[kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Barrack Otieno
otieno.barrack at gmail.com
Tue Jan 3 17:06:36 EAT 2017
Technology as a hindrance to voter rights? Interesting conversation going
on.
Regards
On Jan 3, 2017 1:55 PM, "Watila Alex via kictanet" <
kictanet at lists.kictanet.or.ke> wrote:
iebc electronic technology regulations http://www.iebc.
or.ke/index.php/2015-01-15-11-10-24/research-publications/
item/iebc-ict-regulations-on-use-of-technology-in-elections
Sent from Yahoo Mail on Android
<https://overview.mail.yahoo.com/mobile/?.src=Android>
On Tue, 3 Jan, 2017 at 10:38, Watila Alex
<awatila at yahoo.co.uk> wrote:
SK Macharia: Where there’s no mobile telephones,you can use satellite
phones and they are cheaper #ElectionLawsDebate https://t.co/V26IDADqCv
https://twitter.com/citizentvkenya/status/816184858124943360
Sent from Yahoo Mail on Android
<https://overview.mail.yahoo.com/mobile/?.src=Android>
On Mon, 2 Jan, 2017 at 9:47, Emmanuel Chebukati via kictanet
<kictanet at lists.kictanet.or.ke> wrote:
Listers,
Here is my ideal vision of how the election process should run which may
also serve as a summary to this discussion:
Step
Event
Description
1
*Voter Registration*
*Technology*
Biometric data is collected. These systems are off-grid hence no network
connectivity is required.
2
*Register Clean Up and Distribution*
*Technology*
After registration, all data should be collated by IEBC to check for
redundancies and irregularities. Voters with problematic details should be
contacted.
Before the election, the complete voter register should be split
per-polling station and each chunk copied onto a device. For now, let us
call and picture this device as an “external hard disk”.
The “hard disk” shall contain the biometric data required to identify a
voter at only one polling station – where they registered. After copying,
the data on the disk should be hashed and compared with the hash on IEBC
servers for integrity purposes. This will be useful on election day.
3
*Verify Voters on Election Day*
*Technology*
Before election day, these “hard disks” should be securely distributed to
their respective locations.
Before the start of voting, the data on the disk should again be hashed and
compared with the hash on IEBC servers. If the hashes are the same, the
register is clean and voter verification can begin. If the hashes differ,
they should try a backup disk. If the hashes still differ, that polling
station will be on hold as they await a fresh voter register to be
transmitted from IEBC HQ.
4
*Cast Vote*
*Manual*
Voters pick ballot papers for the different posts and cast their secret
ballot for each.
5
*Count Votes*
*Manual*
The key here is that the total number of votes cast should not exceed the
number of voters that the biometric devices verified.
6
*Transmission of Results*
*Technology*
After all parties and agents agree on the results, they should be manually
entered onto the “hard disk” for transmission. Again, once entered, this
data should be hashed.
If the polling station has network connectivity, the results should
immediately be sent together with the hash. IEBC then verify the hash with
the data received and if they match, they approve the results.
If the polling station lacks network connectivity, the “hard disk” should
be physically and securely transported to the nearest point with network
connectivity for transmission from there. After all, the constitution
speaks of polling station > constituency > county-level. Agents should be
involved until they see “Successfully transmitted” on the screen confirming
receipt of results by IEBC.
With proper testing (load testing, penetration testing, etc) staff training
and sufficient voter education, the above should work seamlessly to deliver
a free, fair and credible election. The most effective way to test is by
carrying out at least two mock elections/simulations with dummy data to
prepare all parties for any eventuality and equip them with the knowledge
of how to react.
I wish you all a prosperous new year.
Regards,
Emmanuel Chebukati
On Fri, Dec 30, 2016 at 11:30 AM, Odhiambo Washington via kictanet <
kictanet at lists.kictanet.or.ke> wrote:
> Dear Listers,
>
> I am at that position where I feel very lost. In fact, I feel like I am
> quite detached from the reality.
>
> All along, I have keenly considered this matter that seems to have divided
> the country down the middle: *Manual Backup* during the 2017 voting
> process. From the Jubilee/govt side this is a do or die and so it must be
> there. This govt side seems hell-bent on confusing the masses, as well as
> the experts like the ICT Community. From the Opposition side, the agenda
> seems to be very clear - that of ensuring integrity of the Voters Register
> and stopping 'ghost voters' from ever casting their votes.
>
> That brings us to the famous acronyms - BVI (Biometric Voter Register) /
> BVI (Biometric Voter Identification).
