The Election Commission of India (EC) has set up an inquiry into the serious concerns raised by former IAS officer Kannan Gopinathan on how EVM-VVPAT (Voter Verifiable Paper Trail) machines are vulnerable to manipulations.
Gopinathan was also an election officer in 2019 Lok Sabha elections. On 2 October, he wrote a 9-page letter to the EC pointing our major technical glitches in the EVM-VVPAT combination. The matter is now being examined by a 4-member Technical Experts Committee (TEC) of the EC.
“The Technical Experts Committee on EVMs comprising of Prof DT Shahani, Prof Rajat Moona, Prof Dinesh Sharma, and Prof A K Aggarwala invariably examines any technical issues raised by any stakeholder and the same is being done in this instant case also,” Sheyphali Saran, Spokesperson of Election Commission of India, told The Quint.
On EC’s probe into the concerns raised, Gopinathan told The Quint:
“I am happy that the TEC is looking into the matter. However, considering that there could be more such concerns with respect to VVPAT, it might be better if a transparent, inclusive enquiry with involvement of all stakeholders like political parties is done instead of limiting it to a technical exercise. Also if the design schematics is made public for the scrutiny of public in general, it will add to the claim of non-tamperability of the device. Any and all findings of the TEC till date may also be shared in public domain.”Kannan Gopinathan, former IAS officer
The Quint was the first to report on the vulnerabilities of EVM-VVPAT on 19 October, some of which were also raised by Gopinathan in his 9-page letter.
Here are 4 major concerns raised by Gopinathan in his letter to the EC.
Concern #1
EVM-VVPAT Aware of Which Button Stands for Which Party
Prior to the introduction of VVPAT, the EVM, which comprises of two units – Ballot and Control Units, “were not electronically aware as to which candidate or party is in which position in the candidate sequence,” says Gopinathan in his letter to EC.
Gopinathan further explains that a program can be installed into VVPAT which can learn the candidate sequence in each constituency by accessing VVPAT memories and doing a pattern match to identify candidates and the symbols and “then use this information to alter the input to the Control Unit” of EVM which is counted on the result day.
Concern #2
Purpose of VVPAT Defeated
The VVPAT was introduced with the purpose of assuring voters that his/her electronic vote has been correctly recorded in the EVM. Gopinathan points out that the manner in which it is connected defeats its purpose – “this is because of the design configuration wherein VVPAT comes in between the Control Unit and Ballot Unit”. Which means that the vote is first recorded in the VVPAT and then in the Control unit of the EVM.
The letter also says “such a configuration” where VVPAT is controlling votes, “has introduced an added vulnerability of manipulation of actual voting by the VVPAT, irrespective of what is pressed in the Ballot Unit”.
Although, the VVPAT controls the vote from the Ballot Unit and not the Control Unit, yet on the result day around only 1 % of VVPAT votes are counted.
“It is a possibility that VVPAT could potentially print whatever is being pressed in the Ballot Unit for satisfaction of the voter while sending some other input, casting vote to some other candidate in the Control Unit.” says Kannan Gopinathan in his letter.
Concern #3
VVPAT, Mastermind of the Electoral Process, An Easy Prey for Hackers
The Quint in its earlier report has pointed out that engineers of EVM-VVPAT manufacturing by Public Sector Undertakings (PSU) like BEL and ECIL access VVPAT machines to upload party symbols and candidate names on VVPAT through an external device like laptop/Jig, just two weeks before the polling day.
The process of uploading is done after the candidate sequence on the Ballot Unit is finalised and the same is synced with the VVPAT.
We have also reported that private and short-term contractual engineers are engaged by the manufacturing companies to handle EVM-VVPAT, which makes the whole election process porous.
“All a serious hacker needs to do is to hack that laptop or the jig without the knowledge of any officials… hack can happen either when there is a physical access to the laptop to the hacker or when such laptops are connected to a network. It can even be done through the symbol loading software which is used to download symbols on to the VVPATs.”Kannan Gopinathan in his letter to EC
One of the biggest defence of EC had been the randomisation process of EVM-VVPAT – as nobody would know which EVM-VVPAT machine will go to which constituency.
“The process of randomisation is rendered completely ineffective here as symbol loading happens after constituency is assigned,” said Gopinathan.
Concern #4
Mock Polls Rendered Ineffective
A mock poll of 50 votes are conducted in the presence of election officers and political party agents on voting day at all polling stations, as per the election process mandate. The mock poll is carried out to satisfy party agents that the EVM-VVPAT are recording votes correctly.
Prior to this letter, Gopinathan had tweeted his concerns on EVM-VVPAT, to which the EC said that he never raised these concerns as an IAS officer and an election officer but was suddenly tweeting about it after resigning from his post.
Addressing EC’s statement in the letter, Gopinathan said, “the issue was raised during the Returning Officer training conducted by ECI at IIIDEM before the 2019 Lok Sabha elections and the response was not encouraging,”
Gopinathan emphasis that the current process does not enable “the Returning Officers to claim with 100% confidence that not even one EVM in his constituency was tampered with.” He further adds, “what if an external force or a country inimical to us uses these loop-holes to smartly influence the election process? Wouldn’t this have serious national security implications for the country?”
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)