Pre-loading CF Cards in the Automated Election System

PCOS Machines & CF Cards

A precinct count optical scan (PCOS) machine is an electronic device that uses an optical scanner to read marked paper ballots and tally the results in an automated election system (AES).ⁱ

Apart from counting the number of votes for each candidate, a PCOS machine also counts the number of scans made by the machine. The function of counting of votes and scans is controlled by the electronic voting software installed into a compact flash (CF) card embedded into the machine. The electronic vote count is generated and documented via the electronic election returns, while the electronic scan count is generated and documented via the audit log.

The eighth entry of the audit log is known as the protective counter. It indicates the number of scans done prior to any new scan made upon starting or restarting the PCOS machine. Where the CF Card is new and unused for any scan, the protective counter should indicate zero. Where the CF Card has been used but subsequently reconfigured, the protective counter should still indicate zero.

Under the premises, it is apparent that from the design of the subject AES, there is a built-in safeguard against any unauthorized scanning of paper ballots and counting of votes. This is the protective counter indicated in the eighth entry of the audit log.

Pre-loading of CF Cards

In Biliran Province during the May 2010 elections, the Comelec established 166 clustered precincts. Each clustered precinct was paired with a PCOS machine and corresponding CF Card. Out of the 166 PCOS machines and CF Cards, some 147 audit logs generated by the electronic voting machines from 147 clustered precincts were secured and made available to then Congressman and re-election candidate Glenn Chong. This represented about 88% of the total 166 audit logs from Biliran.

Based on the pronouncement of Comelec that all PCOS machines nationwide were subjected to testing by 10 paper ballots, and that all CF Cards throughout the islands were reconfigured in a week's time after the testing failed, then the protective counter indicated in the eighth log of the audit logs in Biliran should have indicated zero because of the reconfiguration. In the worst case that the CF Cards were not at all reconfigured due to physical impossibility and time constraints, then the protective counter should have indicated the number 10 representing the paper ballots used in testing.

Upon review however of the 147 audit logs from clustered precincts in Biliran, only 2 CF Cards corresponding to 2 PCOS machines surprisingly generated a protective counter of zero. The other 145 audit logs generated anomalous figures like 22, 28, 30, 38, 70, 96, 101 and 128. None of the audit logs produced the figure 10 which should have been the worst case number where no reconfiguration was made. By adding all the available protective count together, the total number of unauthorized ballot scans made prior to election day was a staggering 4,114.

Despite the obvious anomaly shown by the protective counters of almost 88% of the CF Cards and PCOS machines used in the entire Biliran Province, no explanation whatsoever has been offered by Comelec to justify this gross violation of established and pronounced procedures. Indeed the unauthorized pre-loading of scanned ballots is a gross anomaly that the AES successfully detected but failed to prevent.

Under the premises, it is only reasonable to conclude that almost 88% of the PCOS machines and CF Cards used in the clustered precincts throughout the entire Biliran Province, were IN FACT used without authority to scan paper ballots BEFORE election day in May 2010. In other words, unauthorized scans of paper ballots were IN FACT pre-loaded into the CF Cards BEFORE election day in almost 88% of the clustered precincts.

Constitutional implications of pre-loading of CF Cards

Under these premises, where CF Cards were apparently pre-loaded with scanned ballots even before the elections in almost 88% of the clustered precincts of an entire province, then it necessarily follows that the constitutional mandate to secure the “sanctity of the ballot” has been grossly violated during the May 2010 national and local elections.ⁱⁱ

Notably, the entire nation used one and the same AES during the May 2010 elections. Unless the Comelec can show that the anomaly in Biliran Province was actually isolated and not replicated nationwide, the technical presumption is that the massive unauthorized pre-loading of scanned paper ballots in an entire province is possible of replication nationwide.

This article was written ex-gratia by

Demosthenes B. Donato for Tanggulang Demokrasya.

All intellectual property rights are granted to the public domain.

21 October 2012. Makati City, Philippines.

i http://en.wikipedia.org/wiki/Optical_scan_voting_system

ii 1987 Constitution, Article V, Suffrage, Section 2. The Congress shall provide a system for securing the secrecy and sanctity of the ballot as well as a system for absentee voting by qualified Filipinos abroad.

The Congress shall also design a procedure for the disabled and the illiterates to vote without the assistance of other persons. Until then, they shall be allowed to vote under existing laws and such rules as the Commission on Elections may promulgate to protect the secrecy of the ballot. (emphasis supplied)

Hacking the Automated Election System

Preliminary Statement

1. This paper is about the implications of the deliberate disablement by the COMELEC of the critical security feature of digital signatures in the Automated Election System (AES) used during the national and local elections of 10 May 2010.

2. For purposes of this paper, the various technical terms used in the AES may be defined as follows:

2.1. An Audit Log is the record of all the transactions processed by a particular Precinct Count Optical Scan computerized voting machine (referred to herein as PCOS), from the date of testing and sealing up to the close of the elections of 10 May 2010. The transactions here are entered in progression or otherwise recorded forward, with details of the date, time and description of the event.

2.2. A Print Log is the record of last 1000 transactions processed by the computer server of a Municipal Board of Canvassers. The transactions here are entered in regression or otherwise recorded backward, where the 1^st entry is the latest transaction, while the 1000^th entry is the earliest transaction.

2.3. An Internet Protocol address (referred to herein as IP) is a numerical label assigned to a particular clustered precinct PCOS or a particular Municipal server participating in the computer network of the AES that uses the Internet Protocol for communication. See http://en.wikipedia.org/wiki/IP_address. The IP address serves 2 principal functions: host identification and location addressing. http://en.wikipedia.org/wiki/IP_address.

2.4. A Tally Number is the tally of votes for a particular elective position in a particular CP manned by a particular BEI. The Tally Number is comprised of 14 digits which are divided in 2 equal parts, where the first 7 digits indicate the CP number, while the last 7 digits indicate the elective position. The elective positions are as follows: municipal sanggunian, vice-mayor, mayor, provincial sanggunian, vice-governor, governor, district representative, party-list representative, senator, vice-president and president.

Unauthorized Transmission and Receipt of

Electronic Returns from an Unknown Source

3. During election day on 10 May 2010, the BEI of clustered precinct CP 7805002 in Barangay Bacolod, Culaba Municipality, Biliran Province, closed the poll at 19:21:05 under Entry No. 392 of the Audit Log.

3.1. The PCOS machine then generated the EML Data results file at 19:38:36 under Entry No. 407. Notably, the BEI did not use their digital signatures to authenticate the results at 19:38:48 under Entry No. 408. This is apparently in implementation of Subsection 40(f), (g) and (h) of Comelec Resolution No. 8786 which ordered all the BEI nationwide not to use their digital signatures.ⁱ

3.2. Thereafter, the PCOS machine repeatedly attempted but also repeatedly failed to transmit the EML Data results file to the MBOC server of Culaba Municipality, the Comelec central server and the KBP citizens' arm server. The several unsuccessful transmissions were recorded under Entry Nos. 411, 412, 413, 414, 417, 418, 419, 420, 423, 424, 426, 430, 432, 433, 437, 438, 439 and 440. The failed transmissions were recorded as “0 successful transmissions for 3 servers” under Entry No. 442.

3.3. After printing 1 copy of the Audit Log tape at 20:36:48 under Entry No. 457, the BEI closed the PCOS machine at 20:39:01 of 10 May 2010.

3.4. Attached as Annexes “A-1” to “A-4” are photocopies of excerpts of the Audit Log for Clustered Precinct No. 7805002-0006A, PCOS ID No. 7805002, Barangay Bacolod, Culaba Municipality, Biliran Province.

4. However, notwithstanding the manifest record of failed PCOS transmissions for CP 7805002, the municipal computer server of Culaba Municipality apparently received a transmission sent via IP address 10.12.3.143 purportedly for CP 7805002. The transmission was received at 23:23:23 of 10 May 2010 under Entry No. 808 of the Print Log. Notably, the time of receipt by the municipal server was about 3 hours AFTER the PCOS machine for CP 7805002 was closed by the BEI.

4.1. Upon receipt of the transmission, the EML Data was successfully imported and successfully processed under Entry Nos. 807 to 795 (read backwards). Notably, the first 7 digits of the Tally Number was 7805002 indicating that it was for clustered precinct CP 7805002. This is the same clustered precinct where the BEI closed the PCOS machine without any successful transmission.

4.2. Strangely, the computer server of Culaba Municipality received a second transmission of the same EML Data sent via the same IP address at 23:48:08 of 10 May 2010. The second transmission was however recognized as identical to the first transmission under Entry Nos. 792 to 779 (read backwards).

4.3. Attached as Annexes “B-1” to “B-4” are photocopies of excerpts of the Print Log for the computer server of Culaba Municipality, Biliran Province.

5. Thus, the Audit Log taken in relation to the Print Log clearly show that there was unauthorized transmission and receipt of electronic returns for clustered precinct CP 7805002 from an “unknown source”, because the sole authorized PCOS machine had been closed without any successful transmission.

5.1. Considering that all electronic returns bear no digital signature, as ironically instructed by the Comelec En Banc itself under the cited Comelec Resolution No. 8786, the determination of the authenticity of the EML Data electronically transmitted is systematically hampered.

Unauthorized Double Transmission and Receipt of

the Same Electronic Returns using Different IP Addresses

6. On election day of 10 May 2010 through the next day 11 May 2011, electronic returns from seven (7) clustered precincts of the Municipalities of Culaba and Caibiran, were received twice by the respective municipal servers via transmissions through different IP addresses. The clustered precincts from Culaba Municipality are as follows: CP 7805006, CP 7805008, CP 7805011, CP 7805012, CP 7805017 and CP 7805018. The clustered precinct from Caibiran Municipality is CP 7804011.

6.1. The details of the double transmission and receipt of the same electronic returns using different IP addresses are as follows:

CLUSTERED PRECINCT, BARANGAY, MUNICIPALITY	FIRST TRANSMISSION/RECEIPT	SECOND TRANSMISSION/RECEIPT
CP 7805006 Barangay Bool West Culaba Municipality	MBOC Log No. 493 11 May 2010 01:55:36 IP Add: 10.15.2.121	MBOC Log No. 262 11 May 2010 03:41:51 IP Add: 10.15.3.43
CP 7805008 Barangay Poblacion Culaba Municipality	MBOC Log No. 479 11 May 2010 01:57:06 IP Add: 10.11.6.177	MBOC Log No. 324 11 May 2010 02:58:09 IP Add: 10.11.5.201
CP 7805011 Barangay Looc Culaba Municipality	MBOC Log No. 902 10 May 2010 22:31:33 IP Add:10.11.11.139	MBOC Log No. 778 10 May 2010 23:51:01 IP Add: 10.11.19.202
CP 7805012 Barangay Marvel Culaba Municipality	MBOC Log No. 465 11 May 2010 02:17:25 IP Add:10.11.2.192	MBOC Log No. 248 11 May 2010 03:46:23 IP Add: 10.11.0.117
CP 7805017 Barangay Virginia Culaba Municipality	MBOC Log No. 888 10 May 2010 23:00:03 IP Add: 10.11.19.47	MBOC Log No. 521 11 May 2010 1:21:23 IP Add: 10.11.0.232
CP 7805018 Barangay Virginia Culaba Municipality	MBOC Log No. 916 10 May 2010 21:03:28 IP Add: 10.12.41.14	MBOC Log No. 749 11 May 2010 00:20:25 IP Add: 10.11.13.140
CP 7804011 Barangay Cabibihan Culaba Municipality	MBOC Log No. 712 11 May 2010 05:13:34 IP Add: 10.11.0.180	MBOC Log No. 526 11 May 2010 06:23:18 IP Add: 10.11.1.60

6.2. Attached as Annexes “C-1” and “C-2” are Tables of Electronically Transmitted Results summarizing data for the time and dates of the 1^st transmission by the PCOS machines, the time and dates with IP addresses of the 1^st receipt by the municipal server, and the time and dates with different IP addresses of the 2^nd receipt by the municipal server.

6.3. Attached as Annexes “D-1” to “D-3”, “E-1” to “E-3”, “F-1” to “F-3”, “G-1” to “G-3”, “H-1” to “H-3”, “I-1” to “I-4”, are photocopies of excerpts of the Print Log for the computer server of Culaba Municipality, Biliran Province. Attached as Annexes “J-1” to “J-4” are photocopies of excerpts of the Print Log for the computer server of Caibiran Municipality, Province of Biliran.

7. Thus, the Audit Logs taken in relation to the Print Logs clearly show that there were unauthorized double transmissions and receipt of the same electronic returns for seven (7) clustered precincts: CP 7805006, CP 7805008, CP 7805011, CP 7805012, CP 7805017, CP 7805018, and CP 7804011, using different IP addresses between the first and second transmissions. Notably, the electronic voting results are intended for recording only once and not twice.

7.1. Considering again that all electronic returns bear no digital signature, as ironically instructed by the Comelec En Banc itself under the cited Comelec Resolution No. 8786, the determination of the authenticity of the EML Data electronically transmitted and received twice is again systematically hampered.

Unauthorized Double Use of One IP Address

for Two Different Electronic Returns

8. On 11 May 2010, electronic returns from two (2) different clustered precincts in the Municipality of Almeria, namely CP 7801001 and CP 7801002, were sequentially received by the municipal server via transmission through one and the same IP address 10.15.0.157.

