Hand over 50 EVMs to us, SC lawyers request Election Commission of India

A group of lawyers are planning to walk from Patiala House Court to the Election Commission of India’s (ECI) office on 5 January 2024 with a petition. They would like the commission to hand over 50 ‘sealed’ electronic voting machines (EVM) to them so that the lawyers may take them to each state capital and demonstrate their vulnerabilities.

Addressing the media in New Delhi on Sunday, Supreme Court advocates Mahmood Pracha and Bhanu Pratap Singh recalled the challenge issued by the ECI itself in 2017 for hacking the standalone EVMs. In a press release, the ECI had called upon stakeholders to point out vulnerabilities in the machine.

The lawyers said they are now convinced that the EVMs attached to the VVPAT are not secure. They claimed that they have been advised about the vulnerabilities by computer software engineers and they plan to take the EVMs to each state capital and demonstrate publicly, before the media and the people, how the machines can be manipulated.

Voicing their concern at the ECI's upgrading and replacing EVMs with M3 machines, with chips supplied by multinational corporations abroad, they said the need for scrutiny and security of the machines has never been greater.

They also pointed out that even a company like Apple has been forced to concede that its prize product the iPhone, whose high price is attributed to its high-level security features, was attacked and infiltrated by the Pegasus spyware. The lawyers said they believed they are making a reasonable request and hoped the ECI would accede to their request.

The lawyers’ misgivings about the EVM are supported by Andhra Pradesh software engineer Hari Prasad, who was arrested in 2010 for ostensibly ‘stealing’ an EVM.

What rescued him was the video he had shot while hacking the EVM, which clearly displayed the number on the machine to prove that it came from the ECI. In an interview to The Quint, Prasad recalled that the ECI had initially claimed that the machine was a ‘lookalike’ and had not come from its stock. Thereafter, it claimed that the machine had been stolen.

The machine, Prasad revealed, was sent back to the ‘source’ within the ECI, who had secured an undertaking that his name would not be disclosed.

The machines were always hackable, said Prasad, but following the introduction of the VVPAT, manipulating the ‘display’ and ‘memory’ had become easier. While the security features can safeguard against external attacks, he asked, what is the safeguard against ‘inside jobs’?

It is the ballot that should be secret, he pointed out, but not the process. The process ought to be transparent and the ECI should disclose publicly the features and safeguards that make the machines secure in its view.

The video clips released by the lawyers and Quint can be accessed through these links: