MANILA, Philippines – The camp of vice presidential candidate Sen. Ferdinand “Bongbong” Marcos Jr. yesterday filed charges of violation of the Cybercrime Law against Smartmatic and Commission on Elections (Comelec) personnel for illegally changing the script of the transparency server of the poll body on the night of the elections.
In a 15-page complaint filed with the Manila Prosecutor’s Office, Abakada Rep. Jonathan de la Cruz, campaign adviser of Marcos, charged Smartmatic officer Marlon Garcia, the Venezuelan head of the technical support team; Elie Moreno, the Israeli project director; Neil Banigued and Mauricio Herrera, members of the technical support team; and Comelec IT experts Rouie Peñalba, Nelson Herrera and Frances Mae Gonzalez, who are all assigned at the Information Technology Department (ITD), for violation of Section 4(a) of the Cybercrime Prevention Act of 2012 or Republic Act 10175.
Accompanied by lawyer Jose Amor Amorado, head of the BBM Quick Count Center, De la Cruz said the group violated Section 4 (a) by intentionally altering computer data without the right to do so. They also allegedly altered and interfered with the functioning of a computer and computer network by inputting, deleting and altering computer data and program, without right or authority.
De la Cruz pointed out that the respondents were tasked to ensure the credibility of the elections by manning the transparency server at the Pope Pius XII Catholic Center in Manila. No other personnel are allowed in the transparency server except the Comelec, through the ITD.
Despite such rules, according to De la Cruz, respondents entered the transparency server and changed the script without authorization on the night of the elections when the transmission was in full swing. He said the server could not have been opened without the consent of the Comelec IT personnel because only they had the other password to open it.
“They were all present when the script was changed by Smartmatic personnel and that despite the Comelec IT’s declaration that they did not authorize Smartmatic to change the script, that is a matter of defense because they had the other password. How then was Smartmatic able to open the server without getting the Comelec password? Their presence there constitutes implicit consent to the change,” Amorado said in an interview after filing the case.
De la Cruz said by such act, respondents committed a security breach in the automated election system (AES), particularly in the script of the transparency server, “thereby compromising the integrity and credibility of the 2016 elections, in addition likewise the confidentiality, integrity and availability of computer data and systems.”
The act is punishable by imprisonment of at least six years to 12 years.
De la Cruz added that they discovered the unauthorized intrusion exactly 24 hours later in the evening of May 10, when representatives of the United Nationalist Alliance (UNA) and Nationalist People’s Coalition (NPC) reported that the hash codes had been changed.
They then went to the transparency server and after a short investigation, Mauricio Herrera told them that they had changed the script because of a character in the name of the candidate.
“After a short investigation, Mauricio Herrera, the Smartmatic engineer, reported that he has identified the issue with the inner hash. He explained at around 7:30 p.m. on May 9, 2016 (that) Smartmatic announced they would release an update on the results file script to fix a reported issue involving the ‘Ñ’ character being replaced by the ‘?’ character,” De la Cruz said.
The party-list representative pointed out that the unauthorized change was confirmed by Peñalba and Moreno in their several official pronouncements.
De la Cruz also pointed out that several Comelec commissioners allegedly confirmed that the change was illicit and unauthorized.
“Indeed, the act of ‘tweaking’ the script of the transparency server caused widespread anxiety and concern… The lapses in protocol have undermined the credibility and integrity of the 2016 elections including the confidentiality, integrity and availability afforded to computer data and systems,” he said.
He added that the defense of cosmetic change would not save the respondents because of the nature and description of the offense. He said it is enough that the change was made without authority.
“From the above premises, respondents have committed a breach in the AES that violated the confidentiality, integrity and availability of the computer data and systems thereof,” he said.
Another criminal complaint for violation of RA 8436 as amended by RA 9369, or the Automated Election Law, was earlier filed by De la Cruz before the Comelec against Garcia, Moreno, Banigued and Peñalba for their unauthorized script charge in the transparency server.
Leni: Marcos’ speech showed weakness
The camp of leading vice presidential candidate Camarines Sur Rep. Leni Robredo said the privilege speech of Marcos had only exposed the weakness of his demand for system audit of the automated election system.
According to Robredo’s legal counsel Romulo Macalintal, Marcos had admitted having no evidence of massive cheating in the transparency server when he was interpellated by Sen. Bam Aquino.
“He is not sure whether the cosmetic change in the transparency server affected only the VP, that’s why he wanted the system audit. This alone shows the fishing-expedition type of his method to prove his claimed irregularity in the VP race,” he said.
Macalintal noted the issue is not for Congress, sitting as National Board of Canvassers, to decide or look into since its function is “merely ministerial (and) focused on the certificates of canvass received from the provincial board of canvassers.”
On Marcos’ congratulating incoming president Rodrigo Duterte, he claimed the COCs for president and vice president were generated from “the same ballots, election returns and same Comelec officials who prepared and electronically transmitted the documents.”
He added it “is legally impossible to separate the proclamation of the winning president and vice president on the basis of Marcos’ speculations that there were errors to be discovered from the system audit of AES.”
“The effect or application of their results cannot be made separate... More so with Marcos’ admission that he is not sure if the hash code change affected only the VP or all candidates. In a word, all Marcos was saying are within the realm of an election protest, which he could only institute upon Ms. Robredo’s proclamation,” Macalintal explained.
Guanzon: Third party needed
For Comelec Commissioner Rowena Guanzon, it is better to have an “independent third party” to audit the automated elections system used in the May 9 polls.
In an ambush interview, Guanzon said they did not have a decision yet on the petition of Marcos to do a system audit to check the accuracy of the AES.
“Personally, I favor a third party audit to help assess the effectiveness and efficiency of the AES that we use now... an independent third party, not by any party,” she clarified.
Marcos has sought a system audit as he questioned the results of the partial unofficial quick count of the vice presidential votes. The count showed Robredo overtaking him by more than 200,000 votes.
He claimed that through the audit, they would be able to know the true effects of the alteration of the hash code of the transparency server that was used in making the quick count.
According to Guanzon, Comelec Law Department director Norina Tangaro-Casingal is now leading an investigation on the hash code change initiated by Smartmatic. They were given 15 days to come up with guidelines on the probe.
Guanzon added the third party should be an Information Technology (IT) expert who is not affiliated with any political party or candidate.
“Preferably identified with the Department of Science and Technology, for example... I don’t know the extent because this is very technical. The DOST can ask the extent of that audit,” she said.
The investigation is intended to find out how the alteration will affect the Comelec’s contract with Smartmatic.
Guanzon added the probe is also meant to determine the “possible administrative liabilities” of the Comelec’s IT personnel who keyed in the poll body’s password, enabling Smartmatic to do the alteration. – With Sheila Crisostomo, Jose Rodel Clapano