8.1. The details of the double use of one (1) IP address for two (2) different electronic returns are as follows:

CLUSTERED PRECINCT, BARANGAY, MUNICIPALITY	FIRST TRANSMISSION/RECEIPT	SECOND TRANSMISSION/RECEIPT
CP 7801001 Barangay Poblacion Almeria Municipality	MBOC Log No. 261 11 May 2010 01:06:50 IP Add: 10.15.0.157	NA
CP 7801002 Barangay Poblacion Almeria Municipality	NA	MBOC Log No. 247 11 May 2010 01:23:53 IP Add: 10.15.0.157

8.2. Attached as Annex “K-1” is a Table of Electronically Transmitted Results summarizing data for the time and date of the respective transmissions by two (2) different PCOS machines, and the time and date of the sequential receipt of two (2) different transmissions but using only one (1) and the same IP address.

8.3. Attached as Annexes “L-1” to “L-4” are photocopies of excerpts of the Print Log for the computer server of Almeria Municipality, Biliran Province.

9. Thus, the Audit Logs taken in relation to the Print Logs clearly show that there was unauthorized double use of one (1) and the same IP address for two (2) different electronic returns pertaining to two (2) different clustered precincts CP 7801001 and CP 7801002. Notably, each clustered precinct is assigned a unique IP address under the AES to facilitate host identification and location addressing.

9.1. Considering again that all electronic returns bear no digital signature, as ironically instructed by the Comelec En Banc itself under the cited Comelec Resolution No. 8786, the determination of the authenticity of two (2) different EML Data electronically transmitted and received via one (1) and same IP address is again systematically hampered.

Concluding Statement

10. Under the premises, it is only reasonable to conclude that the deliberate disablement by the COMELEC of the critical security feature of digital signatures in the Automated Election System (AES) used during the national and local elections of 10 May 2010, systematically hampered the determination of the authenticity of any and all electronic election returns, thereby facilitating network intrusion or the hacking of the AES in manifest violation of Section 33 of the Electronic Commerce Lawⁱⁱ and the constitutional mandate to secure the “sanctity of the ballot”.ⁱⁱⁱ

This article was written ex-gratia by

Demosthenes B. Donato for Tanggulang Demokrasya.

All intellectual property rights are granted to the public domain.

21 December 2011. Makati City, Philippines.

i Comelec Resolution No. 8786 approved on 04 March 2010 provides in part as follows...

f) Thereafter, the PCOS shall automatically count the votes and immediately display a message "WOULD YOU LIKE TO DIGITALLY SIGN THE TRANSMISSION FILES WITH A BEI SIGNATURE KEY?", with a "YES" or "NO" option;

g) Press "NO" option. The PCOS will display "ARE YOU SURE YOU DO NOT WANT TO APPLY A DIGITAL SIGNATURE?" with a "YES" and "NO" option;

h) Press "YES" option. A message shall be displayed "PRINTING 8 COPIES OF NATIONAL RETURNS. PLEASE WAIT"...

The cited resolution was approved and signed by Comelec Chairman JOSE A.R. MELO, and Members RENE V. SARMIENTO, NICODEMO T. FERRER, LUCENITO N. TAGLE, ARMANDO C. VELASCO, ELIAS R. YUSOPH, and GREGORIO Y. LARRAZABAL.

Notably, the said resolution was issued in violation of the new Section 22 of Republic Act No. 8436, as amended by Republic Act No. 9369 on 23 January 2007, which expressly provides that election returns transmitted electronically be “digitally signed.”

ii Republic Act No. 8792, 14 June 2000.

iii 1987 Constitution, Article V, Suffrage, Section 2. The Congress shall provide a system for securing the secrecy and sanctity of the ballot as well as a system for absentee voting by qualified Filipinos abroad.

The Congress shall also design a procedure for the disabled and the illiterates to vote without the assistance of other persons. Until then, they shall be allowed to vote under existing laws and such rules as the Commission on Elections may promulgate to protect the secrecy of the ballot. (emphasis supplied)

Digital Signatures in the Automated Election System

“Digital signature” refers to a “person” not a machine

An “electronic signature” is a “distinctive mark, characteristic and/or sound” that “(represents) the identity of a person”, and is attached to an “electronic document.”ⁱ

A person is the subject of legal relations that may acquire rights or incur obligations.ⁱⁱ A person is either a natural or juridical person.ⁱⁱⁱ

An “electronic document” refers to information written in electronic form that establishes a right, extinguishes an obligation or proves a fact.^iv

A “digital signature” is a type of “electronic signature” that uses an asymmetric cryptosystem.^v An “asymmetric cryptosystem” is a system that generates a key pair, consisting of a private key to create a digital signature, and a public key to verify the digital signature.^vi

A “digitally signed” document refers to an “electronic document” that bears a “digital signature.”^vii

Notably, the statutory laws, implementing rules and regulations and judicial rules of evidence define a “digital signature” as the SIGNATURE OF A PERSON.^viii There is no law or rule whatsoever that defines a “digital signature” as the signature of a property.

Under the premises, it necessarily follows that the view expressed by Smartmatic International Corporation and adopted by the COMELEC that the “machine signature” of a precinct count optical scan (PCOS) machine may be the functional equivalent of the “digital signature”, is manifestly CONTRARY TO LAW.^ix As distinguished from a person, property such as a PCOS machine cannot be the subject of legal relations because it can neither acquire rights nor incur obligations.^x Property can only be the object of legal relations, that may be owned by a person.^xi

“Electronic election returns” must be “digitally signed”

Under the old election law that employed the manual counting of votes, the members of the board of election inspectors are enjoined to sign or affix their signatures to the election returns, under pain of criminal sanction if they fail to do so.^xii

Under the present election law that employs the automated counting of votes, the members of the board of election inspectors are similarly enjoined to sign or affix their signatures to the printed electronic election returns, likewise under pain of criminal sanction if they fail to do so.^xiii

Consistent with the provisions above, the present election law also mandates that the “election returns transmitted electronically” must be “digitally signed” in order to be “considered as official election results” and “used as the basis for the canvassing of votes and the proclamation of a candidate.”^xiv

By necessary implication, “election returns transmitted electronically” but NOT “digitally signed” CANNOT be “considered as official election results”, NOR “used as the basis for the canvassing of votes and the proclamation of a candidate.”^xv

The nullity of “electronic election returns” without “digital signatures” is apart from the criminal sanctions imposed on the members of the board of election inspectors who utilize without authorization or otherwise transmit electronically “election returns” that are not “digitally signed.”^xvi

Under the premises, it necessarily follows that Sec. 40(f), (g) and (h) of Comelec Resolution No. 8786 dated 04 March 2010, directing all the Boards of Election Inspectors nationwide NOT to sign the transmission of the electronic election returns with their respective BEI digital signature keys, is evidently CONTRARY TO LAW. The language of Sec. 22, Par. 6 of Rep. Act No. 8436, as amended by Rep. Act No. 9369 is clear and simple that admits of no exception or qualification whatsoever.

Constitutional implications of electronic election returns without “digital signatures”

Under these premises, where none of the “electronic election returns” nationwide bear any “digital signatures”, then it necessarily follows that the constitutional mandate to secure the “sanctity of the ballot” has been grossly violated during the May 2010 national and local elections.^xvii

This article was written ex-gratia by

Demosthenes B. Donato for Tanggulang Demokrasya.

All intellectual property rights are granted to the public domain.

27 November 2011. Makati City, Philippines.

i Electronic Commerce Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows:  (d) "Electronic signature" refers to any distinctive mark, characteristic and/or sound in electronic from, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. 

IRR of the Electronic Commerce Act, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (g) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document.

Rules on Electronic Evidence, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (j) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedure employed or adopted by a person and executed or adopted by such person with the intention of authenticating, signing or approving an electronic data message or electronic document. For purposes of these Rules, an electronic signature includes digital signatures.

ii Civil Code of the Philippines, Art. 37.  Juridical capacity, which is the fitness to be the subject of legal relations, is inherent in every natural person and is lost only through death. Capacity to act, which is the power to do acts with legal effect, is acquired and may be lost.

iii Supra Civil Code, Art. 37.  Juridical capacity, which is the fitness to be the subject of legal relations, is inherent in every natural person and is lost only through death. Capacity to act, which is the power to do acts with legal effect, is acquired and may be lost.

Art. 46. Juridical persons may acquire and possess property of all kinds, as well as incur obligations and bring civil or criminal actions, in conformity with the laws and regulations of their organization.

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (m) “Person” means any natural or juridical person including, but not limited to, an individual, corporation, partnership, joint venture, unincorporated association, trust or other juridical entity, or any governmental authority.

iv Supra Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows: (e) "Electronic document" refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be prove and affirmed, which is receive, recorded, transmitted, stored, processed, retrieved or produced electronically.

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (h) “Electronic document” refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be proved and affirmed, which is received, recorded, transmitted, stored, processed, retrieved or produced electronically.  Throughout these Rules, the term “electronic document” shall be equivalent to and be used interchangeably with “electronic data message.”

Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (h) “Electronic document” refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be proved and affirmed, which is received, recorded, transmitted, stored, processed, retrieved or produced electronically. It includes digitally signed documents and any print-out or output, readable by sight or other means, which accurately reflects the electronic data message or electronic document. For purposes of these Rules, the term “electronic document” may be used interchangeably with “electronic data message”.

v Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (e) “Digital Signature” refers to an electronic signature consisting of a transformation of an electronic document or an electronic data message using an asymmetric or public cryptosystem such that a person having the initial untransformed electronic document and the signer’s public key can accurately determine:

(i) whether the transformation was created using the private key that corresponds to the signer’s public key; and,

(ii) whether the initial electronic document had been altered after the transformation was made.

vi Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows:

(a) “Asymmetric or public cryptosystem” means a system capable of generating a secure key pair, consisting of a private key for creating a digital signature, and a public key for verifying the digital signature.

(c) "Certificate" means an electronic document issued to support a digital signature which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair.

(m) “Key Pair” in an asymmetric cryptosystem refers to the private key and its mathematically related public key such that the latter can verify the digital signature that the former creates.

(n) “Private Key” refers to the key of a key pair used to create a digital signature.

(o) “Public Key” refers to the key of a key pair used to verify a digital signature.

vii Id, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (f) “Digitally signed” refers to an electronic document or electronic data message bearing a digital signature verified by the public key listed in a certificate.

viii Supra Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows: (d) "Electronic signature" refers to any distinctive mark, characteristic and/or sound in electronic from, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. (emphasis supplied)

Supra Act, Section 8. Legal Recognition of Electronic Signatures.- An electronic signature on the electronic document shall be equivalent to the signature of a person on a written document if the signature is an electronic signature and proved by showing that a prescribed procedure, not alterable by the parties interested in the electronic document, existed under which-

(a) A method is used to identify the party sought to be bound and to indicate said party's access to the electronic document necessary for his consent or approval through the electronic signature;

(b) Said method is reliable and appropriate for the purpose for which the electronic document was generated or communicated, in the light of all circumstances, including any relevant agreement;

(c) It is necessary for the party sought to be bound, in or order to proceed further with the transaction to have executed or provided the electronic signature; and

(d) The other party is authorized and enable to verify the electronic signature and to make the decision to proceed with the transaction authenticated by the same. (emphasis supplied)

Supra Act, Section 9. Presumption Relating to Electronic Signatures-In any proceedings involving an electronic signature, it shall be presumed that,

(a) The electronic signature is the signature of the person to whom it correlates; and

(b) The electronic signature was affixed by that person with the intention of signing or approving the electronic document unless the person relying on the electronically designed electronic document knows or has noticed of defects in or unreliability of the signature or reliance on the electronic signature is not reasonable under the circumstances. (emphasis supplied)

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (g) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. (emphasis supplied)

Supra IRR, Section 13. Legal Recognition of Electronic Signatures.  An electronic signature relating to an electronic document or electronic data message shall be equivalent to the signature of a person on a written document if the signature:

(a) is an electronic signature as defined in Section 6(g) of these Rules; and

(b) is proved by showing that a prescribed procedure, not alterable by the parties interested in the electronic document or electronic data message, existed under which:

(i) A method is used to identify the party sought to be bound and to indicate said party’s access to the electronic document or electronic data message necessary for his consent or approval through the electronic signature;

(ii) Said method is reliable and appropriate for the purpose for which the electronic document or electronic data message was generated or communicated, in the light of all circumstances, including any relevant agreement;

(iii) It is necessary for the party sought to be bound, in order to proceed further with the transaction, to have executed or provided the electronic signature; and,

(iv) The other party is authorized and enabled to verify the electronic signature and to make the decision to proceed with the transaction authenticated by the same. (emphasis supplied)

The parties may agree to adopt supplementary or alternative procedures provided that the requirements of paragraph (b) are complied with.

For purposes of subparagraphs (i) and (ii) of paragraph (b), the factors referred to in Annex “2” may be taken into account.

