The spectacular bluff of two ‘silos’ of electoral bonds data that the State Bank of India (SBI) tried to pull off was foiled by a five-judge constitutional bench of the Supreme Court. The two silos were actually two tables in a data base. Had SBI used the term ‘data tables’ instead of ‘silos’, any computer literate person could have pointed out that their matching is a trivial exercise of writing one join query in a database or “vlookup” command in an Excel worksheet. This would require no more than three minutes whereas SBI and the Bharatiya Janta Party (BJP) wanted three months.>
Now the government along with the Election Commission (EC) wants to pull off another bizarre bluff before a two-judge bench of the Supreme Court. Multiple petitions tagged with the lead petition of Association for Democratic Reforms (ADR) filed a year ago, were finally heard on April 16 and 18 this year where the EC and the government were respondents. This case could have been settled in two hours had EC used the correct terminology. But it didn’t; so everyone is confused and the bench has reserved its order. >
EVMs, according to the EC, comprise of three devices – ballot unit (BU), control unit (CU) and the voter verifiable paper audit trail (VVPAT) – and is a standalone system. Either the EC is terribly innocent or this is plain subterfuge because both facts are wrong.>
In each election cycle, six devices are involved for the “EVM System” (a term EC avoids using) to perform. The three additional devices are:
1. Central Server of the EC: from which candidate data such as contestant’s name, ID and symbol image can be accessed and downloaded via Internet;
2. Laptop of District Election Officer/Returning Officer: which is used to download the candidate file and copy the same into the symbol loading unit (SLU). SLU is also the “red herring” name of a pen drive, like ‘silo’ was the fancy name for data tables.
3. SLU: It is issued to field engineers to commission the EVM in each booth by inserting the SLU into the VVPAT>
This being the case, malware (software written by a hacker) can enter the system: via the central server or via the Internet into the laptop, and via the laptop into the SLU, and finally via the SLU into the VVPAT’s programmable memory. This infiltration of malware can occur with or without the knowledge of DEO/RO or field engineers deployed in the over 1.2 million booths to commission the EVM during the 15 days prior to poll commencement.>
>EC representatives in the court lied on another fact as well. They said that VVPAT only has OTP (one-time-programmable) memory, therefore, no malware can enter VVPAT. However, the EC’s FAQ pages dated February 7, 2024, say otherwise – look at Q53, Q104 and Q105 which are all relevant. It will become clear from reading the EC’s FAQs that the EVM System is not a stand-alone system and furthermore, VVPAT has both OTP and programmable memory. >
Curiously, EC does not possess the source code; it says Bharat Electronics Limited (BEL) and Electronics Corporation of India Limited (ECIL) have proprietary rights over it. The EVM software is simple and the ECI can easily get it developed with its own proprietary rights for a sum that cannot exceed a couple million rupees. The Supreme Court itself is pushing for open-source software. >
The 2019 Lok Sabha elections are estimated to have cost $8.6 billion and the 2024 elections are projected to cost $14 billion . Surely, the hacker of EVM System is not likely to be a run-of-the-mill type. It is a mystery why the Supreme Court or the government does not question the EC on its lack of control over such a strategic component that can entangle trillions of rupees and the national security. The EVM System reliability is not an issue between the government and a political party, it is an issue of citizens’ democratic rights. If the Supreme Court does not grant the following reliefs the petitioners have asked for, Indian democracy could be upended.
1. The voter should be able to pick up the VVPAT printed slip for verification and physically insert it into the ballot box; else the voter should be able to see the vote slip printed is correct and it is actually cut and dispensed into the ballot box. It is not sufficient for the voter to just see the vote slip (because it could be the previous voter’s slip which has not been cut and dispensed due to a hack). This means the light bulb should remain on for longer than seven seconds, as is presently the case.>
2. The election results should be based on a manual count of 100% slips. In case of discrepancy between the manual count and the CU count, recounts may be ordered (at booth level EVMs). Ultimately, the manual count would prevail and not the CU Count (which is ECI’s existing rule).
This process will foil the hack of VVPAT printing a vote slip for one party and the vote in the CU being written of another party. former Chief Election Commissioner of India S.Y. Quraishi has explained the manual counting can be completed quickly – it is not comparable to old paper ballots which were the size of a newspaper. >
Anil Srivastava is an Ahmedabad based IT professional.