Kenya: Smartmatic Says Allowing Odinga Full Server Access Violation of Intellectual Property Rights

1 September 2022
Capital FM (Nairobi)
By Irene Mwangi

Nairobi — The technology firm that was used in the August 9 general election has maintained non compliance in the release of forensic images of NTC Server(s) saying the images contain software owned and copyrighted by Smartmatic and hence IP protected.

In a letter to Independent Electoral and Boundaries Commission (IEBC) Chief Executive Officer (CEO) Marjan Hussein, the company claims that allowing full access would violate its intellectual property rights.

This comes after lawyers for Raila Odinga's counsel, Azimio La Umoja One Kenya flag bearer, claimed that the poll body had refused to comply with Supreme Court orders providing limited access to the servers.

"Providing third parties access to our source code, and security features including transmission certificates and encryption keys, would render the system insecure -as it is today- for any future use in Kenya or anywhere else in the world," the letter reads.

Justices of the court had ordered a scrutiny of the election servers to ascertain claims on system manipulation.

However the firm pointed out that the release of forensic images would risk exposing their system to hacking and tampering which would potentially make their system insecure in the conduct of elections.

"In addition to violating our IP rights, this would also jeopardize elections in other countries that are using or have used our systems," Smartmatic says.

Smartmatic has however stated that its willing to make available all collected data and logs linked to the Results Transmission System.

The technology firm advised IEBC to the information saying it will be sufficient to enable a through audit into the Results Transmission System.

"Also, all physical tally reports were available online in real-time since election night. All political parties and certified NGO election observers had access to those tallies and were able to audit the results independently. Even citizens all over the world had full access to these tally reports and were able to add the results." the letter reads in part.

Senior Counsel Philip Murgor who is one of the lawyers representing Odinga told the court that out of the 8 servers, the commission had put a block on server 5 and that they had discovered that some logs from the servers were deleted.

"With the limited access provided yesterday to server number 5 our team were able to observe a large number of deletions. We suspect and are concerned that the delay on part of IEBC is to delete vital data," he had stated.

"Finally when times ran out not to provide the information we require or provide logs that are not useful to anybody."

The IEBC has also been ordered to provide them with copies of its technology system security policy comprising but not limited to password policy, password matrix and owners of system administration password(s).

They will also be given information on the system users and levels of access, workflow chats for identification, tallying, transmission and posting of portals.

IEBC will also provide its technology system security policy comprising any application programming interface (API) that had been integrated and the list of human interface and controls for such intervention. However, the provision is subject to any security related issues.

While appearing before the Supreme Court Judges hearing the presidential petition, Murgor said IEBC technology was not secure, confidential and authentic.

"My hypothesis from where I stand is, clearly a result for the 1st respondent was being arrived at way before the tally was in. Each time, work was being done to try and fit A and B into that result and through the confusion at the very end, the result is forced on Kenyans through a defective form 34C," he said.

While seeking to convince the Martha Koome led judges to nullify the presidential election, Murgor pointed out that there is evidence of downloading and uploading of Forms 34As at the IEBC portal by known and unknown individuals.

"Several of them were super administrators. The super administrator is the power to even create and join servers to the system, join, delete and alter documents. Super administrator, in this case, is J.C.A Margo who occasionally uses different names was able to do all that," said Murgor.

"I honorably suggest that it shows that this election was controlled from everywhere except IEBC."

Murgor also poked holes on the three Venezuelans who were arrested upon landing in Nairobi two weeks before the General Election who he claimed were able to access the Independent Electoral and Boundaries Commission (IEBC) servers and compromise the results.

Read the original article on Capital FM.

Tagged:
Copyright © 2022 Capital FM. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 400 reports a day from more than 100 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.