Are EVM's really tamper-proof ?

The recently concluded general elections in India threw up some really astonishing results.Defying all exit polls, pre-election surveys and expert opinions, the Congress-led UPA roared back to power in style with Congress crossing the 200-seat mark for the first time since the Rajiv-era.The same experts who were made to eat crow over the unprecedented results now attributed them to Congress pioneered initiatives such as the National Rural Employment Guarantee Act(NREGA), the multi-thousand crore farm-loan waiver, National Rural Health Mission(NRHM) and last but not the least to the so-called charisma of Rahul Gandhi (sic!) and his youth brigade. Until recently,
nobody thought of questioning the EVMs.Quite surprising for a country where political parties are forever ready to go for each other's jugular over every petty issue!

The reservations expressed by opposition parties may actually not be a case of sour grapes after all.The fears have a very rational basis for a number of reasons.

In an article in "The Hindu" dated 17 June 2009, former Union Law Minister Subramanyam Swamy reveals that there have been a number of instances in European countries where EVMs have been shown to be vulnerable and prone to tampering- to the extent that a number of these countries have abolished the e-voting system and have returned to the old-fashioned paper ballot one.He quotes the examples of Germany, Ireland,Netherlands and even the Californian state of USA where these machines have either been banned or put on hold pending a full investigation.The Dutch Nedap machines used in Netherlands and Germany were hacked live on national television by experts following which they were banned.That reminds me of the US presidential elections where George Bush Junior beat Al-Gore to come to power after a sensational drama where after declaring Al-Gore as winner,authorities retracted their statement and after a recount in Ohio if my memory serves me right, Bush was declared winner.It was alleged at that time that the machines had been tampered with to overturn the verdict.There was even a documentary titled "Hacking Democracy" made over the issue.(Available on DC in case a Bitsian is reading this post)

In India, EVMs are manufactured by Bharat Electronics Limited(BEL) which claims on its website that its machines are entirely tamper-proof.It makes comparisons with Computerised voting systems to emphasise that its machines are a lot better.It claims that its use of customised and proprietary hardware and software scores over commercial,general purpose hardware and OS used by other systems. It also tom-toms the fact that its software is burnt into ICs and therefore cannot be accessed, retrieved or altered, while other systems have their software written in C or C++ which renders them open to manipulation.A forceful argument,I must say,but who said that it's not possible to make a particular lot differently to suit a specific purpose?Just modify the code before it's fused into ICs and bingo!its done.Since once burnt,the software cannot be retrieved,no need to fear being getting caught!For the record, BEL is a public sector company with the government holding nearly 75% of its equity.The possibilities are enormous particularly in light of the fact that Bizta,the company which made the EVMs used for Venezuelan general elections where Hugo Chavez roared back to power with a record majority,had the government holding a 28% stake in the company-something that came to light after the elections were over.
Moreover,these softwares reside in Flash memory and are hence changeable.Lastly it says that its voting data resides on EEPROMs which need no external back-up battery for retention as opposed to other systems where voting data resides in RAM with battery back-up on mother boards and are vulnerable to corruption if battery fails.However in a newspaper item that appeared in Times of India this Sunday,it was claimed that a 1965 batch IAS officer Omaish Saigal made a presentation before the top brass of the Election Commission in which he demonstrated how by entering a specific code the machine could be programmed such that every fifth vote would go to the candidate of a particular party.In a country where election results are drastically altered by a swing of a few percentage of votes(there was merely a 9% difference in the no. of votes polled by Congress and BJP in these elections),the implications are obvious.Although the story was promptly denied by EC functionaries the following day, the denial doesn't come as a surprise.Anything short of a categorical denial would have brought about a wave of litigations and sparked national outrage.This story coupled with the controversial appointment of Navin Chawla as Chief Election Commissioner before elections in face of strong opposition by other parties and a damning report by outgoing CEC Gopalswamy questioning the impartiality of Chawla, leads one to suspect that the smoke is not without fire.Though nothing may ever be proved or disproved in the end, the episode leaves some lingering questions.

How can we ensure free and fair elections in India in the true sense of the words? Is it advisable to return to the paper ballot system of yester years and thereby bring back the days of booth-capturing and mass bogus voting in favour of a particular party? If not, then how to go about it if even technology is helpless in face of those hell-bent on subverting democracy?

The problem lies not with technology but the way one implements it.The fact that the OS used in EVMs is proprietary in nature might leave them open to vulnerabilities others may be able to exploit without anyone else getting wise to it.The best approach would therefore be to leave the code and machine architecture open to public scrutiny.This would ensure that vulnerabilities are patched up and no scope is left for tampering.However since any such move is bound to be protested by companies which manufacture these machines over fears that it would erode their market competitiveness, as a compromise we can have a select group of experts look at the code and suggest modifications. There have also been suggestions that we could use two EVMs manufactured by different companies simultaneously to check foul play.While such a system reduces probability of tampering it doesn't eliminate it.

For those who would like to dismiss any suggestion of foul play in Indian elections as merely another conspiracy theory, let me quote from the article of Mr.Swamy:

"Why are the EVMs so vulnerable? Each step in the life cycle of a voting machine — from the time it is developed and installed to when the votes are recorded and the data transferred to a central repository for tallying — involves different people gaining access to the machines, often installing new software. It wouldn’t be hard for, say, an election official to paint a parallel programme under another password on one or many voting machines that would, before voters arrived at the poll stations, ensure a pre-determined outcome.

The Election Commission of India has known of these dangers since 2000. Dr M. S. Gill, the then CEC, had arranged at my initiative for Professor Sanjay Sarma, the father of RFID software fame at the Massachusetts Institute of Technology (MIT), and his wife Dr Gitanjali Swamy of Harvard, to demonstrate how unsafeguarded the chips in EVMs were. Some changes in procedure were made subsequently by the EC. But the fundamental flaws, which made them compliant to hacking, remained."

If steps are not taken soon,elections may very well lose credibility and faith in democracy lost.Nobody has the right to reduce the world's biggest democratic exercise to a farce.As it is,barring a few,politicians in India are hardly trusted by anyone.A charge of fraud involving EVMs,if ever proved,could very well be the final nail in the coffin- both for politicians as well as the whole democratic set-up.