Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington, I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day. I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words. I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling. Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke> Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Jimmy, IMHO, this whole thing is supposed to thrive on ambiguity and as such, you are not likely to see anyone displaying the BVR/BVI equipment anywhere, not even in the Senate. The powers-that-be are not interested in the clear picture getting to the masses, the same way it's not keen on civic education. Common sense dictates that the only way to have the amendments in the NA to see the light of the day is to make this debate as mysterious as it can get. Forget facts. Forget any demos of how the equipment (which is already with IEBC) works! On 30 December 2016 at 13:14, JImmy Gitonga via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke> Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gm ail.com> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this. I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?). A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following: IEBC: CEO or Rep?Regulator: CEO or Rep?Operator: Safcom/Airtel/Telkom?ICT Min: Minister or rep?Academia: MMU/Strath/UoN/?Political Party: Jubilee+CORD Rep?Moderator &Broadcaster: Media (Citizen, NTV,KTN)Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone? If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007. walu. From: JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> To: jwalu@yahoo.com Cc: JImmy Gitonga <jimmygitts@gmail.com> Sent: Friday, December 30, 2016 1:14 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Thank you Odhiambo Washington, I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day. I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words. I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling. Regards,Jimmy Gitonga Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com> Content-Type: text/plain; charset="utf-8" Dear Listers, I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality. All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes. That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important. However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large. Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY? My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.* 1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot. 2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI. The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that?? Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason??? (a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is). (b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*." The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote. At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"? Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS?? There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Thanks Walu, it's time for us to stand up. Let's demystify this tech. On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
I agree. We should put together our submissions as the ICT community and present the same to bunge. Victor On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides. I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests. b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage? Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered. Raha tupate na ustawi 2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types) 2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No) 3: voting: choosing from one of several options. 4: tallying : counting the choices at the polling stations and recording the results on paper or device. 5: transmission: sending this information to regional and national tallying centers. Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice. On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Dear all, In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week. Best Regards and wishes for the new year On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke> wrote:
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
@Barrack, My views and solutions were shared ealier. But just incase listers did not read or have questions, you can find them here. WALUBENGO: On electronic polling, both Cord and Jubilee are | | | | | | | | | | | WALUBENGO: On electronic polling, both Cord and Jubilee are Nothing stops the opposition from abusing a failed system, but the incumbent always has an upper hand | | | | walu. From: Barrack Otieno via kictanet <kictanet@lists.kictanet.or.ke> To: jwalu@yahoo.com Cc: Barrack Otieno <otieno.barrack@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Sent: Friday, December 30, 2016 6:26 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Dear all, In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week. Best Regards and wishes for the new year On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke> wrote:
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Many thanks Walu, Best Regards On 12/30/16, Walubengo J <jwalu@yahoo.com> wrote:
@Barrack, My views and solutions were shared ealier. But just incase listers did not read or have questions, you can find them here. WALUBENGO: On electronic polling, both Cord and Jubilee are
| | | | | |
|
| | | | WALUBENGO: On electronic polling, both Cord and Jubilee are Nothing stops the opposition from abusing a failed system, but the incumbent always has an upper hand | |
|
|
walu.
From: Barrack Otieno via kictanet <kictanet@lists.kictanet.or.ke> To: jwalu@yahoo.com Cc: Barrack Otieno <otieno.barrack@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Sent: Friday, December 30, 2016 6:26 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Dear all,
In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week.
Best Regards and wishes for the new year
On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke> wrote:
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Walu, I read your views, but I have one or two observations: *You say "Conversely, if the RTS fails but the BVR and EVID work perfectly, there should be less cause for alarm. Essentially, the three subsystems have a symbiotic relationship that can be used to validate or cross-check each other."* => I do not clearly get the symbiotic relationship between the three systems as far as the main issues of contention (EVID) are concerned. If the systems are interconnected, then, looking at it from an SQL perspective, the RTS system borrows only one column from the BVR tables - Total Registered Voters in a particular Constituency, which I believe is just a factor for cross-checking the results (reminds me of Tiaty saga). However, this isn't necessarily part of the critical system that is supposed to stop dead voters from resurrecting and voting! I therefore think that we can mentally (or even practically de-link the RTS from the EVID to stop this insistence on connectivity, which gives birth to the "manual backup", no? *You say "Sometime the failure is maliciously engineered, while other times it is a reflection of the genuine weakness inherent within man-made systems."* ==> With specific reference to EVID, I am of the opinion that it is pretty easy to mitigate failure of the system by having 3 sets of the system, which is affordable. That would address the "technical failure", but not a human/maliciously engineered failure, because the humans can kill the three or even all of the equipment. If they do this (corrupt the static DB - as that is the only show-stopper), then really, there should be no voting. I hope that doesn't happen. We still don't need 3G/4G/VSAT for this. *You say "So Cord, just as prescribed for Jubilee, should be discussing what level of electronic failure is acceptable, beyond which the results can no longer be acceptable given the potential exposure to manipulation that would arise from the manual alternatives."* ==> Jubilee are advancing/contemplating the imaginary failure of connectivity occasioned either by absence/failure of fast network (3G/VSAT) or Al Shaabab knocking off what is there. This is more like making a nightmare a reality instead of the dream that it is. CORD is insisting that EVID should be used without the option of the "manual backup" and we all know that EVID doesn't require this connectivity, which supports the CORD argument. *You say "On the other hand, electronic voter identification (EVID) and the results transmission system (RTS) are quite time-sensitive. If they failed, manual intervention may be the only option available"* ==> I still insist that EVID has very little to do with RTS. EVID is being used statically. The equipment, at most, has the constituency register, not the whole national register, and at the least, has just the registration/polling centre register. RTS is a system that kicks in later, once EVID has completed its role. RTS waits for data from humans - clerks/agents/presiding/returning officers. They can all congregate at the County HQ and send this data. Most County HQ have 3G. If they don't, VSAT is something that can be set up in less than 1 hour! Your other view go well with issue about addressing possible failures, but in no way support the "Manual Backup" for EVID. This manual backup thing is a red herring, visible immediately you de-link connectivity from the debate. Which brings me to your conclusion:* "So who is right and who is wrong? Unfortunately, both sides are right and at the same time, very wrong."* ==> That's because we are not there to talk to them and enlighten them. Hey, doesn't Jubilee/CORD have ICT experts in their stables/secretariats though?? :-) On 30 December 2016 at 19:55, Walubengo J via kictanet < kictanet@lists.kictanet.or.ke> wrote:
@Barrack,
My views and solutions were shared ealier. But just incase listers did not read or have questions, you can find them here.
WALUBENGO: On electronic polling, both Cord and Jubilee are <http://www.nation.co.ke/oped/blogs/dot9/walubengo/2274560-3492668-549k98/index.html>
WALUBENGO: On electronic polling, both Cord and Jubilee are Nothing stops the opposition from abusing a failed system, but the incumbent always has an upper hand
<http://www.nation.co.ke/oped/blogs/dot9/walubengo/2274560-3492668-549k98/index.html>
walu.
------------------------------ *From:* Barrack Otieno via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* Barrack Otieno <otieno.barrack@gmail.com>; JImmy Gitonga < jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 6:26 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Dear all,
In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week.
