A loser's proposition: Questions about the credibility of EVMs continue

The Election Commission has maintained that an EVM is a standalone machine without connectivity, and therefore, cannot be installed with a virus

Questions about the credibility of electronic voting machines (EVMs) with voter verifiable paper audit trails (VVPATs) continue. After a series of allegations by the Aam Aadmi Party (AAP) and Congress about the tampering of EVMs during the Gujarat and Himachal Pradesh elections, the Samajwadi Party and others have questioned the working of the machines and their capacity to ensure free and fair elections.

The by-polls last week saw a litany of complaints against EVMs. A day after the elections, on May 29 the Election Commission (EC) ordered re-poll in 73 polling stations in Kairana, 49 polling stations in Maharashtra's Bhandara-Gondia and one polling station in Nagaland. This was the biggest admission that possibly something was wrong.

A potted history of EVMs

The EC first tried EVMs in 1982 in the Paravoor assembly constituency in Ernakulam district of Kerala. Communist Party of India (CPI) candidate Sivan Pillai won the election. The Congress challenged the use of EVMs and Pillai’s victory and prevailed, and this set in motion a practice that has since become de rigueur for any political party at the losing end of an election.

EVMs have come a long way after that with the EC producing tamper-proof machines through hi-tech machinery and trained engineers. However, several questions have been raised by party leaders on EVMs in multiple assembly elections in the past years.

As early as 2009, BJP L K Advani had raised doubts about the security features of EVMs. Subramanian Swamy stepped up the offensive and filed a petition in the Delhi High Court, challenging the use of EVMs in its current form. The court, while stating that EVMs are not tamper-proof, did not issue any direction to the EC.

Later Swamy moved the Supreme Court, which, in October 2013, ruled that the EC would use VVPATs attached to EVMs in a steady and gradual manner and eventually be in full functioning form for the 2019 Lok Sabha Elections.

Subsequently, the EC appointed a committee to look into the possibility of linking EVMs to a paper trail machine to show voters a slip with the party symbol for which they have voted. The VVPAT was first used in 2013 in Nagaland's Noksen Assembly constituency.

The allegations did not end there; rather, they became louder with the assembly elections in five states in 2017. Bahujan Samaj Party (BSP) supremo Mayawati alleged EVMs were manipulated — no matter which button was pressed, the vote went to the BJP.

The vulnerability of the machines

The AAP approached the Election Commission on alleged EVM tampering in Punjab. It went to great lengths to prove the “hackability” of EVMs. One of its MLAs, Saurabh Bhardwaj, hacked a dummy EVM in the Delhi Assembly to prove his party's point that voting machines could favour a candidate. However, the EVM used by Bhardwaj was not the same as used by the EC in polling and, thus, the demonstration turned out to be futile. The party demanded that slips generated by the VVPAT machine be matched with election results.

Charges of manipulation 

Another bizarre suggestion made by Congress leader Arjun Modhvadia, in the wake of polling in the Gujarat elections, was that some telecom towers could manipulate EVMs via wireless services. He said he could see a Bluetooth device called ‘ECO 105’ listed in the connections available on his mobile phone, which, he suggested, meant that the EVM was being hacked.

However, he failed to establish that the Bluetooth device with that particular name was an EVM. 

As the EC clarified at a press conference, an EVM is a standalone machine without connectivity, and therefore, cannot be installed with a virus. This is crucial. Only connected systems, wired or wireless, can be manipulated.

Another prominent AAP figure, Ankit Lal, came up with a tweet thread to attack the authenticity of EVMs and offered ways to hack these machines by manipulating the microchip.

Lal started his thread by claiming that the “microprocessor” used in EVMs could be overwritten and that the microchip “programmatically or physically disabled”. When asked about the EC’s claim that the chip is read-only memory (ROM) with OTP (one-time programmable chip), he said the company manufacturing chips had said its products could be hacked. A similar report was posted by a Jantaka reporter. The central proposition was that the chip manufacturer could override the EVM code (supplied by Bharat Electronics Ltd) by inserting a code that is favourable to a particular party.

The allegation of rigging at the manufacturer stage fails through a test that highlights that all EVMs have candidates on the machine arranged by two orders: Prioritising by national/state and other parties/independents; and 2) arranging by the name of candidates in alphabetical order.

According to the EC, the data on votes is stored against the candidate’s name and not his or her party, with the EC simply tabulating it later party-wise. Therefore, it is impossible to know the order in which the candidates are chosen by a particular party beforehand at the time of manufacturing a chip. Moreover, EVMs are randomly allocated to states and constituencies.

However, the AAP leader is adamant that though the party is not against the use of EVMs and VVPATs, it wants a more secure and tamper-proof white boxing method of conducting elections.

The current round of complaints showcased the failure of EVMs to register keys or simply not respond to voting. Voters complained that the VVPAT was not printing the vote properly. These are cases of EVM malfunctioning: Which is to be expected when more than 20,000-odd machines are used.