The Election Commission of India (ECI) has been consistently claiming that its Electronic Voting Machines (EVMs) are unique and that tampering is not feasible under real election conditions with its security protocol and administrative safeguards in place.
Notwithstanding the ECI’s claims, at various points in time, the entire spectrum of political parties in India [including BJP and Congress] have expressed their reservations about the integrity of its EVMs. There have also been demands to revert to paper ballots. Confidence in the integrity of EVMs is important for voters to trust the outcomes of elections. The ECI cannot allow this confidence to be eroded.
It is true that Indian EVMs cannot be hacked because they are not connected to any network and their software is ‘burnt’ into the CPU and cannot be rewritten after manufacture. But what if dishonest insiders and criminals get physical access to the EVMs and replace the EVM’s non-hackable CPU with alook-alike but hackable CPU that can be programmed to count votes dishonestly together with an embedded Bluetooth device that allows it to be remote controlled? All the features and safeguards relied on by the ECI can be easily negated by insider fraud for which there is scope at three stages: (1) at the EVMs manufacturing stage, (2) at the district level, during the long non-election period, when the EVMs are stored in archaic warehouses in multiple locations with inadequate security systems, and (3)at the stage of ‘first level checks’ prior to an election when the EVMs are serviced by authorised technicians from the EVM manufacturers.
The threats are real but luckily, the remedies are simple and effective: (1) use of Authentication Units before the polls to weed out counterfeit/tampered EVMs, and (2) effective use of Voter Verified Paper Audit Trail (VVPAT) system at the time of counting to guard against EVM tampering or malfunction. Both are essential. But the ECI has dragged its feet since 2006 in procuring Authentication Units, and has prescribed a minuscule sample of one EVM per Assembly Constituency for hand-counting of VVPAT slips which is grossly inadequate, statistically unsound, and nearly as bad as not implementing VVPAT at all.
In this Policy Watch, K. Ashok Vardhan Shetty, a former Indian Administrative Service (IAS) officer, examines the vulnerabilities of EVMs in the light of the ECI’s claims thereof, the adequacy of its security protocol and administrative safeguards, and the risks due to the perfunctory implementation of VVPAT systems as done in the recent Assembly Elections. He provides several practical administrative and technical suggestions to make Indian EVMs tamper-proof. His interest in this matter is strictly apolitical and nothing more than preserving the integrity of India’s electoral process and enhancing its credibility in the eyes of political parties and voters.
[PDF 1.19 MB]