Digital Signatures in the Automated Election System

“Digital signature” refers to a “person” not a machine

An “electronic signature” is a “distinctive mark, characteristic and/or sound” that “(represents) the identity of a person”, and is attached to an “electronic document.”ⁱ

A person is the subject of legal relations that may acquire rights or incur obligations.ⁱⁱ A person is either a natural or juridical person.ⁱⁱⁱ

An “electronic document” refers to information written in electronic form that establishes a right, extinguishes an obligation or proves a fact.^iv

A “digital signature” is a type of “electronic signature” that uses an asymmetric cryptosystem.^v An “asymmetric cryptosystem” is a system that generates a key pair, consisting of a private key to create a digital signature, and a public key to verify the digital signature.^vi

A “digitally signed” document refers to an “electronic document” that bears a “digital signature.”^vii

Notably, the statutory laws, implementing rules and regulations and judicial rules of evidence define a “digital signature” as the SIGNATURE OF A PERSON.^viii There is no law or rule whatsoever that defines a “digital signature” as the signature of a property.

Under the premises, it necessarily follows that the view expressed by Smartmatic International Corporation and adopted by the COMELEC that the “machine signature” of a precinct count optical scan (PCOS) machine may be the functional equivalent of the “digital signature”, is manifestly CONTRARY TO LAW.^ix As distinguished from a person, property such as a PCOS machine cannot be the subject of legal relations because it can neither acquire rights nor incur obligations.^x Property can only be the object of legal relations, that may be owned by a person.^xi

“Electronic election returns” must be “digitally signed”

Under the old election law that employed the manual counting of votes, the members of the board of election inspectors are enjoined to sign or affix their signatures to the election returns, under pain of criminal sanction if they fail to do so.^xii

Under the present election law that employs the automated counting of votes, the members of the board of election inspectors are similarly enjoined to sign or affix their signatures to the printed electronic election returns, likewise under pain of criminal sanction if they fail to do so.^xiii

Consistent with the provisions above, the present election law also mandates that the “election returns transmitted electronically” must be “digitally signed” in order to be “considered as official election results” and “used as the basis for the canvassing of votes and the proclamation of a candidate.”^xiv

By necessary implication, “election returns transmitted electronically” but NOT “digitally signed” CANNOT be “considered as official election results”, NOR “used as the basis for the canvassing of votes and the proclamation of a candidate.”^xv

The nullity of “electronic election returns” without “digital signatures” is apart from the criminal sanctions imposed on the members of the board of election inspectors who utilize without authorization or otherwise transmit electronically “election returns” that are not “digitally signed.”^xvi

Under the premises, it necessarily follows that Sec. 40(f), (g) and (h) of Comelec Resolution No. 8786 dated 04 March 2010, directing all the Boards of Election Inspectors nationwide NOT to sign the transmission of the electronic election returns with their respective BEI digital signature keys, is evidently CONTRARY TO LAW. The language of Sec. 22, Par. 6 of Rep. Act No. 8436, as amended by Rep. Act No. 9369 is clear and simple that admits of no exception or qualification whatsoever.

Constitutional implications of electronic election returns without “digital signatures”

Under these premises, where none of the “electronic election returns” nationwide bear any “digital signatures”, then it necessarily follows that the constitutional mandate to secure the “sanctity of the ballot” has been grossly violated during the May 2010 national and local elections.^xvii

This article was written ex-gratia by

Demosthenes B. Donato for Tanggulang Demokrasya.

All intellectual property rights are granted to the public domain.

27 November 2011. Makati City, Philippines.

i Electronic Commerce Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows:  (d) "Electronic signature" refers to any distinctive mark, characteristic and/or sound in electronic from, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. 

IRR of the Electronic Commerce Act, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (g) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document.

Rules on Electronic Evidence, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (j) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedure employed or adopted by a person and executed or adopted by such person with the intention of authenticating, signing or approving an electronic data message or electronic document. For purposes of these Rules, an electronic signature includes digital signatures.

ii Civil Code of the Philippines, Art. 37.  Juridical capacity, which is the fitness to be the subject of legal relations, is inherent in every natural person and is lost only through death. Capacity to act, which is the power to do acts with legal effect, is acquired and may be lost.

iii Supra Civil Code, Art. 37.  Juridical capacity, which is the fitness to be the subject of legal relations, is inherent in every natural person and is lost only through death. Capacity to act, which is the power to do acts with legal effect, is acquired and may be lost.

Art. 46. Juridical persons may acquire and possess property of all kinds, as well as incur obligations and bring civil or criminal actions, in conformity with the laws and regulations of their organization.

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (m) “Person” means any natural or juridical person including, but not limited to, an individual, corporation, partnership, joint venture, unincorporated association, trust or other juridical entity, or any governmental authority.

iv Supra Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows: (e) "Electronic document" refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be prove and affirmed, which is receive, recorded, transmitted, stored, processed, retrieved or produced electronically.

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (h) “Electronic document” refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be proved and affirmed, which is received, recorded, transmitted, stored, processed, retrieved or produced electronically.  Throughout these Rules, the term “electronic document” shall be equivalent to and be used interchangeably with “electronic data message.”

Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (h) “Electronic document” refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be proved and affirmed, which is received, recorded, transmitted, stored, processed, retrieved or produced electronically. It includes digitally signed documents and any print-out or output, readable by sight or other means, which accurately reflects the electronic data message or electronic document. For purposes of these Rules, the term “electronic document” may be used interchangeably with “electronic data message”.

v Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (e) “Digital Signature” refers to an electronic signature consisting of a transformation of an electronic document or an electronic data message using an asymmetric or public cryptosystem such that a person having the initial untransformed electronic document and the signer’s public key can accurately determine:

(i) whether the transformation was created using the private key that corresponds to the signer’s public key; and,

(ii) whether the initial electronic document had been altered after the transformation was made.

vi Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows:

(a) “Asymmetric or public cryptosystem” means a system capable of generating a secure key pair, consisting of a private key for creating a digital signature, and a public key for verifying the digital signature.

(c) "Certificate" means an electronic document issued to support a digital signature which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair.

(m) “Key Pair” in an asymmetric cryptosystem refers to the private key and its mathematically related public key such that the latter can verify the digital signature that the former creates.

(n) “Private Key” refers to the key of a key pair used to create a digital signature.

(o) “Public Key” refers to the key of a key pair used to verify a digital signature.

vii Id, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (f) “Digitally signed” refers to an electronic document or electronic data message bearing a digital signature verified by the public key listed in a certificate.

viii Supra Act, Section 5. Definition of Terms- For the purposes of this Act, the following terms are defined, as follows: (d) "Electronic signature" refers to any distinctive mark, characteristic and/or sound in electronic from, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. (emphasis supplied)

Supra Act, Section 8. Legal Recognition of Electronic Signatures.- An electronic signature on the electronic document shall be equivalent to the signature of a person on a written document if the signature is an electronic signature and proved by showing that a prescribed procedure, not alterable by the parties interested in the electronic document, existed under which-

(a) A method is used to identify the party sought to be bound and to indicate said party's access to the electronic document necessary for his consent or approval through the electronic signature;

(b) Said method is reliable and appropriate for the purpose for which the electronic document was generated or communicated, in the light of all circumstances, including any relevant agreement;

(c) It is necessary for the party sought to be bound, in or order to proceed further with the transaction to have executed or provided the electronic signature; and

(d) The other party is authorized and enable to verify the electronic signature and to make the decision to proceed with the transaction authenticated by the same. (emphasis supplied)

Supra Act, Section 9. Presumption Relating to Electronic Signatures-In any proceedings involving an electronic signature, it shall be presumed that,

(a) The electronic signature is the signature of the person to whom it correlates; and

(b) The electronic signature was affixed by that person with the intention of signing or approving the electronic document unless the person relying on the electronically designed electronic document knows or has noticed of defects in or unreliability of the signature or reliance on the electronic signature is not reasonable under the circumstances. (emphasis supplied)

Supra IRR, Section 6. Definition of Terms. -  For the purposes of the Act and these Rules, the following terms are defined, as follows: (g) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document. (emphasis supplied)

Supra IRR, Section 13. Legal Recognition of Electronic Signatures.  An electronic signature relating to an electronic document or electronic data message shall be equivalent to the signature of a person on a written document if the signature:

(a) is an electronic signature as defined in Section 6(g) of these Rules; and

(b) is proved by showing that a prescribed procedure, not alterable by the parties interested in the electronic document or electronic data message, existed under which:

(i) A method is used to identify the party sought to be bound and to indicate said party’s access to the electronic document or electronic data message necessary for his consent or approval through the electronic signature;

(ii) Said method is reliable and appropriate for the purpose for which the electronic document or electronic data message was generated or communicated, in the light of all circumstances, including any relevant agreement;

(iii) It is necessary for the party sought to be bound, in order to proceed further with the transaction, to have executed or provided the electronic signature; and,

(iv) The other party is authorized and enabled to verify the electronic signature and to make the decision to proceed with the transaction authenticated by the same. (emphasis supplied)

The parties may agree to adopt supplementary or alternative procedures provided that the requirements of paragraph (b) are complied with.

For purposes of subparagraphs (i) and (ii) of paragraph (b), the factors referred to in Annex “2” may be taken into account.

Supra IRR, Section 14. Presumption Relating to Electronic Signatures. - In any proceeding involving an electronic signature, the proof of the electronic signature shall give rise to the rebuttable presumption that:

(a) The electronic signature is the signature of the person to whom it correlates; and  

(b) The electronic signature was affixed by that person with the intention of signing or approving the electronic data message or electronic document unless the person relying on the electronically signed electronic data message or electronic document knows or has notice of defects in or unreliability of the signature or reliance on the electronic signature is not reasonable under the circumstances. (emphasis supplied)

Supra Rules, Rule 2, Section 1. Definition of Terms. – For purposes of these Rules, the following terms are defined, as follows: (j) “Electronic signature” refers to any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to or logically associated with the electronic data message or electronic document or any methodology or procedure employed or adopted by a person and executed or adopted by such person with the intention of authenticating, signing or approving an electronic data message or electronic document. For purposes of these Rules, an electronic signature includes digital signatures. (emphasis supplied)

ix See Final Report of the Joint Forensic Team, 09 June 2010, which reads in part as follows:

“Absence of Machine Digital Signatures.

“Examination of the PCOS machines revealed that there was no evidence found to prove the existence of digital certificates in the PCOS machines, contrary to the claims of Smartmatic. The technicians of Smartmatic were not able to show to the forensic team the machine version of the digital signature, alleging that they do not have the necessary tool to show the same. More so, they were at a quandary as to how to extract the said machine signatures - to the dismay of the forensic team.

“If there are digital certificates then these were supposed to be revealed. The forensic team tried to extract the digital signatures but to no avail. Hence, the forensic team is of the opinion that there exists no digital signatures in the PCOS machine.”

x Supra Civil Code, Art. 414. All things which are or may be the object of appropriation are considered either:

(1) Immovable or real property; or

(2) Movable or personal property.

xi Id.

xii Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 212. Election returns. - The board of election inspectors shall prepare the election returns simultaneously with the counting of the votes in the polling place as prescribed in Section 210 hereof. The return shall be prepared in sextuplicate. The recording of votes shall be made as prescribed in said section. The entry of votes in words and figures for each candidate shall be closed with the signature and the clear imprint of the thumbmark of the right hand of all the members, likewise to be affixed in full view of the public, immediately after the last vote recorded or immediately after the name of the candidate who did not receive any vote.

The returns shall also show the date of the election, the polling place, the barangay and the city of municipality in which it was held, the total number of ballots found in the compartment for valid ballots, the total number of valid ballots withdrawn from the compartment for spoiled ballots because they were erroneously placed therein, the total number of excess ballots, the total number of marked or void ballots, and the total number of votes obtained by each candidate, writing out the said number in words and figures and, at the end thereof, the board of election inspectors shall certify that the contents are correct. The returns shall be accomplished in a single sheet of paper, but if this is not possible, additional sheets may be used which shall be prepared in the same manner as the first sheet and likewise certified by the board of election inspectors...

If the signatures and/or thumbmarks of the members of the board of election inspectors or some of them as required in this provision are missing in the election returns, the board of canvassers may summon the members of the board of election inspectors concerned to complete the returns.

Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 261. Prohibited Acts. - The following shall be guilty of an election offense: (bb) Common to all boards of election inspectors and boards of canvassers: (2) Any member of any board of election inspectors or board of canvassers who, without justifiable reason, refuses to sign and certify any election form required by this Code or prescribed by the Commission although he was present during the meeting of the said body.

Omnibus Election Code of the Philippines (Batas Pambansa Blg. 881), Section 264. Penalties. - Any person found guilty of any election offense under this Code shall be punished with imprisonment of not less than one year but not more than six years and shall not be subject to probation. In addition, the guilty party shall be sentenced to suffer disqualification to hold public office and deprivation of the right of suffrage. If he is a foreigner, he shall be sentenced to deportation which shall be enforced after the prison term has been served. Any political party found guilty shall be sentenced to pay a fine of not less than ten thousand pesos, which shall be imposed upon such party after criminal action has been instituted in which their corresponding officials have been found guilty.

In case of prisoner or prisoners illegally released from any penitentiary or jail during the prohibited period as provided in Section 261, paragraph (n) of this Code, the director of prisons, provincial warden, keeper of the jail or prison, or persons who are required by law to keep said prisoner in their custody shall, if convicted by a competent court, be sentenced to suffer the penalty of prision mayor in its maximum period if the prisoner or prisoners so illegally released commit any act of intimidation, terrorism of interference in the election.

