided in registration step 6; and

f) a system-provided random alphanumeric code, like the thing that prevents spams on comments.

The previous fraudulent ballot will be purged from the system given that all the above information is correct. The voter should have the option to find out where and when the fraudulent vote was cast, and several hardcopies should automatically made (remember, zero human intervention), one at COMELEC central, one at COMELEC local, one at NAMFREL/ watchdog group, and one for the voter, to be used as evidence of the fraud.

A three-trial lock-out or similar and trace system can be set-up for the system to lock-out the fraud perpetrator — especially if the fraud perpetrator is in an airconditioned office talking to Ma’am. If the lock-out has been made prior to the registered voter casting his vote, I would recommend this action:

Inform the media (that’s why there’s a voter’s copy — especially if the fraud is perpetrated in Lanao, and the registerd voter is, say, in Ilocos Norte). A sufficient number of voters with validated fraud printouts can invalidate a fraudulent election. For instance, 100,000 voters with validated proof that they were defrauded would be statistically significant and sufficient to invalidate Ma’am’s fraudulent victory.

Entering incorrect verification information should be treated as attempts to defraud a voter, and should likewise be automatically reported. The lock-out and trace system would be also useful in this instance. A sufficient count of attempts can declare a failure of elections, and the COMELEC commissioner of the jurisdiction should be beheaded.

4. Voter ticks off the radio buttons/ check boxes for the following officials as applicable:

- President - Vice-President - Senators (12) - Representative - Governor - Board Member - Mayor - Councilors (12) - Abstain unchecked - Abstain all

Note that barangay elections are not covered (a cost-benefit analysis would doubtless show that barangay elections would be best left to the current electoral process — that is, until far into the future).

5. The ballot is uploaded to the COMELEC local ballot server.

The tally procedure, naturally, would be as follows:

1. At the close of voting, COMELEC local and national servers synchronize.

2. COMELEC local provides the automated tally for local officials. The tally should be validated by election watchdogs. (Yes, COMELEC has proven to be untrustworthy in the local level.)

3. COMELEC national provides the automated tally for national officials. The tally should be validated by election watchdogs. (Yes, COMELEC has also proven to be untrustworthy in the national level.)

4. Winning candidates are proclaimed.

Important notes:

1. Considering network and computing speeds, the reports should be released and winning candidates proclaimed within one to three hours after the close of precincts at the local level, and three to six at the national level. Any longer than that, the opportunity for fraud becomes greater (especially inside COMELEC offices, the institution being corrupt and untrustworthy). Therefore, if no proclamations are not made within this window, the electoral exercise should be deemed tainted and should start from the beginning.

2. Any server, whether local or national that is corrupted will automatically declare the area as having had a failure of elections. Recovery should be done only for reference and archival purposes, NOT for tally purposes, as recovery involves human intervention (ergo, the potential for a Garci to edit the database data exists). In other words, the voters will have to vote again.

Now, the proposed “vote-from-home” procedure mentioned in the previous post would have the initial log-in and ballot-casting steps:

1. Voter surfs to the COMELEC secure portal from his home, office, or cybercafe PC.

2. Voter logs in using voter’s ID SN and PIN.

3. To ensure that the “vote-from-home” process is secure, similar to the override procedure the voter will have to provide his full name as listed on his voter’s ID, voter’s ID SN, voter’s ID PIN, the correct SN/ alphanumeric group/ word corresponding to a key chosen at random from his list of serial numbers and information, and the security word provided in registration step 6.

4. The voter casts his votes for candidates as applicable to his voting status by ticking the checkboxes provided by the onscreen menu.

Fraud prevention, aside from the procedures already mentioned, will include capture of the PC’s IP address and physical location as determined by the network server.

***

The vote-by-text procedure would be somewhat more cumbersome, but the facility could be validly employed. Between myself and the friend I had discussed this with were a lot of contentions, and I gleaned a lot of possible scenarios from them. This would be the SMS log-in and voting procedure:

1. Voter texts “IN VOTER ” to, say, 5555.

2. System responds with “Enter voter PIN,” to which voter responds. Now, given that an attempt to defraud the voter has occurred, the following anti-fraud procedure would follow:

a) the system requests from the voter three randomly chosen keys from his list of serial numbers and information, the security word, plus one system-generated alphanumeric key to respond to. These five questions are requested in random sequence to prevent high-tech Garcis from predicting which information to choose from and input automatically; then,

b) after all responses are validated, and at least one is incorrect, the system locks out the voter, records the cellphone number and location (mapped via cellsite triangulation), and logs a fraud attempt.

A time-out for the responses, say, 15 minutes total for the log-in time, will ensure that Garcis (notice how the words cheating and Garci are pretty much synonymous in terms of elections?) will not have time to search for the information to log in.

The list of cellphones not allowed to vote from can be stored in COMELEC central, to be purged during the next voter registration period as necessary.

3. Once the voter has successfully logged in, the system sends candidate query for texter to respond to, with choices (e.g., “President: DCN - De Castro, Noli; DEM - Defensor, Michael; TJX - The Jester-in-Exile; AAA - Abstain”).

4. The voter texts his response as applicable. An invalid code would cycle back to step 3.

5. The system iterates through the list of candidates, as applicable to the voter.

The difficulty mentioned early on would be the multiple iterations for voting for positions with multiple seats and candidates (e.g., senators, for which the system will send a query 12 times). I would recommend that a full list of candidates and corresponding text codes be prepared and published on national broadsheets and tabloids.

Further but surmountable complexity would be built in if local officials are included in the vote-by-text SMS, as the system would have to create several hundred database tables for all of the municipalities in the Philippines (which one would and should expect of the e-Lection system anyway).

Take note that the system I’ve outlined above allows multiple voters from a single cellphone — that’s fine, as not everyone has one. However, it’s a one-mistake-you-die system; one attempt at fraud, and the cellphone gets barred… at least until the next registration period.

***

The obvious benefits of text-powered e-Lections, which would be over and above the benefits of the previously presented e-Lections, would be:

1. Citizen empowerment — in a country where the cellphone has become part of one’s personal needs, a voter with a cellphone or has a friend who has one can exercise the Filipino citizen’s basic right of suffrage.

2. One can vote in the safety of one’s residence, even if the home doesn’t have a PC, away from the guns, goons, and gold of Politician This or That. Empowerment, pure and simple.

3. For people who travel a lot because of work (like med reps and such), one need not travel back to one’s precinct in Dagupan if one is currently, say, in Daet making a sale, just to vote one’s chosen candidates.

4. Voting precinct congestion? Long queues? What congestion, what queueing, when one can vote ANYWHERE?

The involved sectors would be essentially the same ones mentioned in my previous post, but with the potential for empowerment, one sector gains sole primacy and thus responsibility:

The Filipino electorate.

***

Kudos, by the way, to the kids at De La Salle-Canlubang, for getting involved in this year’s electoral exercise. Rock on, kids! (Thanks to the nashman for the heads-up. Good to see that you’ve been, erm, a positive influence to your kids.)

Written by the jester-in-exile · Filed Under Current Events, Internet, Politics & Gov't, Technology 

Comments


Got something to say?





Your Ad Here
. . . . . . . . . . . . .