Return to frontpage

K. Ashok Vardhan Shetty

[email protected]

K. Ashok Vardhan Shetty  is a former Vice-Chancellor of the Indian Maritime University, Chennai, a Central University under the Ministry of Shipping. Before assuming charge as the Vice-Chancellor, Shetty was a member of the Indian Administrative Service (IAS), Tamil Nadu Cadre, of the 1983 batch. Prior to his retirement from the IAS, he held a number of key assignments including Registrar, University of Madras, Director of Collegiate Education; District Collector, Viluppuram; Director of Rural Development; Managing Director, Tamil Nadu State Marketing Corporation, (TASMAC); Secretary, Chief Minister's Secretariat; Principal Secretary, Rural Development and Panchayat Raj Department; Principal Secretary, Municipal Administration and Water Supply, among others. Successful project implementation was his forte. He was commended by the Government of Tamil Nadu several times. Shetty has published several articles on public administration, management, E-Government, popular science, and popular mathematics in leading English and Tamil publications such as The Hindu , The Hindu Centre for Politics and Public Policy, The Hindu - Tamil , The Hindustan Times , Indian Express , The Hindu BusinessLine , Deccan Herald, Deccan Chronicle , The Times of India, and (the now defunct magazine) Science Today.

A Draft Bill that Cuts Maritime States Adrift

In most developed countries, ports are managed by municipal or provincial governments, with the federal government overseeing only border control, com

Can the Ten per cent Quota for Economically Weaker Sections Survive Judicial Scrutiny?

The Constitution (103 rd Amendment) Act, 2019 has empowered the state to provide up to 10 per cent reservation in education and public employment for “economically weaker sections” (EWS) of citizens other than the Scheduled Castes (SC), the Scheduled Tribes (ST), and the non-creamy layer of the Other Backward Classes (OBC-NCL). This will be over and above the existing scheme of reservations and increases the total reservations to 59.50 per cent. The fraught legal history of reservations in India shows that from 1951 onwards whenever the Supreme Court gave an adverse ruling on some aspect of reservations in education or public employment, the Parliament responded by amending the Constitution to reverse or overcome the inconvenient judicial pronouncements. The 103 rd Amendment is the latest step in this direction aimed at overcoming the Supreme Court’s rulings that (1) economic backwardness cannot be sole criterion for reservation and (2) the total reservations should not be greater than 50 per cent. Even a Constitutional amendment can be struck down by the Supreme Court if it has the effect of destroying or abrogating the “basic structure” of the Constitution. So, the only possible legal challenge to the validity of the 103 Amendment is a “basic structure challenge”. In this Policy Watch, K. Ashok Vardhan Shetty , retired Indian Administrative Service (IAS) officer, traces the constitutional and legislative history of reservations in India, discusses past ‘basic structure’ challenges relating to reservations, highlights the legal infirmities in the 103 rd Amendment, looks at the different scenarios available before the Supreme Court, and analyses if a successful ‘basic structure’ challenge can be made out in this case. All these years, the “50 per cent ceiling” rule was the only thing that had stood in the way of the demands for greater reservation from various pressure groups. Once this Lakshman Rekha is crossed, there is no going back and we may be letting the genie of proportional representation out of the bottle. Click to read this Policy Watch (HTML) [PDF 1.10 MB]

Can the Ten per cent Quota for Economically Weaker Sections Survive Judicial Scrutiny?

The Constitution (103rd Amendment) Act, 2019 has empowered the state to provide up to 10 per cent reservation in education and public emplo