Best Regards and wishes for the new year
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest
the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe
the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on
Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized
On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke> wrote: that that the phones
which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Dear Listers, I just posted my thoughts on this in a different thread (seen this later). Apologies for advancing the separate but related thread. Much has been argued about the EVID component and why it should be de-linked from internet connectivity arguments. That bit should be obvious to anyone purporting to give an expert ICT opinion. Any argument to the contrary should be scrutinized for dishonesty and lack of professionalism. May I be allowed to emphasise a point in my earlier post about the Presidential Vote tally transmission. Am afraid its essence may not be fully understood. This subsystem becomes critical to the extent that it helps prevent scenarios of vote tallies being altered (later) to "massage" presidential results a certain way. The electronic transmission of results helps preempt the kind of cheating which is accomplished through bribing presiding officers and agents of candidates to alter the physical forms involved (Form 34 and Form 36?). Once the tallying is done and the results are announced in the view of party agents, election observers and the general public, if the same are not instantaneously transmitted for further aggregation nationally, crooked people get a time window and convenience to bribe their way to alteration of the physical forms. This is likely in the transitional period before actual forms are physically transported for regional or national aggregation. In 2013, many such forms were reported to have disappeared altogether. Such is the likely expediency of election crooks. The main point here is that the electronic tally transmission subsystem is crucial. The additional point is that IEBC can isolate specific risk areas for this subsystem and either reinforce it with redundant links, or work with service providers and the universal access fund for investment in new kind of connectivity as is necessary. This is also to bear in mind Washington's point that the digital footprint of presidential tallies per polling station should be extremely small. I think it might not even exceed a Kilobyte if the system is adequately optimised for efficient data storage and transmission. The above said, the electoral law amendment also happens to be an opportunity to reinforce certain things. For instance, it may be necessary to require the IEBC to procure a mirror server, hosted in Europe or somewhere. It could even be some kind of third party assurance service considering the level of trust that IEBC enjoys. Such server level redundancy should reassure political players that if the data elements in both servers remain identical after postings of the same data combinations from the 40k or so polling stations, then likelihoods of a hacked server are reduced. Of course the political players can insist on availability of both server logs (or equivalent audit trail) to verify against possible "server hacking". Am unsure about the Safaricom VPN used in 2013 but there might also be need for some kind of redundancy as regards the data transmission paths used. We need a solution to the unlikely story of jammed Safaricom network cells (which supposedly materialised in 2013). More importantly though, the ICT fraternity still needs a session to be appraised on exactly what went wrong in 2013. Those are my extra 10 cent thoughts for 2016 as we try and save our profession from ridicule. Enjoy 2017! On Dec 30, 2016 21:16, "Odhiambo Washington via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Walu,
I read your views, but I have one or two observations: *You say "Conversely, if the RTS fails but the BVR and EVID work perfectly, there should be less cause for alarm. Essentially, the three subsystems have a symbiotic relationship that can be used to validate or cross-check each other."*
=> I do not clearly get the symbiotic relationship between the three systems as far as the main issues of contention (EVID) are concerned. If the systems are interconnected, then, looking at it from an SQL perspective, the RTS system borrows only one column from the BVR tables - Total Registered Voters in a particular Constituency, which I believe is just a factor for cross-checking the results (reminds me of Tiaty saga). However, this isn't necessarily part of the critical system that is supposed to stop dead voters from resurrecting and voting! I therefore think that we can mentally (or even practically de-link the RTS from the EVID to stop this insistence on connectivity, which gives birth to the "manual backup", no?
*You say "Sometime the failure is maliciously engineered, while other times it is a reflection of the genuine weakness inherent within man-made systems."*
==> With specific reference to EVID, I am of the opinion that it is pretty easy to mitigate failure of the system by having 3 sets of the system, which is affordable. That would address the "technical failure", but not a human/maliciously engineered failure, because the humans can kill the three or even all of the equipment. If they do this (corrupt the static DB - as that is the only show-stopper), then really, there should be no voting. I hope that doesn't happen. We still don't need 3G/4G/VSAT for this.
*You say "So Cord, just as prescribed for Jubilee, should be discussing what level of electronic failure is acceptable, beyond which the results can no longer be acceptable given the potential exposure to manipulation that would arise from the manual alternatives."*
==> Jubilee are advancing/contemplating the imaginary failure of connectivity occasioned either by absence/failure of fast network (3G/VSAT) or Al Shaabab knocking off what is there. This is more like making a nightmare a reality instead of the dream that it is. CORD is insisting that EVID should be used without the option of the "manual backup" and we all know that EVID doesn't require this connectivity, which supports the CORD argument.
*You say "On the other hand, electronic voter identification (EVID) and the results transmission system (RTS) are quite time-sensitive. If they failed, manual intervention may be the only option available"*
==> I still insist that EVID has very little to do with RTS. EVID is being used statically. The equipment, at most, has the constituency register, not the whole national register, and at the least, has just the registration/polling centre register. RTS is a system that kicks in later, once EVID has completed its role. RTS waits for data from humans - clerks/agents/presiding/returning officers. They can all congregate at the County HQ and send this data. Most County HQ have 3G. If they don't, VSAT is something that can be set up in less than 1 hour!
Your other view go well with issue about addressing possible failures, but in no way support the "Manual Backup" for EVID. This manual backup thing is a red herring, visible immediately you de-link connectivity from the debate.
Which brings me to your conclusion:* "So who is right and who is wrong? Unfortunately, both sides are right and at the same time, very wrong."*
==> That's because we are not there to talk to them and enlighten them.
Hey, doesn't Jubilee/CORD have ICT experts in their stables/secretariats though?? :-)
On 30 December 2016 at 19:55, Walubengo J via kictanet < kictanet@lists.kictanet.or.ke> wrote:
@Barrack,
My views and solutions were shared ealier. But just incase listers did not read or have questions, you can find them here.
WALUBENGO: On electronic polling, both Cord and Jubilee are <http://www.nation.co.ke/oped/blogs/dot9/walubengo/2274560-3492668-549k98/index.html>
WALUBENGO: On electronic polling, both Cord and Jubilee are Nothing stops the opposition from abusing a failed system, but the incumbent always has an upper hand
<http://www.nation.co.ke/oped/blogs/dot9/walubengo/2274560-3492668-549k98/index.html>
walu.
------------------------------ *From:* Barrack Otieno via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* Barrack Otieno <otieno.barrack@gmail.com>; JImmy Gitonga < jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 6:26 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Dear all,
In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week.
Best Regards and wishes for the new year
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke>:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
> I think this is an opportunity for the ICT fraternity to take up the > challenge and demystify electronic systems in elections. I believe > this > forum has the most neutral platform where the media, academia, > operators, > regulators, government, legal and other interested parties can > brainstorm > on this. > > I propose that early in the year, a face-2-face roundtable TV /Radio > broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps > at > Strath University (CPIT are you there?). > > A lot has been written on the issue of electronic systems in elections > but seems nobody READS, least of all politicians from both sides of > the > divide. I can imagine a cast of the following: > > IEBC: CEO or Rep? > Regulator: CEO or Rep? > Operator: Safcom/Airtel/Telkom? > ICT Min: Minister or rep? > Academia: MMU/Strath/UoN/? > Political Party: Jubilee+CORD Rep? > Moderator &Broadcaster: Media (Citizen, NTV,KTN) > Convenor: KICTAnet -GG are you back from holiday? > Sponsors: Anyone? > > If we do not hijack this ICT conversation, the politicians will run > with it in the wrong direction and we might find ourselves exactly > where we > were in 2007. > > walu. > > > ------------------------------ > *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> > *To:* jwalu@yahoo.com > *Cc:* JImmy Gitonga <jimmygitts@gmail.com> > *Sent:* Friday, December 30, 2016 1:14 PM > *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS > ICT Honest > > Thank you Odhiambo Washington, > > I have the same concerns myself. I reached the conclusion that it > would > be nice if "ICT Experts" could lay their hands on a BVI machine as well > as > a and show the rest of us what the problem really is. The ERT issue is > a > red herring. It has worked flawlessly in the bi-elections that have > happened ever since. With PKI and 2 factor authentication, this can be > solved for election day. > > I am sure Victor Kyalo and Joseph Mucheru could make this possible. > Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time > will > begin to be asked by their family or neighbours, what the issue really > is. > I, for one, do not want to echo the CS's words. > > I think the CS and the PS should help us help them. Otherwise they > will > be on their own when the political vultures come calling. > > Regards, > Jimmy Gitonga > > > > Message: 4 > Date: Fri, 30 Dec 2016 11:30:08 +0300 > From: Odhiambo Washington <odhiambo@gmail.com> > To: Kictanet <kictanet@lists.kictanet.or.ke > > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT > Honest > Message-ID: > <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. > gmail.com > <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com>> > Content-Type: text/plain; charset="utf-8" > > Dear Listers, > > I am at that position where I feel very lost. In fact, I feel like I > am > quite detached from the reality. > > All along, I have keenly considered this matter that seems to have > divided > the country down the middle: *Manual Backup* during the 2017 voting > process. From the Jubilee/govt side this is a do or die and so it must > be > there. This govt side seems hell-bent on confusing the masses, as well > as > the experts like the ICT Community. From the Opposition side, the > agenda > seems to be very clear - that of ensuring integrity of the Voters > Register > and stopping 'ghost voters' from ever casting their votes. > > That brings us to the famous acronyms - BVI (Biometric Voter Register) > / > BVI (Biometric Voter Identification). > Having been to a Voter Registration Centre (later to become a Polling > Station) to register as a voter, I did look at the equipment in use > for > the > registration process. I saw the laptop which was fitted with a camera > and > fingerprints scanner. All these require power to run. I did not dwell > on > how they were powered, but probably there was a battery backup > somewhere > (besides the electricity) given that they needed to run for a whole > day > for > several days during the voter registration process. When it comes to > the > Elections, they only need to run for about 11 hours. My point here is > that > of *Backup Power* should it be that there's electricity blackout and > the > built-in batteries can't last the whole day. That backup is very > important. > > However, I did not see any piece of equipment which could suggest
> the > equipment in use required any form of connectivity back to some > central > server in order to function! Which now brings me to the currently > national > debate - Manual Backup during the Poll Day. What is it? Was the CS > honest > with his presentation before the Senate/Amos Wako committee yesterday? > Does > the CS himself really believe in the content of his presentation? I am > asking that because I watched him and I don't believe him. I actually > think > he mislead the committee, and hence the nation at large. > > Someone please prove me wrong. I am at that point where I believe
> the > BVR/BVI does NOT require any form of connectivity and so this Manual > Backup > being touted by the ruling coalition side, strongly supported by
> ICT > CS is a big lie. WHY? > > My very first answer: Simply put, *when there was no requirement for a > manual backup during voter registration, it goes without saying that > there > is NO NEED for on the polling day.* > > > 1. For the issue that is in contention - BVR (used for BVI during > polling) > - this is a database that can be (and should be) statically stored on > the > equipment for each polling station. We are not supposed to rely on
> Mobile Network to access this voters database. And every polling > station > can have two/three laptops/Biometrics scanner/Backup batteries to > ensure > that the voter identification doesn't fail. > Some excuse has been fronted about some voters being mechanics, such > that > their fingerprints wouldn't be recognized by the BVI systems hence > need > for > manual identification. My take on that is that every voter must carry > their > voter's card on that day. The clerks can check that card number > against > the > electronic system - enter it, and it will bring the person's
> ID > number, etc and let him cast his ballot. > > 2. For electronics results transmission (ERT), this is not even > necessary > in the first place. We can have the results collated/announced at
> tallying centres after being certified - forms 36A, and such. However, > if > the ERT must be done, the data footprint is so tiny that a 2G network > can > be used. Besides, it can be an SMS based system, which doesn't require > 3G > or VSAT. The results data isn't that large - it can't be in Megabytes > to be > sincere. Well, VSAT can be used if they MUST, but this is after the > voting > process itself is complete, has nothing to do with BVI. > > The ERT and the BVR/BVI are two distinct systems. That is what I want > to > believe. The ERT gets feedback from a manual process - of voters > casting > their vote, clerks/agents counting, verifying, and certifying, filling > requisite forms then communicating the same via some customized
On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke> wrote: that that the the picture, the phones
> which are programmed to communicate to a backend system. Am I right on > that?? > > Now the big question here is, where do we need this much touted manual > backup where network connectivity is being used as the major reason??? > > (a) Citing terrorism and the possibility of Al Shabaab knocking off > base > stations seems like well thought out lie meant to cover our eyes! If > they > attacked an area, I doubt there will be voting in the 1st place. > And even so, the network connectivity is not required for BVI so > there > is no disenfranchising anyone if there is no manual backup (whatever > that > is). > > (b) Citing hacking is neither here nor there for a BVR/BVI system > because > it's not being accessed live during the voting. It's a static > database, > unique to the polling station, resident on the laptop used by the > clerks. > The only hacking that can be done then can only be by an "insider". > Quoting > Victor Kapiyo from Social Media, "*I guess it's a question of trust. > Trust > in systems and in trustworthy people to do the right thing. For > M-Pesa, > or > KCSE results, we trust both. For IEBC, I guess the jury is still > out*." > > The main issue is not allowing the dead voters to rise again to vote > in > the > presidential vote, then disappear. So the important component here is > the > BVR/BVI, the credibility of the register and hence the vote. > > At what point does the BVI system require this connectivity they are > talking about, which then necessitates the so called "manual backup"? > > Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in > supporting the lie from the CS?? > > There is insincerity in this whole debate about 'manual backup' and > the > ICT > community seems to either support it or is simply lost in the pool of > confusion being peddled by politicians. > > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254 7 3200 0004/+254 7 2274 3223 > "Oh, the cruft." >
Good qtns @Wash -shows you have read my post :-) Point1: Can we delink RTS from EVID?Yes we can. From the perspective of functionality, EVID does NOT need RTS to work and vice versa. However, from an audit perspective (e.g after potential rigging), the data in EVID can be compared to the data transmitted by RTS to identify ghost voters. Hence the symbiotic relationship - and the need for ensuring that at least one of these two systems MUST work. In cases where BOTH EVID and RTS fail, then voting exercise must be repeated since the exposure to rigging is far too high to the point where reliability of the results cannot be guaranteed as per the constitution (ref: secure, verifiable, transparent, accurate) In other words, we must accept that failure may occur, but we must also reject that failure will occur in totality. Where failure occurs in totality, we must be willing to repeat the process in the specific constituency/county/country. That is the cost of democracy. Point 2: Can EVID fail - Maliciously or otherwise?True you dont need 3G/Satellite systems for the EVID component since it is simply comparing your fingerprint at the point of voting, to the fingerprint you digitally supplied at the point of biometric voter registration (BVR). However, failure can occur in what we call false positives or false negatives arising from environmental conditions rather than technical (battery failure etc). Humidity, dust, temperature variations can make the fingerprint reader fail to recognise you (false negative). More advanced EVID can then identify you by your eyes (Iris), voice or other biometrics but I doubt the IEBC system will be this advanced. (btw: This is what CS Mucheru should have been talking about, not Alshabaabs ;-) Solution: allow for manual identification - ON CONDITION that the RTS will work within reasonable time . We must set time frames within which RTS should work, it cannot be acceptable that it works, 1, 2 or 3days later since this defeats the whole essence of RTS, which is to provide randomness in the elections results; making it difficult for parties to do the mathematics needed to pass the magic 50%+1. This mathematics only happens when their is a pause or stability in the results being released. Point3: CORD insisting on pure electronic system vs Jubilee insisting on manual system.Whereas electronic systems reduces chances of manipulation, CORD stubbornly refuses to appreciate Point2 above, which is that e-systems can fail. Jubilee on the other hand stubbornly refuses to accept that manual systems introduced are open to manipulation. There must be a middle ground that allows for failure, without necessarily allowing for rigging. Both sides do not want to spend time on that agenda. How to plan for failure, while reducing chances of rigging. Point4: VSAT technology?Ofcourse VSAT can work. Even if Alshabaab blew up the GSM masts, we can still transmit results via VSAT/satellite phones. Last time I checked, terrorists do not yet have technology or grenades that can blow out and bring down satellites from the skies. walu. From: Odhiambo Washington via kictanet <kictanet@lists.kictanet.or.ke> To: jwalu@yahoo.com Cc: Odhiambo Washington <odhiambo@gmail.com> Sent: Friday, December 30, 2016 9:14 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Walu, I read your views, but I have one or two observations:You say "Conversely, if the RTS fails but the BVR and EVID work perfectly, there should be less cause for alarm. Essentially, the three subsystems have a symbiotic relationship that can be used to validate or cross-check each other." => I do not clearly get the symbiotic relationship between the three systems as far as the main issues of contention (EVID) are concerned.If the systems are interconnected, then, looking at it from an SQL perspective, the RTS system borrows only one column from the BVR tables - Total Registered Voters in a particular Constituency, which I believe is just a factor for cross-checking the results (reminds me of Tiaty saga).However, this isn't necessarily part of the critical system that is supposed to stop dead voters from resurrecting and voting! I therefore think that we can mentally (or even practically de-link the RTS from the EVID to stop this insistence on connectivity, which gives birth to the "manual backup", no? You say "Sometime the failure is maliciously engineered, while other times it is a reflection of the genuine weakness inherent within man-made systems." ==> With specific reference to EVID, I am of the opinion that it is pretty easy to mitigate failure of the system by having 3 sets of the system, which is affordable. That would address the "technical failure", but not a human/maliciously engineered failure, because the humans can kill the three or even all of the equipment. If they do this (corrupt the static DB - as that is the only show-stopper), then really, there should be no voting. I hope that doesn't happen. We still don't need 3G/4G/VSAT for this. You say "So Cord, just as prescribed for Jubilee, should be discussing what level of electronic failure is acceptable, beyond which the results can no longer be acceptable given the potential exposure to manipulation that would arise from the manual alternatives." ==> Jubilee are advancing/contemplating the imaginary failure of connectivity occasioned either by absence/failure of fast network (3G/VSAT) or Al Shaabab knocking off what is there. This is more like making a nightmare a reality instead of the dream that it is. CORD is insisting that EVID should be used without the option of the "manual backup" and we all know that EVID doesn't require this connectivity, which supports the CORD argument. You say "On the other hand, electronic voter identification (EVID) and the results transmission system (RTS) are quite time-sensitive. If they failed, manual intervention may be the only option available" ==> I still insist that EVID has very little to do with RTS. EVID is being used statically. The equipment, at most, has the constituency register, not the whole national register, and at the least, has just the registration/polling centre register. RTS is a system that kicks in later, once EVID has completed its role. RTS waits for data from humans - clerks/agents/presiding/returning officers. They can all congregate at the County HQ and send this data. Most County HQ have 3G. If they don't, VSAT is something that can be set up in less than 1 hour! Your other view go well with issue about addressing possible failures, but in no way support the "Manual Backup" for EVID. This manual backup thing is a red herring, visible immediately you de-link connectivity from the debate. Which brings me to your conclusion: "So who is right and who is wrong? Unfortunately, both sides are right and at the same time, very wrong." ==> That's because we are not there to talk to them and enlighten them. Hey, doesn't Jubilee/CORD have ICT experts in their stables/secretariats though?? :-) On 30 December 2016 at 19:55, Walubengo J via kictanet <kictanet@lists.kictanet.or.ke> wrote: @Barrack, My views and solutions were shared ealier. But just incase listers did not read or have questions, you can find them here. WALUBENGO: On electronic polling, both Cord and Jubilee are | | | | | | | | | | | WALUBENGO: On electronic polling, both Cord and Jubilee are Nothing stops the opposition from abusing a failed system, but the incumbent always has an upper hand | | | | walu. From: Barrack Otieno via kictanet <kictanet@lists.kictanet.or.ke > To: jwalu@yahoo.com Cc: Barrack Otieno <otieno.barrack@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Sent: Friday, December 30, 2016 6:26 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Dear all, In the meantime, we encourage all of you to raise the substantive issues you have the way Washington and other colleagues have done. We have started collating the views for submission to the Senate next week. Best Regards and wishes for the new year On 12/30/16, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke > wrote:
Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/ internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet < kictanet@lists.kictanet.or.ke> :
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------ *From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke > *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards, Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Collins,
Very good dissection.
The only areas that require IT are 1, 2, 4, 5. 1 has already happened.
For 2, 4, 5, why would a backup have to be manual? Manual has to be the last
resort. What worries / concerns me is how it seems that there is almost a
quick rush to use a manual system!
Case in point, for verification; all the polling data should be local, hence
on laptops at the polling station, if one laptop fails, then you can verify
with another. Probability of say 5 laptops failing in a single polling station
at the same time is close to nil, unless direct sabotage.
On transmission, if Safaricom fails, use Airtel, if Airtel fails use Orange,
if Orange fails, use Satlink. All you need is to have 3 Phones with various
SIM Cards and you good. If no network coverage, get Thuraya!
On most modern systems that we use and that provide for the fabled five 9s
(99.999%) uptime, there is never an option of a manual backup.
Or is there a manual backup for MPESA? Anyone here whose bank has a manual
backup? Does KRA have a manual backup for iTax?
There is still 6+ months to the Election date, enough time to QA the IEBC's
systems.
Regards
On Dec 30 2016, at 6:09 pm, Collins Areba via kictanet
<kictanet@lists.kictanet.or.ke> wrote:
> Let's dissect the problem into pieces.
>
> 1: voter registration: collecting details, photos and fingerprints.
(Multiple data types)
>
>
>
> 2: verification: ascertaining that registered persons are in the system, and
dead / expired ones are removed from the system. (Boolean: yes / No)
>
>
>
> 3: voting: choosing from one of several options.
>
>
>
> 4: tallying : counting the choices at the polling stations and recording the
results on paper or device.
>
>
>
> 5: transmission: sending this information to regional and national tallying
centers.
>
>
>
> Maybe the good CS can explain how al shabbat can disable IT solutions so
much that manual "backups" would suffice.
>
>
>
>
>
>
>
> On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet"
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)> wrote:
>
>> Thank you Wash for initiating the discussion. I also wondered whether a
complimentary system was used in voter registration and where this system
resides.
>>
>>
>>
>> I remember a quote by the IEBC CEO during the Kenya IGF where he stated
that being a Republic based on democracy, we have made elections the only
means to access power. [https://livestream.com/internetsociety2/kigf](https:/
/livestream.com/internetsociety2/kigf)
>>
>> He recalled the use of tech in the 2010 Referendum, 2013 elections and the
various by-elections that have taken place. In the Referendum and most by-
elections, there was not much contest about use of technology while for 2013
some issues were raised- these included multiple registers, voter
impersonation and transparency.
>>
>> The tech community has an important role to play in demystifying some of
these concepts.
>>
>> a) The wording of the amendment read "complimentary mechanism for
identification of voters". It has now been expanded to include transmission of
election results "where technology deployed initially fails". What would this
mean, in the case of identification of voters and in the case of transmission
of results? What complimentary systems were envisaged here? "Manual backup?"
The ambiguity in the wording is a challenge as it leaves too room for
interpretation in a system of high contests.
>>
>>
>>
>> b) The mischief that technology was meant to cure in elections management
was among others allegations of voter impersonation and transparency in
management of elections. Tech is therefore supposed to achieve simplicity,
accuracy, verifiablilty, security, accountability and transparency. Is the
conversation about a " complimentary" system a necessary one at this stage?
>>
>>
>>
>> Outside of the amendment, has anyone come across the data that CA presented
on network coverage in the counties? A visualisation of that data besides the
polling stations would be useful in helping us identify the specific polling
stations/tallying centres that are not covered. I am asking this because the
presenters spoke of areas not covered by network as opposed to polling
stations/tallying centres not covered.
>>
>>
>>
>> Raha tupate na ustawi
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> 2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)>:
>>
>>> I agree. We should put together our submissions as the ICT community and
present the same to bunge.
>>>
>>>
>>>
>>> Victor
>>>
>>>
>>>
>>> On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet"
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)> wrote:
>>>
>>>> Thanks Walu, it's time for us to stand up. Let's demystify this tech.
>>>>
>>>>
>>>>
>>>> On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet"
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)> wrote:
>>>>
>>>>> I think this is an opportunity for the ICT fraternity to take up the
challenge and demystify electronic systems in elections. I believe this forum
has the most neutral platform where the media, academia, operators,
regulators, government, legal and other interested parties can brainstorm on
this.
>>>>>
>>>>>
>>>>>
>>>>> I propose that early in the year, a face-2-face roundtable TV /Radio
broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at
Strath University (CPIT are you there?).
>>>>>
>>>>>
>>>>>
>>>>> A lot has been written on the issue of electronic systems in elections
but seems nobody READS, least of all politicians from both sides of the
divide. I can imagine a cast of the following:
>>>>>
>>>>>
>>>>>
>>>>> IEBC: CEO or Rep?
>>>>>
>>>>> Regulator: CEO or Rep?
>>>>>
>>>>> Operator: Safcom/Airtel/Telkom?
>>>>>
>>>>> ICT Min: Minister or rep?
>>>>>
>>>>> Academia: MMU/Strath/UoN/?
>>>>>
>>>>> Political Party: Jubilee+CORD Rep?
>>>>>
>>>>> Moderator &Broadcaster: Media (Citizen, NTV,KTN)
>>>>>
>>>>> Convenor: KICTAnet -GG are you back from holiday?
>>>>>
>>>>> Sponsors: Anyone?
>>>>>
>>>>>
>>>>>
>>>>> If we do not hijack this ICT conversation, the politicians will run with
it in the wrong direction and we might find ourselves exactly where we were in
2007.
>>>>>
>>>>>
>>>>>
>>>>> walu.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> * * *
>>>>>
>>>>> **From:** JImmy Gitonga via kictanet
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)>
**To:** [jwalu@yahoo.com](mailto:jwalu@yahoo.com)
**Cc:** JImmy Gitonga <[jimmygitts@gmail.com](mailto:jimmygitts@gmail.com)>
**Sent:** Friday, December 30, 2016 1:14 PM
**Subject:** Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
>>>>>
>>>>>
>>>>>
>>>>> Thank you Odhiambo Washington,
>>>>>
>>>>>
>>>>>
>>>>> I have the same concerns myself. I reached the conclusion that it would
be nice if "ICT Experts" could lay their hands on a BVI machine as well as a
and show the rest of us what the problem really is. The ERT issue is a red
herring. It has worked flawlessly in the bi-elections that have happened ever
since. With PKI and 2 factor authentication, this can be solved for election
day.
>>>>>
>>>>>
>>>>>
>>>>> I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call
it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin
to be asked by their family or neighbours, what the issue really is. I, for
one, do not want to echo the CS's words.
>>>>>
>>>>>
>>>>>
>>>>> I think the CS and the PS should help us help them. Otherwise they will
be on their own when the political vultures come calling.
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> Jimmy Gitonga
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> Message: 4
Date: Fri, 30 Dec 2016 11:30:08 +0300
From: Odhiambo Washington <[odhiambo@gmail.com](mailto:odhiambo@gmail.com)>
To: Kictanet
<[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke) >
Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT
Honest
Message-ID:
<[CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com](mailto:CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com)>
Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am
quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided
the country down the middle: *Manual Backup* during the 2017 voting
process. From the Jubilee/govt side this is a do or die and so it must be
there. This govt side seems hell-bent on confusing the masses, as well as
the experts like the ICT Community. From the Opposition side, the agenda
seems to be very clear - that of ensuring integrity of the Voters Register
and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) /
BVI (Biometric Voter Identification).
