19 February 2013

Kenya: IEBC Must Fix the Results Transmission System Fast


Last Sunday night, Citizen TV's 'Kibaki Succession' segment on its 9pm 'Sunday Live' programme featured not the usual discussion by David Makali and Peter Opondo of the week's events, but instead host Julie Gichuru interviewing the chairman of the Independent Electoral and Boundaries Commission (IEBC), Issack Hassan.

Ms Gichuru talked a lot but failed to ask the fundamentally most important question, "Is all your equipment and are all your electronic systems up and running, fully operational, fully prepared and fully protected?"

Hassan was lucky she did not ask this - because it happened that an IEBC demonstration of the equipment and system a couple of days earlier had gone horribly wrong.

Last week, the IEBC called IT-savvy representatives of political parties to a meeting on Friday at the Sunshine Holiday Inn in Westlands, Nairobi, where the use and efficacy of the equipment to be employed for the election counting and reporting was to be demonstrated. A representative of the US National Democratic Institute (NDI) was also present.

Party participants had a whole range of questions on which they wanted reassurance from the IEBC, especially concerning potential failures carried forward from the past.

To demonstrate how the new system would obviate all this, some of the participants at the meeting were divided into five groups of three, each group a mock 'polling station'. They were given mobile phones such as those to be used on March 4. The phones are loaded with the software and menus for completing the tasks at hand.

The remainder of the group sat watching the screen, waiting for the 'results' to come in.

That's when the problems started. The five 'polling stations' were initially all unable even to log in.

After a few of the five did eventually manage it, the next problem arose. They were logged in but there was no connectivity with the 'tallying centre'. The 'polling station' callers could not be authenticated.

Finally, after struggling for ONE HOUR, only ONE of these five 'polling stations' managed to transmit its results.

Now, much as we want to trust that the IEBC is going to do a good job, we have to ask - if four out of five 'polling stations' have problems in a demonstration meant to show the efficient use of this technology, what on earth is going to happen when 33,000 polling stations all try to log in and transmit results at the same time?

We hope the IEBC is trying to fix these problems but, on the basis of the evidence so far, and considering the sheer volume of the data to be transmitted, it certainly appears that there could be a massive system failure.

This is an issue that needs to be taken very seriously indeed - particularly in view of the persistent rumours of intended rigging.

There are a number of crucial security issues that need to be addressed.

1.Who has access to the database and what are the dangers of its being compromised?

2. What systems are in place for data encryption to prevent hacking and corruption of data during transmission?

3. Who is dealing with maintenance of the equipment, and could this involve additional, possibly unauthorised, log-in capability and access?

4. What would happen in the case of server failure - what storage technology, such as RAID (Redundant Array Independent Disk), is being employed to ensure storage of data in different places, and who has access to this?

5. Is there even a simple back-up system, in case of data loss?

6. Hackers can rearrange or delete data from a database, and insert factors that affect the outcome of results. What is being done to prevent computer programmers and IT experts from doing this?

A participant was told not to present these questions at the meeting, but we need answers to all these questions from the IEBC.

When the American Express headquarters was destroyed during the 9/11 attack on the World Trade Centre in New York in 2001, Amex data was safe. The organisation had engaged in good practice. Despite the catastrophic event, it suffered no loss of data. Its worldwide database was safely stored in other locations.

What can the IEBC tell us about its own measures for the security and functionality of its systems? What can it actually demonstrate to us about its readiness to conduct these elections?

On Friday, those present at the meeting were asked to raise their hands if they were confident of the IEBC's preparedness. No hand was raised.

Copyright © 2013 The Star. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 2,000 reports a day from more than 130 news organizations and over 200 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.