VVPAT has actually made election rigging possible, says IAS Kannan Gopinathan
‘Since VVPAT has a processor and a programmable memory, it can be hacked. Any malware downloaded on to it can cause the entire system to misbehave and can vitiate the whole process’
Taking strong exception to the Election Commission’s (EC) stated position that the introduction of VVPAT (voter verifiable paper audit trail) machines has made elections more transparent, former bureaucrat Kannan Gopinathan on Tuesday said that the VVPAT has actually made rigging easier.
Gopinathan, who recently quit the prestigious Indian Administrative Service (IAS) over the Modi government’s handling of the Kashmir issue, has argued how VVPAT has disconnected the Ballot Unit (on which a voter casts his/her vote) of the electronic voting machine from the Control Unit (in which votes are stored in electronic form).
A VVPAT prints a slip showing the symbol and candidate’s name for which a voter has voted. This slip is visible to the voter for 7 seconds before it falls down into a box where it is stored for counting if need be.
As the District Magistrate, Gopinathan has had a first hand experience of handling the EVMs and VVPAT and is well aware of how the machines function.
“So, by introducing VVPATs, we have created so much vulnerability to an otherwise fool-proof process, while not adding adequate checks, either in the process or during the counting. I feel there is an urgent need to address this so that the process become more robust,” Gopinathan said in a series of tweets.
“Unlike before, the Ballot Unit (BU) is not connected to Control Unit (CU - Memory of EVM) directly any more. It is connected through VVPAT. Means what you press on that blue button in the BU is not registering the vote in the CU anymore. But what VVPAT communicates to CU is!
“This itself is a serious design flaw. But I guess this was done to make use of the existing CUs and BUs. Existing EVMs did not provide for VVPAT ports.
So VVPAT was so designed to mimic as a CU for the BU and as a BU for the CU. I think. That is dangerous!
“For VVPAT now controls two things: 1) What is being shown to the public in the form of paper slips. Or the perception and trust factor. 2) What is actually getting registered in the Control Unit as a vote. Or the actual vote factor.
“Question now is whether VVPAT can be manipulated? If it can be, then how and when in the process. And if it is, then do we have a fool proof process check,” he said.
“But now on to when and how? As I understand, VVPAT is a simple processor, a memory and a printer unit. It has a memory because serial numbers, names and symbols of the candidates need to be loaded on to it before the elections, so that it gets printed in the paper slip.
“And if it has a processor and a programmable memory, it can be hacked. Any malware downloaded on to it can cause the entire system to misbehave. With the kind of design, it is clear that the whole process can be vitiated by manipulating the VVPAT,” Gopinathan said.
He said that a VVPAT can possibly be programmed in a way that it sends different signals to the printing unit and to the Control Unit. In other words, suppose a person votes for Candidate ‘A’. The rigged VVPAT will print the paper slip for Candidate ‘A’ only to the satisfaction of the voter, but it would send a different vote to the CU, say for Candidate ‘B’.
Gopinathan argued that it is possible because the engineers have the access to VVPATs after the sequence of the candidates is known.
“The strongest defense any election officer has had to the question of 'What if the CU is already programmed/hacked before it comes to you', was that -
‘But they wouldn't know the sequence of candidates. So, whatever they may program, they wouldn't know who is at what number!’” he added.
“That answers the when question. Now to the how. For symbols are loaded on to the VVPAT by the engineers from their Laptops/Jigs after the candidates are finalized. VVPATs are connected to external devices after candidate sequence is known!!
“When one can access the VVPAT after the candidate sequence is known, and can connect a laptop/computer/Symbol Loading Jig, is precisely when one can load a malware also into the VVPAT,” he said.
This access should not have been provided. And that fool-proof check is what we have compromised with the introduction of VVPAT, Gopinathan asserted.
Questions over the impeccability of EVMs have been raised time and again. In 2009, after the BJP had lost the Lok Sabha elections, its spokesperson GVL Narasimha Rao penned a book with foreword by L.K. Advani in which he argued against using EVMs for voting.
After 2017 Uttar Pradesh Assembly elections, the Opposition vigorously raised the issue of EVMs being manipulated. The jury is still out on the issue, though EC has claimed time and again that after introduction of VVPATs, the process has become more transparent.
Currently, notification for the Assembly elections in Maharashtra , Haryana and Jharkhand besides by-polls on several seats.