Having been to a Voter Registration Centre (later to become a Polling
Station) to register as a voter, I did look at the equipment in use for the
registration process. I saw the laptop which was fitted with a camera and
fingerprints scanner. All these require power to run. I did not dwell on
how they were powered, but probably there was a battery backup somewhere
(besides the electricity) given that they needed to run for a whole day for
several days during the voter registration process. When it comes to the
Elections, they only need to run for about 11 hours. My point here is that
of *Backup Power* should it be that there's electricity blackout and the
built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the
equipment in use required any form of connectivity back to some central
server in order to function! Which now brings me to the currently national
debate - Manual Backup during the Poll Day. What is it? Was the CS honest
with his presentation before the Senate/Amos Wako committee yesterday? Does
the CS himself really believe in the content of his presentation? I am
asking that because I watched him and I don't believe him. I actually think
he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the
BVR/BVI does NOT require any form of connectivity and so this Manual Backup
being touted by the ruling coalition side, strongly supported by the ICT
CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a
manual backup during voter registration, it goes without saying that there
is NO NEED for on the polling day.*
1\. For the issue that is in contention - BVR (used for BVI during polling)
\- this is a database that can be (and should be) statically stored on the
equipment for each polling station. We are not supposed to rely on the
Mobile Network to access this voters database. And every polling station
can have two/three laptops/Biometrics scanner/Backup batteries to ensure
that the voter identification doesn't fail.
Some excuse has been fronted about some voters being mechanics, such that
their fingerprints wouldn't be recognized by the BVI systems hence need for
manual identification. My take on that is that every voter must carry their
voter's card on that day. The clerks can check that card number against the
electronic system - enter it, and it will bring the person's picture, ID
number, etc and let him cast his ballot.
2\. For electronics results transmission (ERT), this is not even necessary
in the first place. We can have the results collated/announced at the
tallying centres after being certified - forms 36A, and such. However, if
the ERT must be done, the data footprint is so tiny that a 2G network can
be used. Besides, it can be an SMS based system, which doesn't require 3G
or VSAT. The results data isn't that large - it can't be in Megabytes to be
sincere. Well, VSAT can be used if they MUST, but this is after the voting
process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to
believe. The ERT gets feedback from a manual process - of voters casting
their vote, clerks/agents counting, verifying, and certifying, filling
requisite forms then communicating the same via some customized phones
which are programmed to communicate to a backend system. Am I right on
that??
Now the big question here is, where do we need this much touted manual
backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base
stations seems like well thought out lie meant to cover our eyes! If they
attacked an area, I doubt there will be voting in the 1st place.
And even so, the network connectivity is not required for BVI so there
is no disenfranchising anyone if there is no manual backup (whatever that
is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because
it's not being accessed live during the voting. It's a static database,
unique to the polling station, resident on the laptop used by the clerks.
The only hacking that can be done then can only be by an "insider". Quoting
Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust
in systems and in trustworthy people to do the right thing. For M-Pesa, or
KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the
presidential vote, then disappear. So the important component here is the
BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are
talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in
supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT
community seems to either support it or is simply lost in the pool of
confusion being peddled by politicians.
\--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
\-------------- next part --------------
An HTML attachment was scrubbed...
URL: <[https://lists.kictanet.or.ke/ pipermail/kictanet/
attachments/20161230/4ba36a72/ attachment.html](https://lists.kictanet.or.ke/p
ipermail/kictanet/attachments/20161230/4ba36a72/attachment.html)>
>>>>>
>>>>>
_______________________________________________
kictanet mailing list
[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)
[https://lists.kictanet.or.ke/mailman/listinfo/kictanet](https://lists.kictane
t.or.ke/mailman/listinfo/kictanet)
Unsubscribe or change your options at [https://lists.kictanet.or.ke/mailman/op
tions/kictanet/jwalu%40yahoo.com](https://lists.kictanet.or.ke/mailman/options
/kictanet/jwalu%40yahoo.com)
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and regulation.
The network aims to act as a catalyst for reform in the ICT sector in support
of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online
that you follow in real life: respect people's times and bandwidth, share
knowledge, don't flame or abuse or personalize, respect privacy, do not spam,
do not market your wares or qualifications.
>>>>>
>>>>>
_______________________________________________
kictanet mailing list
[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)
[https://lists.kictanet.or.ke/mailman/listinfo/kictanet](https://lists.kictane
t.or.ke/mailman/listinfo/kictanet)
Unsubscribe or change your options at [https://lists.kictanet.or.ke/mailman/op
tions/kictanet/dmuthoni%40gmail.com](https://lists.kictanet.or.ke/mailman/opti
ons/kictanet/dmuthoni%40gmail.com)
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and regulation.
The network aims to act as a catalyst for reform in the ICT sector in support
of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online
that you follow in real life: respect people's times and bandwidth, share
knowledge, don't flame or abuse or personalize, respect privacy, do not spam,
do not market your wares or qualifications.
>>>>
>>>>
_______________________________________________
kictanet mailing list
[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)
[https://lists.kictanet.or.ke/mailman/listinfo/kictanet](https://lists.kictane
t.or.ke/mailman/listinfo/kictanet)
>>>>
>>>> Unsubscribe or change your options at [https://lists.kictanet.or.ke/mailm
an/options/kictanet/vkapiyo%40gmail.com](https://lists.kictanet.or.ke/mailman/
options/kictanet/vkapiyo%40gmail.com)
>>>>
>>>>
>>>>
>>>>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and regulation.
The network aims to act as a catalyst for reform in the ICT sector in support
of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online
that you follow in real life: respect people's times and bandwidth, share
knowledge, don't flame or abuse or personalize, respect privacy, do not spam,
do not market your wares or qualifications.
>>>
>>>
_______________________________________________
kictanet mailing list
[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)
[https://lists.kictanet.or.ke/mailman/listinfo/kictanet](https://lists.kictane
t.or.ke/mailman/listinfo/kictanet)
Unsubscribe or change your options at [https://lists.kictanet.or.ke/mailman/op
tions/kictanet/nmutungu%40gmail.com](https://lists.kictanet.or.ke/mailman/opti
ons/kictanet/nmutungu%40gmail.com)
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and regulation.
The network aims to act as a catalyst for reform in the ICT sector in support
of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online
that you follow in real life: respect people's times and bandwidth, share
knowledge, don't flame or abuse or personalize, respect privacy, do not spam,
do not market your wares or qualifications.
>>
>>
>>
>>
>>
>> \--
>>
>> Grace L.N. Mutung'u
Skype: gracebomu
Twitter: @Bomu
<[http://www.diplointernetgovernance.org/profile/GraceMutungu](http://www.dipl
ointernetgovernance.org/profile/GraceMutungu)>
>>
>>
>>
>> PGP ID : 0x33A3450F
>>
>>
_______________________________________________
kictanet mailing list
[kictanet@lists.kictanet.or.ke](mailto:kictanet@lists.kictanet.or.ke)
[https://lists.kictanet.or.ke/mailman/listinfo/kictanet](https://lists.kictane
t.or.ke/mailman/listinfo/kictanet)
Unsubscribe or change your options at [https://lists.kictanet.or.ke/mailman/op
tions/kictanet/arebacollins%40gmail.com](https://lists.kictanet.or.ke/mailman/
options/kictanet/arebacollins%40gmail.com)
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for
people and institutions interested and involved in ICT policy and regulation.
The network aims to act as a catalyst for reform in the ICT sector in support
of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online
that you follow in real life: respect people's times and bandwidth, share
knowledge, don't flame or abuse or personalize, respect privacy, do not spam,
do not market your wares or qualifications.
Listers, Allow me to share these wise words from a friend, Ben Ngumi Chege, who has had extensive on the field doing exactly this kind of work in more places than I can remember. Will paste the long text after the link in case its not visible to everyone. https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/1015... “Manual” vs “Electronic” Elections
BEN CHEGE <https://web.facebook.com/masukuma>·FRIDAY, 30 DECEMBER 2016 <https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/10154910551733923> Every 5 years Kenyans queue to vote, this is an exercise that we have engaged in passionately for as long as I can remember and when each round of elections is done and dusted we as a nation learn a couple of lessons which we then reuse in succeeding election cycles in an attempt to make them better. However, looking at the current debate on the use of technology and witnessing what is happening, I suspect that there might have been an important lesson to be learnt in the 2007-08 when compared to the 2013 election cycle that has been missed and this lesson is that Having consensus among all players beforehand regarding the electoral process generally leads to widespread acceptance of the results of the process. Electoral process should be seen as contests, where groups of people with various interests engage willingly in order to not only determine political representation but also wield the power of the state, and just like any reputable contest it has its rules. These rules are well known and understood by all players and are accepted from the onset. These rules are deterministic in that they are predictable and must be seen by all parties to be fair. For a country to have a credible election - we need everyone to feel like they have a chance in this contest since from the onset the rules of the game do not favour their opponent(s). In 2007 ODM did not agree to the way the commissioners were picked after the terms of some expired as they felt it contravened the IPPG agreement and after the contest was done they did not accept the results announced by the commission. When the same commission asked them they refused! We all remember the situation the country found itself after the opposition refused to engage in a process they felt was flawed and disadvantageous to them. The 2017 election process is slowly mirroring the 2007 pre-election period especially when it comes to the role of technology on voting day. We are witnessing an emotive debate regarding the use of technology and the disregard of the voices of political players who hold contrary opinions. If lessons from the past hold true, this threatens the expectation of a peaceful electoral process and at the very least a credible one. On voting day there are 4 core activities that happen within a polling station, these are: 1) Voter identification/Verification – this answers the question – “Are you registered to vote in this polling station?” 2) Voting by secret ballot – you are given a ballot paper and then you mark it in secret and the cast the said ballot into a transparent ballot box. 3) Counting of results and declaration – counting of all votes cast in the polling station for each race and the declaration of the votes cast in favour of each candidate. 4) Results transmission – forwarding these results to the next level namely the constituency tally center for “tallying” and dispute resolution just in case there were any. The “Manual” vs “Electronic” debate is really touching on activities 1) and 4) and therefore at the core of this debate are 2 questions namely: 1) Can we solely verify/identify voters electronically using biometrics that they submitted? 2) Can we solely transmit results to the next level using electronic means? Fortunately, these two are not really new initiatives as the IEBC has been using technology in these two areas over the last 4 years. No one doubts the credibility boost that well executed technology has on elections. An example of this is the by-election in Kibwezi West where the winner won the race by the narrowest of margins - a paltry 175 votes and the loser did not file a petition challenging the results. This was unheard of in previous elections. Why then do we have a debate around it? Previously, the use of technology was not explicitly dictated by the Elections Act but rather the stipulation to use one form of it was found in regulations. Until now the official Electoral process has been manual where technology had been added for efficiency and confidence building. The latest Election Amendment Act 2016 has raised the profile of the said technologies from just being tools to be used in boosting confidence to be the exclusive means of conducting voter identification and results transmission. They say once stung – twice shy and thus it’s understandable that the IEBC is jittery in embracing technology full throttle without a fallback especially because it had technology failures in the said areas during the 2013 General elections. Technology is playing an increasing role in our lives and for us to move forward on the electoral field - I feel that this discussion needs to be informed by a mindset from big technology companies have when it comes to failure. Companies like Google, Yahoo and Facebook plan for failure more than they plan for success. They have a culture that says “failure is OK”, a culture where people are encouraged to ask: 1) What do we do if our technology fails? 2) How do we continue fulfilling our core business that is serving our customers and users when the systems around us fail? So as Kenyans we need to ask ourselves the same set of questions and ask how it affects the core business of elections. But for that to happen we need to synthesize what our core business on election day is. It’s said that “Election Day is still the one day when we strive to give equal voice to every eligible voter; the day when the woman working in the market stall has as much of a say as any wealthy banker, and the illiterate menial laborer has a voice that speaks as eloquently as any university professor. It is our shared responsibility to strive for processes and systems that ensure that every voter is given the opportunity to make their will known, and that every vote is counted.” If we agree that this is the core business of elections and everything on election day must support this, we should ask ourselves a couple of questions, namely: 1) What happens WHEN we place a piece of technology as a prerequisite to the recording of this voice and the said technology fails and thus affects the “core business”? What are the fallbacks available to us? 2) Since this is a contest, which out of the array of fallbacks available is most acceptable to all players? The issues around the failure of technology have been well documented. The IEBC conducted an internal audit of the March 2013 election and rather candidly highlighted these failures. I will try and address them and possibly give recommendations in question form that should advise our choice of an acceptable fallback or perhaps a list of fallbacks to be executed in when certain scenarios playout. When it came to the identification of voters electronically, the issues fell broadly into 3 categories namely: 1) Technology problems – some voters could not be found on some EVIDs but were present on the manual register. Some devices run out of power, some even exploded during charging 2) Procurement problems – getting the wrong device because procurement requirements were not met. 3) Rollout problems – some devices were not charged, insufficient training due to late delivery and lack of manuals e.t.c. With proper planning and time to go through the procurement procedures most of these can be sorted out. The new Elections amendment act stipulates that the IEBC should have procured and set in place technology 8 months to an election and then have it tested 60 days to an election. Even with this in place some of the problems categorized as “Technology problems” may not disappear or may only manifest themselves on polling day. In order to address them we need to ask ourselves what are the real risk factors related to technology? If the approach to voter verification is similar to what was employed in 2013 – then the disruption of telecommunication is not a potential failure point – why? The devices were self-contained – the register was loaded on the device and thus the device really had no need to communicate with external systems after rollout. If this is the model envisaged in the new KIEMs Rollout – we should not concern ourselves with telecommunication availability in the matters of voter verification. What should concern us is the issue of availability of power as the devices will be constantly in use throughout the day. The devices used for verification conduct a one-to-one match of voters against their biometrics – computationally – it can be a costly affair especially if a potential voter has to submit multiple fingers to get identified if one fails and so we need to have devices that can work for 18 hours or have capability to accept external power in the form of portable power cells. Can the software be written in such a way that it alerts the users well beforehand that it has X number of hours of charge left and that the clerks at the polling station need to make arrangement to keep the electronic means working? Ghana deployed a solution that utilized dry cells and they put in place an operational plan to replace them within 4 hours. The issue of some voters not being found on the EVIDs yet being found on the manual roll was puzzling, this may be aggravated in 2017 this is because the bulk of the current set of fingerprints were collected in 2013 and it will not be farfetched to expect that the quality of fingerprints submitted for verification in this election cycle by an eligible voter who work with their hands to be lower and thus this may require multiple passes. The current setup is one which a subset of the fingerprints collected is used to verify voters electronically. If we are to go full throttle – we will need to ensure that all fingerprints are available for matching on polling day to increase the chances of matching. An exercise to get fingerprints resubmitted for persons who fall in this category and also for all those that had their biometrics lost during the mass registration drive when BVR machines crashed and did not have backed up properly. Another reason that could explain why some voters were not found on the EVIDs and were found on the printed register is data corruption during copying polling station data into the SD cards that the devices used. How can we ensure that databases are not corrupted during saving into the machines? I propose that each device should have a way of hashing a file and checking the hash against a verified hash of a working copy and where it differs transferring data to this device should be repeated. Backups of these registers on verified SD cards should also accompany each EVID to the field. We should explore how to keep the logs of the persons who have voted safe when devices get technology issues. There is also an inconvenient reality that in any given population there will always be some persons whose fingerprints are difficult or impossible to capture or verify. This raises a fundamental ideological question of whether a person should be disenfranchised because of limitations of a technology. The issues around the provisional transmission of results were also well documented, these also fell into 3 broad categories namely: 1) Technology problems – the server’s well documented issue with system logs and it running out of space due to server misconfiguration; The failover issues that followed this. Network coverage issues; Erroneous display of tallied votes due to late integration and limited retesting. 2) Procurement/Acquisition problems – there was no time to really develop the transmission application. 3) Rollout problems – late delivery of phones and specially configured simcards; issues with user credentials; versioning issues between server and phone; Lack of proper training. As with electronic voter identification, most of these can be sorted out with proper planning and following procedures, why do I say so? the IEBC has transmitted 100% of the results from all the by-elections that it has conducted since 2013. While in terms of scale these by-elections pale when compared to the general election, it’s my considered opinion that there have been numerous lessons learnt – these can be documented and used to inform the training and rollout process. What should happen in the event that result transmission fails for whatever reason? The IEBC still needs to have a fallback for electronic results transmission. Can some other technology offer a fallback? e.g. If results transmission from a primary device fails, should we have an electronic fallback using a different technology? Can the current election transmission system be used as a backup of whatever fancy results transmission system the IEBC procures? The IEBC has used satellite phones with success to transmit results for the Kalolol and Mosiro by-elections, why can this be used as a fallback on the telecommunication side. I think we can have all these fallbacks in place and these would be totally acceptable to all stakeholders. These questions are by no means comprehensive but should act as a starting point in deciding what the fallback(s) should be and when to fallback. It has always been my opinion that leaving the determination of important electoral matters at the polling station level to the discretion of people there without a trail of documentation that guides their decision making and a trail of accountability to why they took the action they did exposes the election operation to credibility questions. In 2012 Ghana went into their election with the NVNV (No [biometric] Verification, No Voting) mantra and they had to extend the voting period and also had many people disenfranchised because of the inadequacies of the technology they rolled out. In 2015 they rolled back and then introduced a manual verification fallback. The manual verification process required the presiding officer fill a manual verification form for each voter who is manually verified. The only way we can come up with this list of scenarios is if we carried out a proper and candid risk assessment and management process. This process should inform the IEBC on what to do to ensure that the “core business” on election day remains unaffected. From my perspective, human beings should always play the role of final "exception handlers" to ensure that during electronic voter identification no voter is ever disenfranchised by technology malfunction or it’s limitation. Indeed, if the electoral process must err, then it must err on the side of inclusion. However, these errors must be accounted for and thus the most appropriate role of technology is to ensure a level of transparency and accountability that allows for review of any of those human decisions on how to handle exceptions. As noted earlier on this paper, the process used for verification involves a one-to-one match of voters against their biometrics. The voter gets his ID No. captured by the verification device in a bid to ‘identify’ them and once their records are loaded on the screen of the device an additional fingerprint scan is required to ‘verify’ this person. i.e. answering the question – are you really the person who you claim to be? So, for example, if the validation device is unable to verify the fingerprint of a voter who the presiding officer knows or strongly believes to be a legitimate voter, and his/her particulars are on the voter register, the presiding officer should have the authority to override the device and allow the person to vote. In order to trigger the manual verification process, the presiding officer should collect as much information about the person being excluded from being electronically verified as possible. This information should include a photo of this person and the Serial Number not ID No. found on their National Identity card. Manual verification should not be misconstrued to mean manual verification using the physically printed out register or green books. This process should be endorsed by all party agents present at the polling station. It is important to have this information both in physical and electronic form. At the end of the day, any final reconciliation should include the number of decisions the presiding officer made contrary to the technology. This allows for review of the decisions of the presiding officer, and provides a deterrent since that officer knows that there will be an accounting of how many decisions he made of this nature. It also allows for reporting on anomalies where a polling station or ward has an inordinately high number of human exceptions. This information can be transmitted periodically so that during the course of the day to all stakeholders and thus all players are able to identify polling stations that have inordinately high numbers of human exceptions and vigilance can be increased to ensure only legitimate cases are excluded from electronic verification. Once this discussion has been held and we have a product that this has the blessing of all players contesting in the election. When accepted by all stakeholders the post-election process of massaging bruised egos and selling peace i.e. the 'accept and move on' message will be much easier.