Winning Voter Confidence: Fixing India’s Faulty VVPAT-based Audit of EVMs

As the world’s largest democracy gears up for a season of elections, including the 2019 General Election, there is an urgent need to examine the integrity of the electoral process. Electronic Voting Machines (EVMs) are ‘black boxes’ in which it is impossible for voters to verify whether their votes have been recorded correctly, and counting mistakes and frauds are undetectable and unchallengeable. The ‘voter verified paper audit trail’ (VVPAT) is an additional verifiable record of every vote cast that allows for a partial or total recount independent of the EVM’s electronic count. It is a critical safeguard that can help detect counting mistakes and frauds that would otherwise go undetected. The success of the VVPAT audit, however, depends on a proper, statistically acceptable, and administratively viable sample plan. The Election Commission of India (ECI)’s prescription of a uniform sample size of just “one polling station (i.e. one EVM) per Assembly Constituency” for all Assembly Constituencies and all States stirs up an avoidable controversy and diminishes voter confidence. The ECI has not made public as to how it arrived at this sample size, and it has also not clearly specified the population to which this sample size relates. The latter is important because in the event of a defective EVM turning up in the sample, the hand counting of VVPAT slips will have to be done for all the remaining EVMs of the specified population. In this Policy Watch, K. Ashok Vardhan Shetty, a former Indian Administrative Service (IAS) officer , demonstrates that the sample size prescribed by the ECI for VVPAT Audit is a statistical howler that fails to conform to fundamental sampling principles, leading to very high margins of error which are unacceptable in a democracy. By failing to detect outcome-altering miscounts due to EVM malfunction or fraud, it defeats the very purpose of introducing VVPAT. Spending hundreds of crores of rupees on procurement of VVPAT units makes little sense if their utilisation for audit purposes is reduced to an exercise in tokenism. This Policy Watch suggests statistically correct—and administratively viable—sample sizes to eliminate the risk of electoral fraud and infuse public confidence in the electoral process. It suggests ways in which the ECI can set the controversy at rest and make a beginning with the elections for five States whose counting is scheduled for December 11, 2018.  Related Article   Shetty, K.A.V. 2018 . Making Electronic Voting Machines Tamper-proof: Some Administrative and Technical Suggestions , The Hindu Centre for Politics and Public Policy, August 30.  Click to read this Policy Watch (HTML) [PDF 1.08 MB]

Winning Voter Confidence: Fixing India’s Faulty VVPAT-based Audit of EVMs

As the world’s largest democracy gears up for a season of elections, including the 2019 General Election, there is an urgent need to examine the integ

Making Electronic Voting Machines Tamper-proof: Some Administrative and Technical Suggestions