Supra IRR, Section 14. Presumption Relating to Electronic Signatures. - In any proceeding involving an electronic signature, the proof of the electronic signature shall give rise to the rebuttable presumption that:

(a) The electronic signature is the signature of the person to whom it correlates; and  

(b) The electronic signature was affixed by that person with the intention of signing or approving the electronic data message or electronic document unless the person relying on the electronically signed electronic data message or electronic document knows or has notice of defects in or unreliability of the signature or reliance on the electronic signature is not reasonable under the circumstances. (emphasis supplied)

Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (j) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedure employed or adopted by a person and executed or adopted by such person with the intention of authenticating, signing or approving an electronic data message or electronic document. For purposes of these Rules, an electronic signature includes digital signatures. (emphasis supplied)

ix See Final Report of the Joint Forensic Team, 09 June 2010, which reads in part as follows:

“Absence of Machine Digital Signatures.

“Examination of the PCOS machines revealed that there was no evidence found to prove the existence of digital certificates in the PCOS machines, contrary to the claims of Smartmatic. The technicians of Smartmatic were not able to show to the forensic team the machine version of the digital signature, alleging that they do not have the necessary tool to show the same. More so, they were at a quandary as to how to extract the said machine signatures - to the dismay of the forensic team.

“If there are digital certificates then these were supposed to be revealed. The forensic team tried to extract the digital signatures but to no avail. Hence, the forensic team is of the opinion that there exists no digital signatures in the PCOS machine.”

x Supra Civil Code, Art. 414. All things which are or may be the object of appropriation are considered either:

(1) Immovable or real property; or

(2) Movable or personal property.

xi Id.

xii Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 212. Election returns. - The board of election inspectors shall prepare the election returns simultaneously with the counting of the votes in the polling place as prescribed in Section 210 hereof. The return shall be prepared in sextuplicate. The recording of votes shall be made as prescribed in said section. The entry of votes in words and figures for each candidate shall be closed with the signature and the clear imprint of the thumbmark of the right hand of all the members, likewise to be affixed in full view of the public, immediately after the last vote recorded or immediately after the name of the candidate who did not receive any vote.

The returns shall also show the date of the election, the polling place, the barangay and the city of municipality in which it was held, the total number of ballots found in the compartment for valid ballots, the total number of valid ballots withdrawn from the compartment for spoiled ballots because they were erroneously placed therein, the total number of excess ballots, the total number of marked or void ballots, and the total number of votes obtained by each candidate, writing out the said number in words and figures and, at the end thereof, the board of election inspectors shall certify that the contents are correct. The returns shall be accomplished in a single sheet of paper, but if this is not possible, additional sheets may be used which shall be prepared in the same manner as the first sheet and likewise certified by the board of election inspectors...

If the signatures and/or thumbmarks of the members of the board of election inspectors or some of them as required in this provision are missing in the election returns, the board of canvassers may summon the members of the board of election inspectors concerned to complete the returns.

Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 261. Prohibited Acts. - The following shall be guilty of an election offense: (bb) Common to all boards of election inspectors and boards of canvassers: (2) Any member of any board of election inspectors or board of canvassers who, without justifiable reason, refuses to sign and certify any election form required by this Code or prescribed by the Commission although he was present during the meeting of the said body.

Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 264. Penalties. - Any person found guilty of any election offense under this Code shall be punished with imprisonment of not less than one year but not more than six years and shall not be subject to probation. In addition, the guilty party shall be sentenced to suffer disqualification to hold public office and deprivation of the right of suffrage. If he is a foreigner, he shall be sentenced to deportation which shall be enforced after the prison term has been served. Any political party found guilty shall be sentenced to pay a fine of not less than ten thousand pesos, which shall be imposed upon such party after criminal action has been instituted in which their corresponding officials have been found guilty.

In case of prisoner or prisoners illegally released from any penitentiary or jail during the prohibited period as provided in Section 261, paragraph (n) of this Code, the director of prisons, provincial warden, keeper of the jail or prison, or persons who are required by law to keep said prisoner in their custody shall, if convicted by a competent court, be sentenced to suffer the penalty of prision mayor in its maximum period if the prisoner or prisoners so illegally released commit any act of intimidation, terrorism of interference in the election.

Any person found guilty of the offense of failure to register or failure to vote shall, upon conviction, be fined one hundred pesos. In addition, he shall suffer disqualification to run for public office in the next succeeding election following his conviction or be appointed to a public office for a period of one year following his conviction.

xiii Rep. Act No. 9369, Sec. 19. Section 18 of Republic Act No. 8436 is hereby amended to read as follows:

“SEC. 22. Electronic Returns. - Each copy of the of the printed election returns shall bear appropriate control marks to determine the time and place of printing. Each copy shall be signed and thumbmarked by all the members of the board of election inspectors and the watchers present. If any member of the board of election inspectors present refuses to sign, the chairman of the board shall note the same copy in each copy of the printed election returns. The member of the board of election inspectors concerned refusing to sign shall be compelled to explain his or her refusal to do so. Failure to explain an unjustifiable refusal to sign each copy of the printed election return by any member of the board of election inspectors shall be punishable as provided in this Act. The chairman of the boards shall then publicly read and announce the total numbers of registered voters, the total number of voters who actually voted and the total numbers of votes obtained by each candidate based on the election returns...”

Rep. Act No. 9369, Sec. 28. Section 29 of Republic Act No. 8436 is hereby amended to read as follows:

"SEC. 35. Prohibited Acts and Penalties. - The following shall be penalized as provided in this Act, whether or not said acts affect the electoral process or results:

"(a) Utilizing without authorization, tampering with, damaging, destroying or stealing:

"(1) Official ballots, election returns, and certificates of canvass of votes used in the system; and

"(2) Electronic devices or their components, peripherals or supplies used in the AES such as counting machine, memory pack/diskette, memory pack receiver and computer set;

"(b) Interfering with, impeding, absconding for purpose of gain, preventing the installation or use of computer counting devices and the processing, storage, generation and transmission of election results, data or information;

"(c) Gaining or causing access to using, altering, destroying or disclosing any computer data, program, system software, network, or any computer-related devices, facilities, hardware or equipment, whether classified or declassified;

"(d) Refusal of the citizens' arm to present for perusal its copy of election return to the board of canvassers;

"(e) Presentation by the citizens' arm of tampered or spurious election returns;

"(f) Refusal or failure to provide the dominant majority and dominant minority parties or the citizens'' arm their copy of election returns; and

"(g) The failure to post the voters' list within the specified time, duration and in the designated location shall constitute an election offense on the part the election officer concerned."

"Any person convicted for violation of this Act, except those convicted of the crime of electoral sabotage, shall be penalized with imprisonment of eight years and one day to twelve (12) years without possibility of parole, and perpetual disqualification to hold public office and deprivation of the right of suffrage. Moreover, the offender shall be perpetually disqualified to hold any non-elective public office."

xiv Rep. Act No. 9369, Sec. 19. Section 18 of Republic Act No. 8436 is hereby amended to read as follows:

“SEC. 22. Electronic Returns... "The election returns transmitted electronically and digitally signed shall be considered as official election results and shall be used as the basis for the canvassing of votes and the proclamation of a candidate." (emphasis supplied)

xv Id.

xvi Rep. Act No. 9369, Sec. 28. Section 29 of Republic Act No. 8436 is hereby amended to read as follows:

"SEC. 35. Prohibited Acts and Penalties. - The following shall be penalized as provided in this Act, whether or not said acts affect the electoral process or results:

"(a) Utilizing without authorization, tampering with, damaging, destroying or stealing:

"(1) Official ballots, election returns, and certificates of canvass of votes used in the system; and

"(2) Electronic devices or their components, peripherals or supplies used in the AES such as counting machine, memory pack/diskette, memory pack receiver and computer set;

"(b) Interfering with, impeding, absconding for purpose of gain, preventing the installation or use of computer counting devices and the processing, storage, generation and transmission of election results, data or information;

"(c) Gaining or causing access to using, altering, destroying or disclosing any computer data, program, system software, network, or any computer-related devices, facilities, hardware or equipment, whether classified or declassified;

"(d) Refusal of the citizens' arm to present for perusal its copy of election return to the board of canvassers;

"(e) Presentation by the citizens' arm of tampered or spurious election returns;

"(f) Refusal or failure to provide the dominant majority and dominant minority parties or the citizens'' arm their copy of election returns; and

"(g) The failure to post the voters' list within the specified time, duration and in the designated location shall constitute an election offense on the part the election officer concerned."

"Any person convicted for violation of this Act, except those convicted of the crime of electoral sabotage, shall be penalized with imprisonment of eight years and one day to twelve (12) years without possibility of parole, and perpetual disqualification to hold public office and deprivation of the right of suffrage. Moreover, the offender shall be perpetually disqualified to hold any non-elective public office."

xvii 1987 Constitution, Article V, Suffrage, Section 2. The Congress shall provide a system for securing the secrecy and sanctity of the ballot as well as a system for absentee voting by qualified Filipinos abroad.

The Congress shall also design a procedure for the disabled and the illiterates to vote without the assistance of other persons. Until then, they shall be allowed to vote under existing laws and such rules as the Commission on Elections may promulgate to protect the secrecy of the ballot. (emphasis supplied)