> Having been to a Voter Registration Centre (later to become a Polling
> Station) to register as a voter, I did look at the equipment in use for the
> registration process. I saw the laptop which was fitted with a camera and
> fingerprints scanner. All these require power to run. I did not dwell on
> how they were powered, but probably there was a battery backup somewhere
> (besides the electricity) given that they needed to run for a whole day for
> several days during the voter registration process. When it comes to the
> Elections, they only need to run for about 11 hours. My point here is that
> of *Backup Power* should it be that there's electricity blackout and the
> built-in batteries can't last the whole day. That backup is very important.
>
> However, I did not see any piece of equipment which could suggest that the
> equipment in use required any form of connectivity back to some central
> server in order to function! Which now brings me to the currently national
> debate - Manual Backup during the Poll Day. What is it? Was the CS honest
> with his presentation before the Senate/Amos Wako committee yesterday? Does
> the CS himself really believe in the content of his presentation? I am
> asking that because I watched him and I don't believe him. I actually think
> he mislead the committee, and hence the nation at large.
>
> Someone please prove me wrong. I am at that point where I believe that the
> BVR/BVI does NOT require any form of connectivity and so this Manual Backup
> being touted by the ruling coalition side, strongly supported by the ICT
> CS is a big lie. WHY?
>
> My very first answer: Simply put, *when there was no requirement for a
> manual backup during voter registration, it goes without saying that there
> is NO NEED for on the polling day.*
>
>
> 1. For the issue that is in contention - BVR (used for BVI during polling)
> - this is a database that can be (and should be) statically stored on the
> equipment for each polling station. We are not supposed to rely on the
> Mobile Network to access this voters database. And every polling station
> can have two/three laptops/Biometrics scanner/Backup batteries to ensure
> that the voter identification doesn't fail.
> Some excuse has been fronted about some voters being mechanics, such that
> their fingerprints wouldn't be recognized by the BVI systems hence need for
> manual identification. My take on that is that every voter must carry their
> voter's card on that day. The clerks can check that card number against the
> electronic system - enter it, and it will bring the person's picture, ID
> number, etc and let him cast his ballot.
>
> 2. For electronics results transmission (ERT), this is not even necessary
> in the first place. We can have the results collated/announced at the
> tallying centres after being certified - forms 36A, and such. However, if
> the ERT must be done, the data footprint is so tiny that a 2G network can
> be used. Besides, it can be an SMS based system, which doesn't require 3G
> or VSAT. The results data isn't that large - it can't be in Megabytes to be
> sincere. Well, VSAT can be used if they MUST, but this is after the voting
> process itself is complete, has nothing to do with BVI.
>
> The ERT and the BVR/BVI are two distinct systems. That is what I want to
> believe. The ERT gets feedback from a manual process - of voters casting
> their vote, clerks/agents counting, verifying, and certifying, filling
> requisite forms then communicating the same via some customized phones
> which are programmed to communicate to a backend system. Am I right on
> that??
>
> Now the big question here is, where do we need this much touted manual
> backup where network connectivity is being used as the major reason???
>
> (a) Citing terrorism and the possibility of Al Shabaab knocking off base
> stations seems like well thought out lie meant to cover our eyes! If they
> attacked an area, I doubt there will be voting in the 1st place.
> And even so, the network connectivity is not required for BVI so
> there is no disenfranchising anyone if there is no manual backup (whatever
> that is).
>
> (b) Citing hacking is neither here nor there for a BVR/BVI system because
> it's not being accessed live during the voting. It's a static database,
> unique to the polling station, resident on the laptop used by the clerks.
> The only hacking that can be done then can only be by an "insider". Quoting
> Victor Kapiyo from Social Media, "*I guess it's a question of trust.
> Trust in systems and in trustworthy people to do the right thing. For
> M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still
> out*."
>
> The main issue is not allowing the dead voters to rise again to vote in
> the presidential vote, then disappear. So the important component here is
> the BVR/BVI, the credibility of the register and hence the vote.
>
> At what point does the BVI system require this connectivity they are
> talking about, which then necessitates the so called "manual backup"?
>
> Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in
> supporting the lie from the CS??
>
> There is insincerity in this whole debate about 'manual backup' and the
> ICT community seems to either support it or is simply lost in the pool of
> confusion being peddled by politicians.
>
>
>
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft."
>
> ______________________________ _________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/ mailman/listinfo/kictanet
> <https://lists.kictanet.or.ke/mailman/listinfo/kictanet>
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/
> mailman/options/kictanet/ echebukati%40gmail.com
> <https://lists.kictanet.or.ke/mailman/options/kictanet/echebukati%40gmail.com>
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/
mailman/options/kictanet/otieno.barrack%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and
regulation. The network aims to act as a catalyst for reform in the ICT
sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors
online that you follow in real life: respect people's times and bandwidth,
share knowledge, don't flame or abuse or personalize, respect privacy, do
not spam, do not market your wares or qualifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170103/62af8160/attachment.htm>
More information about the KICTANet
mailing list