Chapter 1: The Penrose Conditions In his book “Shadows of the Mind” (1994), Roger Penrose, the globally renowned British mathematician and authority on Artificial Intelligence, visualised the hi-tech rigging of an election as follows . The date of a long-awaited election approaches. Numerous opinion polls are held over a period of several weeks. To a very consistent degree, the ruling party trails by three or four per cent but all the polls taken together have a much smaller margin of error, of less than two per cent. Polling day arrives and passes, the polls being held with electronic voting machines. When the votes are counted, the result is a complete surprise to almost everyone. The ruling party is back with a comfortable majority, having achieved its target of eight per cent over its nearest rivals. Yet the result is false. The vote-rigging has been achieved by a highly subtle means, namely, a computer virus. The virus was cleverly programmed to steal votes from other parties and give the ruling party precisely the majority it needs. The virus does more than just steal votes; it self-destructs, leaving no record whatsoever, bar the evil deed itself, to indicate its previous existence. Two necessary conditions: In the 24 years since Roger Penrose wrote the above, such a scenario has already become a reality. Penrose wrote that for such an electoral fraud to succeed, two conditions are necessary: (i) The voting machine is programmable. (That is because a virus can infect only a programmable computer). (ii) The vote-counting process is not checked by humans at any stage. It follows from Penrose’s first condition that an ideal Electronic Voting Machine (EVM) should be a stand-alone, non-networked machine with a Central Processing Unit (CPU) whose software is ‘burned’ into it and cannot be programmed after manufacture or manipulated in any manner. Indian EVMs answer to this description. They are more like calculators than computers and are not connected to any network (wired or wireless) including the Internet, and if they retain their physical integrity, they cannot be hacked. But what if dishonest insiders and criminals get physical access to the EVMs and replace the EVM’s non-hackable CPU with a look-alike but hackable CPU that can be programmed to count votes dishonestly together with an embedded Bluetooth device that allows it to be remote controlled? What if this replacement is done at the manufacturing stage itself for a certain percentage of machines? The probability of successful tampering may be low but it is non-zero. It is therefore important to analyse the security protocol and administrative safeguards that the Election Commission of India (ECI) has put in place and see if they are adequate to prevent such physical tampering of EVMs. It follows from Penrose’s second condition that relying entirely on machine counting without any physical check by humans, at least in part, may leave the system vulnerable to attacks that can go undetected. So, in case of electronic voting, there should be provision for an additional verifiable record of every vote cast in the form of ‘paper print-outs’ which should then be hand counted and tallied with the machine total for at least a sample of the EVMs deployed. This is what the EVMs fitted with Voter Verified Paper Trail (VVPAT) seek to achieve. If vote stealing has been done by replacing the non-hackable CPU of an EVM with a look-alike but hackable CPU, then such fraud can be detected by the hand counting of VVPAT paper slips for a sample of the EVMs. It follows that VVPAT is an absolute imperative and any discussion should centre on the statistically significant sample size of EVMs for which hand counting of paper slips should be done.   Chapter 2: Types of Voting Systems There are broadly five types of voting systems in use around the world: (i) Paper Ballots that are hand counted. Paper ballots are the simplest to understand; they can preserve the anonymity of the voter; voters can be confident that their votes have been correctly recorded; and recounting of votes is possible. Paper votes are immune to all kinds of cyberattacks and there is no malware that can steal them while appropriate safeguards can be put in place to prevent and detect human mischief. Hence this system has transparency, verifiability and accountability. But there are usually a worrying number of invalid votes and hand counting is a laborious and time-consuming process, especially in a country like India where population is very high and literacy level is low. [The risk of booth capture and stuffing of ballot papers has been drastically reduced with enhanced police security for polling stations; nor is this risk completely eliminated in EVMs where ‘vote stuffing’ is still possible to the extent of 12 votes per minute]. (ii) Machine-readable Paper Ballots that are scanned and electronically counted using Optical Mark Recognition (OMR) technology. Machine-readable paper ballots have all the advantages of the paper ballot system minus the delays associated with hand counting thanks to OMR technology. In order to guard against possible hacking of the OMR counting machine, the totals are verified by running the ballots through a second OMR counting machine simultaneously, and their accuracy further confirmed by hand counting a certain percentage of the ballots. Several States in the US have adopted this and others are moving towards this ‘ideal’. (iii) Direct Recording Electronic Voting Machines (DREs) or ‘paperless EVMs’. At one time, DREs were the