I'm glad issues of Internet Governance that we have been advanced on this list for the past 5 years have come to bear, and were discussed at some level at the Senate committee, but not with any depth deserving the gravity of the situation we find ourselves in. Some questions about Access that cropped up were; 1. "Why has CA not utilised USF to fill the gap where there is no coverage in the country? " - Senator Mutua Kilonzo 2. When will there be full 3G coverage in Kenya? 3. What is the state of last mile connectivity of NOFBI to all counties? Some important statistics that came out from CA were that 94% of the country has 2G coverage, but 164 locations in the country do not have voice or data. I'm not sure what is the meaning of "locations". It was noted that CA sent the HR manager Juma Kandie to answer IT questions. It seems IT is not Rocket Science after all, but it goes to show the depth of the answers Senate got. The Chair of The Universal Service Advisory Council (USAC), Catherine Ngahu sough to answer some of the questions on USF: She said the fund has not been used but 2.3billion will be used to cover unserved locations in 2017. She said that operators have refused to bid to covers some areas using those funds. That those areas are also unserved by other infrastructure like roads, and security. But she also said USF have tendered for the locations not covered, and awarded for 78 location out of the 164. I would like a clarification from CA what is ment by "awarded". The USAC board should table these documents. Also, this figure 164 is different from 214 that CA shared with the list in April 2016. *Catherine also said "By 2017, it is possible the funds will have covered all areas".* With this last statement, I wish her word is her bond. All that said, CA gave us an update on USF in April 2016 ; viz below </END>
Alwala, Rachel via kictanet <kictanet@lists.kictanet.or.ke> [image: Attachments]19 Apr to *Rachel*, Mwendwa Dear Listers,
We appreciate the engagement and wish to provide the following clarifications regarding the Universal Service Fund. >Please note that this is based on the questions raised and additional information for your understanding.
The Authority within the current FY 2015/16 contracted Intelecon Research Ltd of Canada to undertake an ICT Access Gaps Study whose objectives were: • To engage the industry and other stakeholders / service providers to identify the gaps in the ICTs service provision. • Conduct an in-depth analysis of communication services in the country and map out access gaps in voice, data, broadcasting and postal &courier services at sub-location level across all counties in Kenya. • To support implementation of initial USF network expansion projects, grouping gap areas and special projects (e.g. schools connectivity) into optimal lots for purposes of tendering. • Develop an interactive portal for regular updates and definition of the gaps for each service area giving GPS coordinates for selected USF clusters and other socio-economic characteristics. • Develop a 5 year USF Implementation Strategy based on projected funding • Review the existing Operational Manual with a view of aligning it with relevant internal procedures of the Authority and procurement legislations. *The progress made To-date* • The consultants have delivered an acceptable Final Access Gaps report herewith attached; Developed an interactive portal for regular updates by the Authority; Are currently reviewing the USF Operating Manual and thereafter develop the 5 year USF Implementation Strategy.
From the objectives of the ICT Gaps Study, it is clear the survey did not focus on the need to increase the USF levy amount neither did the study audit the use of USF funds.
It should further be noted that even though the Act that created USF came into being in 2009, it was not until in the FY 2013/14 that the Authority issued the first USF invoices. As it awaited the legal framework to be in place and fully operationlize the Fund, the Authority undertook a number ofpreparatory activities for the implementation of USF. These include: · Carrying out a number of studies to guide the implementation of the Fund, these included the 1st National ICT Survey (2010/2011) and the ICT Access Gaps Study (2011); The Internet Market Study; the 2nd National ICT Survey (2016) targeting Public Sector and Business Enterprises covering all the 47 counties in Kenya. The National ICT Survey has been undertaken in conjunction with the Kenya National Bureau of Statistics (KNBS) with the objective of; establishing ownership, access and usage of ICTs in enterprises; measuring the use and access ofICTs by Government employees; measuring availability of ICTs in enterprises and public sector institutions; measuring supply of e-Government services to citizens in Kenya and compute the e-Government development index. The data capture for the Public Sector and Business Enterprises has just been concluded and a report will be shared with stakeholders. - The Authority also Implemented a number of Universal Access (UA) pilot projects whose lessons are instrumental in the implementation of USF projects. The pilot projects include: 16 ICT Centers in Secondary Schools (2 in each province), 4 Community Centers, 8 ICT Centers schools for PWDs (covering all secondary schools for PwDs in Kenya), 56 e-Resource Centers within the Kenya National Library Service outlets, E-health Project (implemented in collaboration with the Ministry of Health and Qualcomm Inc), Content Development that include the Digitization of the Kenya Certificate of Secondary School (KCSE) Form I and II curriculum by Kenya Institute ofCurriculum Development (KICD); developed a Web Portal for Persons With Disabilities (in partnership with the National Council for Persons with Disabilities and United Disabled Persons of Kenya(NCPWD); supported the development of National Broadband Strategy (2012) with technical support from USAID’s Global Broadband Innovation (GBI) programme. A number of stakeholders supported the development of the National Broadband Strategy (NBS). These included the Ministry of Information Communications and Technology, the ICT Authority, the then E-Government Directorate, Vision 2030 Secretariat and National Communications Secretariat and other stakeholders. This strategy is important in the realization of universal access to broadband services in Kenya. These projects have been fully funded by the Authority. Universal Service Fund (USF) kitty has accumulated KES. 2.94 Billion from remittances by licensees while the Authority has contributed KES 1 Billion seed money to the fund putting the total collections at KES giving total collections to date at KES. 3.94 Billion. The Access Gaps Study Report (attached) has identified basic services and broadband gaps as the two priorities for USFinvestment in the FY 2016/17: - Infrastructure Projects: Closing the voice gaps in the identified 214 sub-locations. This will reduce the population coverage gap from 5.6% of the population to around half (2.8%) by 2018. The USF distributes Funds through subsidies. Since USF subsidies will be distributed on a progressive basis as the awarded Lots are implemented, it is not expected that the USF will distribute more than 67% of the awards made in the first fiscal year of operation (2016/17), thus the final amount distributed in 2016/17 on the voice service project will be approximately US$ 10 M (KES 1 billion). - Broadband Connectivity in Secondary Schools in Kenya. The cost of braodband connectivity is estimated at KES. 500M. These priority projects shall be implemented under the accepted guidelines of the USF and the existing procurement laws in Kenya which stress on transparency and competition in the distribution of funds. *USF Projects Implementation Plan* The Schools Connectivity project will be designed to run in parallel with the ICT Infrastructure (Voice) Project. The schedule of USF implementation is as follows; - Project Design Report (scheduled for 27th May 2016) - Industry Workshop in the first week of June 2016. - Bidding Documents will be available at end of June 2016. - Awards of tender are expected to be made by early November 2016. - Implementation of the USF projects 2017 Kindly note that the Authority is the secretariat to the Univeral Service Advisory Council (USAC) and can provide any information required. The CA website is updated with news items, publications, so make effort to equally follow us on online platforms and achievements to date. Lastly, we wish to clarify that the Universal Service Levy imposed under section 84J (3) of the Act is to be charged on all licensees offering communication systems and services on a commercial basis. The Act provides for the Levy charged on licensees at an amount not exceeding one percent (1%) of the gross revenue of a licensee. However, the Authority's Board settled on 0.5% after due consultation with the industry. At no point has the Authority considered increasing the levy amount since the ICT voice gaps has considerably reduced to 5.6%. Any changes in the percentage of contribution will be subjected to industry consultations. Hope this gives you some insights that are helpful. Regards, Rachel Alwala Assistant Director/Communications and External Affairs Communications Authority of Kenya PO Box 14448 Nairobi 00800 Tel: +254 703 042000 Email: alwala@ca.go.ke Website: www.ca.go.ke ______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh On 31 December 2016 at 14:18, Collins Areba via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Listers, Allow me to share these wise words from a friend, Ben Ngumi Chege, who has had extensive on the field doing exactly this kind of work in more places than I can remember. Will paste the long text after the link in case its not visible to everyone.