Any person found guilty of the offense of failure to register or failure to vote shall, upon conviction, be fined one hundred pesos. In addition, he shall suffer disqualification to run for public office in the next succeeding election following his conviction or be appointed to a public office for a period of one year following his conviction.

xiii Rep. Act No. 9369, Sec. 19. Section 18 of Republic Act No. 8436 is hereby amended to read as follows:

“SEC. 22. Electronic Returns. - Each copy of the of the printed election returns shall bear appropriate control marks to determine the time and place of printing. Each copy shall be signed and thumbmarked by all the members of the board of election inspectors and the watchers present. If any member of the board of election inspectors present refuses to sign, the chairman of the board shall note the same copy in each copy of the printed election returns. The member of the board of election inspectors concerned refusing to sign shall be compelled to explain his or her refusal to do so. Failure to explain an unjustifiable refusal to sign each copy of the printed election return by any member of the board of election inspectors shall be punishable as provided in this Act. The chairman of the boards shall then publicly read and announce the total numbers of registered voters, the total number of voters who actually voted and the total numbers of votes obtained by each candidate based on the election returns...”

Rep. Act No. 9369, Sec. 28. Section 29 of Republic Act No. 8436 is hereby amended to read as follows:

"SEC. 35. Prohibited Acts and Penalties. - The following shall be penalized as provided in this Act, whether or not said acts affect the electoral process or results:

"(a) Utilizing without authorization, tampering with, damaging, destroying or stealing:

"(1) Official ballots, election returns, and certificates of canvass of votes used in the system; and

"(2) Electronic devices or their components, peripherals or supplies used in the AES such as counting machine, memory pack/diskette, memory pack receiver and computer set;

"(b) Interfering with, impeding, absconding for purpose of gain, preventing the installation or use of computer counting devices and the processing, storage, generation and transmission of election results, data or information;

"(c) Gaining or causing access to using, altering, destroying or disclosing any computer data, program, system software, network, or any computer-related devices, facilities, hardware or equipment, whether classified or declassified;

"(d) Refusal of the citizens' arm to present for perusal its copy of election return to the board of canvassers;

"(e) Presentation by the citizens' arm of tampered or spurious election returns;

"(f) Refusal or failure to provide the dominant majority and dominant minority parties or the citizens'' arm their copy of election returns; and

"(g) The failure to post the voters' list within the specified time, duration and in the designated location shall constitute an election offense on the part the election officer concerned."

"Any person convicted for violation of this Act, except those convicted of the crime of electoral sabotage, shall be penalized with imprisonment of eight years and one day to twelve (12) years without possibility of parole, and perpetual disqualification to hold public office and deprivation of the right of suffrage. Moreover, the offender shall be perpetually disqualified to hold any non-elective public office."

xiv Rep. Act No. 9369, Sec. 19. Section 18 of Republic Act No. 8436 is hereby amended to read as follows:

“SEC. 22. Electronic Returns... "The election returns transmitted electronically and digitally signed shall be considered as official election results and shall be used as the basis for the canvassing of votes and the proclamation of a candidate." (emphasis supplied)

xv Id.

xvi Rep. Act No. 9369, Sec. 28. Section 29 of Republic Act No. 8436 is hereby amended to read as follows:

"SEC. 35. Prohibited Acts and Penalties. - The following shall be penalized as provided in this Act, whether or not said acts affect the electoral process or results:

"(a) Utilizing without authorization, tampering with, damaging, destroying or stealing:

"(1) Official ballots, election returns, and certificates of canvass of votes used in the system; and

"(2) Electronic devices or their components, peripherals or supplies used in the AES such as counting machine, memory pack/diskette, memory pack receiver and computer set;

"(b) Interfering with, impeding, absconding for purpose of gain, preventing the installation or use of computer counting devices and the processing, storage, generation and transmission of election results, data or information;

"(c) Gaining or causing access to using, altering, destroying or disclosing any computer data, program, system software, network, or any computer-related devices, facilities, hardware or equipment, whether classified or declassified;

"(d) Refusal of the citizens' arm to present for perusal its copy of election return to the board of canvassers;

"(e) Presentation by the citizens' arm of tampered or spurious election returns;

"(f) Refusal or failure to provide the dominant majority and dominant minority parties or the citizens'' arm their copy of election returns; and

"(g) The failure to post the voters' list within the specified time, duration and in the designated location shall constitute an election offense on the part the election officer concerned."

"Any person convicted for violation of this Act, except those convicted of the crime of electoral sabotage, shall be penalized with imprisonment of eight years and one day to twelve (12) years without possibility of parole, and perpetual disqualification to hold public office and deprivation of the right of suffrage. Moreover, the offender shall be perpetually disqualified to hold any non-elective public office."

xvii 1987 Constitution, Article V, Suffrage, Section 2. The Congress shall provide a system for securing the secrecy and sanctity of the ballot as well as a system for absentee voting by qualified Filipinos abroad.

The Congress shall also design a procedure for the disabled and the illiterates to vote without the assistance of other persons. Until then, they shall be allowed to vote under existing laws and such rules as the Commission on Elections may promulgate to protect the secrecy of the ballot. (emphasis supplied)