most commonly used type of EVMs around the world. In these, the voting is typically done by pressing a button, and the votes are recorded digitally in the memory unit of the DRE, and the counting is done electronically. While DREs have many advantages including ease of operation, reduction of invalid votes cast and speeding up the counting, they also have some glaring disadvantages. First, DREs are ‘black boxes’ in which it is impossible for voters to verify whether their votes have been recorded and counted correctly. In other words, DREs fulfil Penrose’s second condition for occurrence of fraud. Second, as DREs suffer from the lack of transparency and verifiability, trusting the accuracy of their vote tallies calls for ‘a leap of faith’. It is true that small pre-election ‘mock polls’ are conducted in front of all party representatives to ‘prove’ that the DREs are working properly. Such pre-election mock polls might protect against non-malicious malfunction of EVMs. But they afford very little protection against sophisticated attacks where the dishonest, look-alike CPU has been programmed to cheat only after several hours have passed or after the EVM has recorded hundreds of votes, or if it carries a malicious programme (a Trojan) that is activated at a particular stage of the polling/counting process. Third, with DREs, recounting is meaningless as it will simply yield the same total. Fourth, there is the risk of the votes cast being permanently lost due to equipment malfunction. The Federal Constitutional Court of Germany, in a landmark judgment in March 2009, held the use of paperless EVMs in Germany unconstitutional . The Court ruled that all essential steps in an election are subject to public examinability unless other constitutional interests justify an exception. When EVMs are deployed, it must be possible for the citizens to check the essential steps in the election process and to ascertain the results reliably and without special expert knowledge. The standard the Court set for this purpose was that there should be a provision whereby “the votes are recorded in another way besides electronic storage” and there is “retraceability” of the election result independently of the electronic count. In other words, the Court ruled that EVMs are unconstitutional so long as there was no provision for an additional verifiable physical record of every vote cast. (iv) Direct Recording Electronic Voting Machines with Voter Verified Paper Audit Trail (DRE-VVPAT). In these machines, the voter gets to view for a few seconds a paper receipt for his vote before it drops into a box, and he can verify if his vote has been recorded correctly. The DRE does the machine counting and the VVPAT ‘paper slips’ of a certain percentage of randomly sampled EVMs are hand counted to check the correctness. If the two totals don’t tally, the VVPAT slips of some more or all of the EVMs may be hand counted. The replacement of paperless EVMs with VVPAT EVMs is imperative for the following reasons: (a) to increase citizens' confidence that their votes have been correctly recorded, (b) to allow for a partial or total recount using the ‘paper slips’, (c) to test whether the votes have been correctly counted by tallying the result of the hand count with that of the machine count, and (d) to provide a back-up in case of loss of votes due to equipment malfunction. (v) Internet-based Voting or Online Voting. This is most vulnerable to cyber-attacks and is not suited for elections to Legislatures and is rarely used. India has so far tried out voting systems (i), (iii), and (iv) - in that order. There is a school of thought which considers Machine-readable Paper Ballots that are electronically counted using OMR technology superior to EVMs with VVPAT for the following reasons. First, paper ballots are considered the ‘gold standard’ of voting. That is why they are still in use in many advanced countries like the UK, Japan, Canada, and Singapore while others like Germany, Netherlands, and Ireland have reverted to paper ballots after experimenting with EVMs for some time. Machine-readable paper ballots retain all the advantages of paper ballots minus the delay in counting. Here, the primary ballots are in paper form and the secondary ballots are in electronic form whereas in EVMs with VVPAT, the primary ballots are in electronic form and the secondary ballots are in paper form. Paper is more secure than electronic memory and primary paper ballots are superior to secondary paper ballots. Second, the principle of secrecy of ballot is a sacred one that must not be compromised, even slightly. In the old system, paper ballots from different ballot boxes were mixed together, thoroughly shuffled and packed into bundles of 50 ballots each, and then counted. This succeeded in masking booth-wise voting trends which would otherwise be relied upon by political parties to (i) check the effectiveness of their campaign strategies (both legal and illegal), and (ii) target collective reprisals against voters from those booths where the party fared badly. But with EVMs, the information is freely available on ECI’s website as “Booth Level Data”! This is manna from heaven for political parties because it enables them to know exactly how many supporters and opponents they have in each booth and incentivises illegal activities such as bribing of voters or targeting of opponents. What is even worse is that the EVM machine records in its memory the time at which each vote is cast. This time-series data can become available to political parties due to insider collusion. A polling booth agent can note down the precise time at which each voter has cast his or her vote and later compare this with the time-series data from the EVM to find out who had cast votes for whom. This may be laborious but is not impossible. This can completely destroy the anonymity of the vote and can be used to target reprisals against individual voters. But in the case of machine-readable paper ballots, it is possible to mix them and shuffle them and pack them into bundles of 50 before counting them so that booth-wise voting trends are masked. And, since paper ballots are used, no digital time-series data are available for anybody to find out who voted for whom. Unlike some countries where the OMR scanning is done in the polling stations itself, in India it would have to be done centrally in the Counting Hall. Going back to paper ballots with hand counting as demanded by some political parties is out of the question but machine-readable paper ballots that can be rapidly counted with OMR technology is certainly an option worth considering. When India has already invested so much in EVMs with VVPAT, the wisdom of switching over to this option may be open to question. In my opinion, the ECI should have adopted this ‘best practice’ from various countries around the world on its own. Instead, it was reluctant to switch over from paperless EVMs, and was compelled to adopt EVMs with VVPAT pursuant to a Supreme Court directive, and ended up with what was a second-best option. But the violation of the principle of secrecy of ballot, at least in principle, is a serious matter and the ECI needs to address this issue and consider switching over to the Machine-readable Paper Ballots system in a phased manner when the present VVPAT EVMs become old and need to be replaced.   Chapter 3: Election Administrators and Computer Scientists In his celebrated essay “Two Cultures” (1959), the British writer C.P. Snow had lamented the cultural divide that separates two great areas of human intellectual activity, “the sciences” and “the arts.” He wanted that practitioners in both areas should build bridges, to further the progress of human knowledge and to benefit society. A similar cultural divide exists between “election administrators” and “computer scientists” around the world regarding the electronic security of DREs or paperless EVMs; they just can’t see eye to eye. The controversy over DREs dates back to the early 2000s and is world-wide (i.e. not just limited to India). According to election administrators, it may be possible to modify an isolated DRE in a laboratory but that does not prove anything. The question is whether any tampering is feasible involving a large number of machines under real election conditions with the security protocol and various administrative safeguards in place. They think that computer scientists have no practical experience of conducting elections and that they exaggerate the security concerns and that the “omnipotent hacker” is a myth perpetuated by novels and movies. They believe that there is “safety in numbers” and physically tampering with a large number of EVMs is difficult because there are so many of them. On the other hand, computer scientists think that election administrators are status quoists who are clueless about Information Technology and the vulnerability of paperless EVMs to a range of hardware and software attacks and the evolving nature of the threats. With DREs, frauds may be undetectable and those who have been declared the losers are left with no recourse to verify results. Computer scientists think that election administrators harbour a secret fear that the legitimacy of the election process would be undermined if such attacks are proved and so they resort to “security through obscurity” by not making the hardware and software of the EVMs available for testing for vulnerabilities by external electronic security experts. A standing joke among computer scientists is that election administrators simply don’t want others to know just how bad their hardware and software are! Both election administrators and computer scientists would do well to take C.P. Snow’s advice and build bridges in the interest of developing a sound and secure electronic voting system. Ethical hacking of EVMs: Ethical hacking is a common practice in the software industry. Google, Apple, Microsoft, Facebook and Twitter invite hackers to find flaws in their code and offer attractive rewards (called ‘bug bounties’) to those who find them. The US government has done likewise with programmes like "Hack the Pentagon”. But election administrators and EVM manufacturers (both government-owned and private) around the world have been reluctant to submit their machines to such ethical hacking. The annual “DEFCON Computer Security Conference”, which is the largest and longest-running conference of its kind, invites hackers from all over the world to Las Vegas, US, to display their skills. In the aftermath of fears that Russians had used hacking techniques to influence the 2016 US Presidential election, about 30 EVMs were made available in a ‘Voting Village’ to professional hackers for the first time in the 25th DEFCON Conference held in July 2017. Some of the EVM models had been in use in US elections till recently while others are still in use. The hackers were allowed to probe, deconstruct and even open the equipment over a period of three days in order to understand how they work and how they could be compromised by attackers. The results were sobering. By the end of the conference, every piece of equipment in the Voting Village was effectively breached in some manner. Participants with little prior knowledge and only limited tools and resources showed that they could undermine the confidentiality, integrity, and availability of these systems. Moreover, a closer physical examination of the machines highlighted several supply chain vulnerabilities. Many machines were found to use cheap generic chips (CPUs) that could be bought over the counter instead of specially customised chips that would be difficult for hackers to lay hands on. There were multiple cases of foreign-manufactured internal parts including hardware developed in China. The hackers documented the various vulnerabilities of the EVMs in the form of a report. The ‘Voting Village’ concept will be a regular feature of DEFCON Conferences hereafter and this should keep the EVM manufacturers in US (all of whom are in the private sector) on their toes. In contrast, the Election Commission of India (ECI) conducted a ‘Hackathon’ in June 2017 in which participating groups of not more than three members each (foreign experts not allowed) were given just four hours. The participants were not allowed to open the EVMs but could use a combination of keys on EVMs or communication devices such as cell phones and Bluetooth to tamper with the machines to change the results. The conditions imposed by ECI were clearly unfair and its ‘challenge’ was boycotted by most Indian political parties. If the ECI is really confident that its EVMs are tamper-proof, then it should send them to the next DEFCON Conference for scrutiny by ethical hackers! Chapter 4: The EVM Controversy in India In India, the Election Commissioners are very eminent persons whose capability, sincerity, neutrality and integrity are beyond question. They have been trying their best to conduct free and fair elections and have introduced far-reaching electoral reforms. They are held in high esteem by political parties and citizens alike. But like election administrators around the world, they have been criticised for underestimating the gravity of electronic security issues. The ECI, for its part, has been consistently claiming that its EVMs, security protocol and administrative safeguards are time-tested, robust, secure and tamper-proof. According to it, Indian EVMs are unique and any comparisons with the EVMs used elsewhere in the world are misplaced. Notwithstanding the ECI’s claims, at various points in time, the entire spectrum of political parties in India [including the Bharatiya Janata Party (BJP) and the Congress] have expressed their reservations about the integrity of its EVMs. Elections are the bedrock of democracy. Confidence in the integrity of EVMs is important for voters to trust the outcomes of elections and the legitimacy of governments formed as a result of them. If the concerns about EVM security become widespread, that confidence could be eroded whether or not those concerns are well-founded. The ECI cannot allow that to happen and must retain an open mind that some of the concerns may be true and take expeditious steps to resolve the issues. BJP the first to raise concerns about EVMs: In India, doubts about paperless EVMs were first raised by the BJP in the aftermath of the 2009 Lok Sabha polls, in which the Congress-led United Progressive Alliance (UPA) came back to power with a decisive mandate. The BJP believed that this happened because of EVM-rigging in favour of the Congress. In 2010, BJP ideologue G.V.L. Narasimha Rao wrote a very well-researched and persuasive book titled “Democracy at Risk – Can we trust our Electronic Voting Machines?” with a foreword by the party’s senior leader, L.K. Advani, and a message by Chandrababu Naidu, then a key ally. The book claimed to be a “shocking exposé of the Election Commission’s failure to assure the integrity of India’s electronic voting system”. It highlighted the various vulnerabilities in paperless EVMs and made out a convincing case for the adoption of EVMs with VVPAT. Narasimha Rao also made a startling claim that during election season, “fixers” with “authorised access to EVMs” approach politicians with offers to rig machines in favour of a candidate or a party for a sum of Rs. five crore. But the ECI did not budge and persisted in its stand that tampering of EVMs was not possible under real election conditions. Supreme Court mandates VVPAT: In 2009, BJP leader Subramanian Swamy filed a Public Interest Litigation (PIL) before the High Court of Delhi seeking the implementation of VVPAT but the Court said that it was a policy matter and left it to the Parliament or the ECI to take a decision on VVPAT. The case went up to the Supreme Court. In 2013, the Supreme Court passed an order mandating the use of VVPAT EVMs, and directed the ECI to implement them in a phased manner. The Supreme Court observed : “From the materials placed by both the sides, we are satisfied that the “paper trail” is an indispensable requirement of free and fair elections. The confidence of the voters in the EVMs can be achieved only with the introduction of the “paper trail”. EVMs with VVPAT system ensure the accuracy of the voting system. With an intent to have fullest transparency in the system and to restore the confidence of the voters, it is necessary to set up EVMs with VVPAT system because vote is nothing but an act of expression which has immense importance in democratic system”. The Supreme Court stopped short of setting a time table for the ECI to implement its ruling in full. After a delay of nearly four years, the ECI deployed EVMs with VVPATs in all polling stations in select State Assembly Elections only from 2017 onwards. The ECI has planned to conduct all future Assembly Elections and the 2019 Parliamentary Elections only with VVPAT EVMs. But there is a worrying backlog in the supply of VVPAT units by Bharat Electronics Limited (BEL) and Electronics Corporation of India Limited (ECIL), the two public sector undertakings (PSUs) that manufacture EVMs and VVPAT units in India. Until June 19, 2018, the ECI had received only about 43 per cent of the EVMs and only 22 per cent of the VVPAT units that it had placed orders for. The deadline for 100 per cent supply is end-September 2018. The shoe is on the other foot: Ever since the BJP came to power in the Centre in 2014, it has been the turn of the Opposition parties to claim that EVMs are being rigged in favour of BJP, and the chorus became louder after the BJP’s landslide victory in the Uttar Pradesh and Uttarakhand Assembly elections in 2017. There were no such claims when the Aam Aadmi Party (AAP) won a landslide in the Delhi Assembly elections in 2015 or the ‘Mahagatbandhan’ of Janata Dal–United (JDU), Rashtriya Janata Dal (RJD) and Congress won the Bihar elections in 2015 by a big margin. This led to the criticism that the Opposition parties were “sore losers” who raised the bogey of EVM-rigging only when they lost an election and remained silent when they won it. Recently, Mamata Banerjee, the Chief Minister of West Bengal, brought 17 Opposition parties together to make a joint representation to the ECI that the 2019 Parliamentary elections should be fought with paper ballots since EVMs could be rigged and were not trustworthy. Opinions on the issue of EVM-tampering are sharply polarised in India today with the BJP now claiming that tampering is not possible and many Opposition parties expressing the contrary viewpoint. If it is any consolation, things are pretty much the same in the US and elsewhere. As Marian Schneider of the US non-profit “Verified Voting” has observed : “I don’t think this is a political issue. Everybody gets elected on the same equipment, regardless of their party. So making sure that that equipment is working well, making sure that we can verify the results so that the outcome is correct is important to everyone.” It must be noted that the threats to the integrity of our electoral process need not come only from ruling parties of the day in the Centre or the States; they could come from foreign attackers also. The allegation of Russian interference in the 2016 US Presidential elections on behalf of President Donald Trump, which is under investigation by the U.S. Senate Select Committee on Intelligence, shows that this danger is real, and that elections are now on the front lines of cybersecurity. Other potential attackers are terrorists who may wish to disrupt elections in order to spread confusion and distrust or rogue employees of EVM manufacturers who may do it for money. Chapter 5: Perfunctory Implementation of VVPAT Ideally, the controversy over EVMs should have been laid to rest once the Supreme Court had ordered the implementation of EVMs with VVPAT in 2013. If this has not happened, it is partly due to the inordinate delay in procurement of VVPAT units and partly due to the ECI’s questionable action of prescribing a minuscule sample of EVMs for hand-counting of VVPAT slips. After some initial press reports stating that VVPAT slips may be counted in respect of 10 per cent or 5 per cent of the EVMs, the ECI threw a bombshell by ordering the hand counting of VVPAT slips only for one randomly chosen polling station (i.e. one EVM) per Assembly Constituency in the Assembly Elections for Gujarat and Himachal Pradesh held in December 2017 and Karnataka in May 2018. This worked out to just 182 out of 50,128 polling stations (or 0.36 per cent of the EVMs) in Gujarat; to just 68 out of 7,521 polling stations (or 0.90 per cent of the EVMs) in Himachal Pradesh; and to just 224 out of 56,696 polling stations (or 0.40 per cent of the EVMs) in Karnataka. Such a low percentage defeats the very purpose of introducing VVPAT and is fraught with all the risks of conducting elections with paperless EVMs. Statistically Unsound: Consider a hypothetical example where three Assembly Constituencies P, Q and R have 100, 200 and 300 polling stations in them. The ECI’s action of prescribing a uniform sample size of “one polling station (EVM) per Assembly Constituency” for all the three constituencies would be prima facie faulty. Since the number of polling stations in an Assembly Constituency varies widely from State to State and even within a State, the sample size should clearly be different for different Assembly Constituencies and bear a relation to the number of polling stations in the constituency. There are ready reckoners based on standard statistical sampling theory which can tell us as to what would be the Margin of Error for the chosen Sample Size for a given Population Size and a given Confidence Level. Taking the total number of polling stations in the State as the Population Size and the total number of EVMs taken up for hand counting of paper slips (which is equal to the number of Assembly Constituencies in the State) as Sample Size, and assuming Confidence Levels of 95 per cent and 99 per cent, Table 1 shows the resulting Margins of Error for the ECI-prescribed sample size in respect of Gujarat, Himachal Pradesh and Karnataka.

Policy Watchfront pagejpg
Making Electronic Voting Machines Tamper-proof: Some Administrative and Technical Suggestions

The Election Commission of India (ECI) has been consistently claiming that its Electronic Voting Machines (EVMs) are unique and that tampering is not feasible under real election conditions with its security protocol and administrative safeguards in place. Notwithstanding the ECI’s claims, at various points in time, the entire spectrum of political parties in India [including BJP and Congress] have expressed their reservations about the integrity of its EVMs. There have also been demands to revert to paper ballots. Confidence in the integrity of EVMs is important for voters to trust the outcomes of elections. The ECI cannot allow this confidence to be eroded. It is true that Indian EVMs cannot be hacked because they are not connected to any network and their software is ‘burnt’ into the CPU and cannot be rewritten after manufacture. But what if dishonest insiders and criminals get physical access to the EVMs and replace the EVM’s non-hackable CPU with a look-alike but hackable CPU that can be programmed to count votes dishonestly together with an embedded Bluetooth device that allows it to be remote controlled? All the features and safeguards relied on by the ECI can be easily negated by insider fraud for which there is scope at three stages: (1) at the EVMs manufacturing stage, (2) at the district level, during the long non-election period, when the EVMs are stored in archaic warehouses in multiple locations with inadequate security systems, and (3)at the stage of ‘first level checks’ prior to an election when the EVMs are serviced by authorised technicians from the EVM manufacturers.  The threats are real but luckily, the remedies are simple and effective: (1) use of Authentication Units before the polls to weed out counterfeit/tampered EVMs, and (2) effective use of Voter Verified Paper Audit Trail (VVPAT) system at the time of counting to guard against EVM tampering or malfunction. Both are essential. But the ECI has dragged its feet since 2006 in procuring Authentication Units, and has prescribed a minuscule sample of one EVM per Assembly Constituency for hand-counting of VVPAT slips which is grossly inadequate, statistically unsound, and nearly as bad as not implementing VVPAT at all.  In this Policy Watch, K. Ashok Vardhan Shetty, a former Indian Administrative Service (IAS) officer, examines the vulnerabilities of EVMs in the light of the ECI’s claims thereof, the adequacy of its security protocol and administrative safeguards, and the risks due to the perfunctory implementation of VVPAT systems as done in the recent Assembly Elections. He provides several practical administrative and technical suggestions to make Indian EVMs tamper-proof. His interest in this matter is strictly apolitical and nothing more than preserving the integrity of India’s electoral process and enhancing its credibility in the eyes of political parties and voters. Also by the Author: Policy Watch No. 7: Shetty, K.A.V. 2018 . Winning Voter Confidence: Fixing India’s Faulty VVPAT-based Audit of EVMs , The Hindu Centre for Politics and Public Policy, November 27. Policy Watch No. 9: Shetty, K.A.V. 2019 . Can the Ten per cent Quota for Economically Weaker Sections Survive Judicial Scrutiny? , The Hindu Centre for Politics and Public Policy, March 6.  [PDF 1.19 MB] 

Making Electronic Voting Machines Tamper-proof: Some Administrative and Technical Suggestions

The Election Commission of India (ECI) has been consistently claiming that its Electronic Voting Machines (EVMs) are unique and that tampering is not