India has created history of sorts this time by conducting
the entire election process using Electronic Voting. The Electronic Voting
Machines (EVM) used in India have been appreciated by several
international observers and hailed as useful, innovative and tamper proof.
However, it is often said in Jurisprudence that "Justice is
not only to be done but should appear to have been done". In this context, the
agitation of some villagers near Bannur in Karnataka alleging a suspicion that
"Votes cast for BJP and JD (S) were added for Congress " (As reported in
Indian Express, 27th April 2004) highlights the possible doubts in the minds
of th public when they sue the EVMs.
Today, the Indian EVM s work on the basis of trust reposed
on the Election Commission officials who are responsible for the configuration
of the EVMs and checking done before they are put to voting. There is no
visible evidence provided to the public that can prove that the configuration
was not manipulated.
During the manual ballot paper time, there were
possibilities of "Booth Capturing" where bundles of pre-stamped ballot papers
could be thrust in the box. In the EVM era, this can still happen if the
Booths are physically captured. However, the Election Commission (EC) has
effectively addressed this issue through higher security at the polling
stations and ordering of repolls whenever there is a doubt. Though this has
made the election a 3 week affair negating the advantages of the EVMs and
inroducing the new controversies on "Exit Polls", the fairness of the election
process has been ensired through better physical security.
However, security in the EVM scenario cannot end at the
physical level. There is a distinct possibility of the EVMs being
malconfigured to count votes cast in a pre determined way. This can happen
either at the machine level or during consolidation. The EC officials cannot
be expected to have the necessary expertise in monitoring such possibilities
and have to depend on the expertise and integrity of the officials of BEL (Bharth
Electronics Ltd), the public sector corporation which produces the EVMs.
While not casting any aspersions on the integrity of any
officials of the EC or the public sector BEL, it is necessary to state that
the system is amenable for misuse by any single inidvidual who may be corrupt
in the system. If the recent leakage of question papers in the IIM
examinations or CBSE examinations or the Telgi scam are any indication, one
must accept that the EVMs are also amenable for misuse, particularly sine the
stakes are far grater than event he Telgi scam.
The principle of security that we need to remember here is
that "If there is a possibility of a fraud, one day or the other, one person
or the other may be tempted to commit the fraud".
It is therefore necessary that rather than making our EVMs
and the Indian Election Process subordinate to the integrity of the officials,
there must be a legally accepted accountability built into the system of
Electronic Voting.
The EVMs which are being used in India were designed when
India did not have Cyber Laws in place. Today, ITA-2000 is the law of the land
and any electronic document is subject to the provisions of the ITA-2000.
Question therefore arises whether the EVMs are Cyber Law
Compliant? and whether they follow the provisions of ITA-2000 wherever it is
relevant?
It is difficult to pass a judgement in this regard since
the software driving the EVMs is not in public domain and the manner of the
internal functioning of the EVMs is not made public either by the EC or BEL.
In the United States, there is a concerted effort to oppose
Electronic Voting precisely for this reason of lack of transparency.
(Refer
http://www.verifiedvoting.org for details of the movement). This movement
advocates the need for transparent, reliable, and publicly verifiable
elections. One of the features demanded is the publishing of the software
source code used for Electronic Voting and the other is maintenance of a paper
trail for voting. The US is therefore considering alternative Electronic
Voting systems that address these needs.
From an external observation of the EVMs in India, it does
not appear that the system is designed to comply with the laws as provided in
ITA-2000. There is therefore a ground to believe that the Indian EVMs are not
"Cyber Law Compliant".
An attempt has therefore been made now to bring in Cyber
Law Compliancy to Electronic Voting Systems and one such system is being
designed by an entrepreneur in Chennai. The details of the system will be
shared with the public at the appropriate time.
While the elections 2004 has successfully gone through, and
there has been international appreciation for the Indian EVMs, we can be proud
of our achievements. At the same time it is necessary for the EC and BEL to
start looking at developing the next generation EVMs that are not only
functionally acceptable but are also Cyber Law Compliant.
Naavi
April 27, 2004