https://web.facebook.com/notes/ben-chege/manual-vs-electroni c-elections/10154910551733923?__mref=message_bubble
“Manual” vs “Electronic” Elections
BEN CHEGE <https://web.facebook.com/masukuma>·FRIDAY, 30 DECEMBER 2016 <https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/10154910551733923> Every 5 years Kenyans queue to vote, this is an exercise that we have engaged in passionately for as long as I can remember and when each round of elections is done and dusted we as a nation learn a couple of lessons which we then reuse in succeeding election cycles in an attempt to make them better. However, looking at the current debate on the use of technology and witnessing what is happening, I suspect that there might have been an important lesson to be learnt in the 2007-08 when compared to the 2013 election cycle that has been missed and this lesson is that Having consensus among all players beforehand regarding the electoral process generally leads to widespread acceptance of the results of the process. Electoral process should be seen as contests, where groups of people with various interests engage willingly in order to not only determine political representation but also wield the power of the state, and just like any reputable contest it has its rules. These rules are well known and understood by all players and are accepted from the onset. These rules are deterministic in that they are predictable and must be seen by all parties to be fair. For a country to have a credible election - we need everyone to feel like they have a chance in this contest since from the onset the rules of the game do not favour their opponent(s). In 2007 ODM did not agree to the way the commissioners were picked after the terms of some expired as they felt it contravened the IPPG agreement and after the contest was done they did not accept the results announced by the commission. When the same commission asked them they refused! We all remember the situation the country found itself after the opposition refused to engage in a process they felt was flawed and disadvantageous to them. The 2017 election process is slowly mirroring the 2007 pre-election period especially when it comes to the role of technology on voting day. We are witnessing an emotive debate regarding the use of technology and the disregard of the voices of political players who hold contrary opinions. If lessons from the past hold true, this threatens the expectation of a peaceful electoral process and at the very least a credible one. On voting day there are 4 core activities that happen within a polling station, these are: 1) Voter identification/Verification – this answers the question – “Are you registered to vote in this polling station?” 2) Voting by secret ballot – you are given a ballot paper and then you mark it in secret and the cast the said ballot into a transparent ballot box. 3) Counting of results and declaration – counting of all votes cast in the polling station for each race and the declaration of the votes cast in favour of each candidate. 4) Results transmission – forwarding these results to the next level namely the constituency tally center for “tallying” and dispute resolution just in case there were any. The “Manual” vs “Electronic” debate is really touching on activities 1) and 4) and therefore at the core of this debate are 2 questions namely: 1) Can we solely verify/identify voters electronically using biometrics that they submitted? 2) Can we solely transmit results to the next level using electronic means? Fortunately, these two are not really new initiatives as the IEBC has been using technology in these two areas over the last 4 years. No one doubts the credibility boost that well executed technology has on elections. An example of this is the by-election in Kibwezi West where the winner won the race by the narrowest of margins - a paltry 175 votes and the loser did not file a petition challenging the results. This was unheard of in previous elections. Why then do we have a debate around it? Previously, the use of technology was not explicitly dictated by the Elections Act but rather the stipulation to use one form of it was found in regulations. Until now the official Electoral process has been manual where technology had been added for efficiency and confidence building. The latest Election Amendment Act 2016 has raised the profile of the said technologies from just being tools to be used in boosting confidence to be the exclusive means of conducting voter identification and results transmission. They say once stung – twice shy and thus it’s understandable that the IEBC is jittery in embracing technology full throttle without a fallback especially because it had technology failures in the said areas during the 2013 General elections. Technology is playing an increasing role in our lives and for us to move forward on the electoral field - I feel that this discussion needs to be informed by a mindset from big technology companies have when it comes to failure. Companies like Google, Yahoo and Facebook plan for failure more than they plan for success. They have a culture that says “failure is OK”, a culture where people are encouraged to ask: 1) What do we do if our technology fails? 2) How do we continue fulfilling our core business that is serving our customers and users when the systems around us fail? So as Kenyans we need to ask ourselves the same set of questions and ask how it affects the core business of elections. But for that to happen we need to synthesize what our core business on election day is. It’s said that “Election Day is still the one day when we strive to give equal voice to every eligible voter; the day when the woman working in the market stall has as much of a say as any wealthy banker, and the illiterate menial laborer has a voice that speaks as eloquently as any university professor. It is our shared responsibility to strive for processes and systems that ensure that every voter is given the opportunity to make their will known, and that every vote is counted.” If we agree that this is the core business of elections and everything on election day must support this, we should ask ourselves a couple of questions, namely: 1) What happens WHEN we place a piece of technology as a prerequisite to the recording of this voice and the said technology fails and thus affects the “core business”? What are the fallbacks available to us? 2) Since this is a contest, which out of the array of fallbacks available is most acceptable to all players? The issues around the failure of technology have been well documented. The IEBC conducted an internal audit of the March 2013 election and rather candidly highlighted these failures. I will try and address them and possibly give recommendations in question form that should advise our choice of an acceptable fallback or perhaps a list of fallbacks to be executed in when certain scenarios playout. When it came to the identification of voters electronically, the issues fell broadly into 3 categories namely: 1) Technology problems – some voters could not be found on some EVIDs but were present on the manual register. Some devices run out of power, some even exploded during charging 2) Procurement problems – getting the wrong device because procurement requirements were not met. 3) Rollout problems – some devices were not charged, insufficient training due to late delivery and lack of manuals e.t.c. With proper planning and time to go through the procurement procedures most of these can be sorted out. The new Elections amendment act stipulates that the IEBC should have procured and set in place technology 8 months to an election and then have it tested 60 days to an election. Even with this in place some of the problems categorized as “Technology problems” may not disappear or may only manifest themselves on polling day. In order to address them we need to ask ourselves what are the real risk factors related to technology? If the approach to voter verification is similar to what was employed in 2013 – then the disruption of telecommunication is not a potential failure point – why? The devices were self-contained – the register was loaded on the device and thus the device really had no need to communicate with external systems after rollout. If this is the model envisaged in the new KIEMs Rollout – we should not concern ourselves with telecommunication availability in the matters of voter verification. What should concern us is the issue of availability of power as the devices will be constantly in use throughout the day. The devices used for verification conduct a one-to-one match of voters against their biometrics – computationally – it can be a costly affair especially if a potential voter has to submit multiple fingers to get identified if one fails and so we need to have devices that can work for 18 hours or have capability to accept external power in the form of portable power cells. Can the software be written in such a way that it alerts the users well beforehand that it has X number of hours of charge left and that the clerks at the polling station need to make arrangement to keep the electronic means working? Ghana deployed a solution that utilized dry cells and they put in place an operational plan to replace them within 4 hours. The issue of some voters not being found on the EVIDs yet being found on the manual roll was puzzling, this may be aggravated in 2017 this is because the bulk of the current set of fingerprints were collected in 2013 and it will not be farfetched to expect that the quality of fingerprints submitted for verification in this election cycle by an eligible voter who work with their hands to be lower and thus this may require multiple passes. The current setup is one which a subset of the fingerprints collected is used to verify voters electronically. If we are to go full throttle – we will need to ensure that all fingerprints are available for matching on polling day to increase the chances of matching. An exercise to get fingerprints resubmitted for persons who fall in this category and also for all those that had their biometrics lost during the mass registration drive when BVR machines crashed and did not have backed up properly. Another reason that could explain why some voters were not found on the EVIDs and were found on the printed register is data corruption during copying polling station data into the SD cards that the devices used. How can we ensure that databases are not corrupted during saving into the machines? I propose that each device should have a way of hashing a file and checking the hash against a verified hash of a working copy and where it differs transferring data to this device should be repeated. Backups of these registers on verified SD cards should also accompany each EVID to the field. We should explore how to keep the logs of the persons who have voted safe when devices get technology issues. There is also an inconvenient reality that in any given population there will always be some persons whose fingerprints are difficult or impossible to capture or verify. This raises a fundamental ideological question of whether a person should be disenfranchised because of limitations of a technology. The issues around the provisional transmission of results were also well documented, these also fell into 3 broad categories namely: 1) Technology problems – the server’s well documented issue with system logs and it running out of space due to server misconfiguration; The failover issues that followed this. Network coverage issues; Erroneous display of tallied votes due to late integration and limited retesting. 2) Procurement/Acquisition problems – there was no time to really develop the transmission application. 3) Rollout problems – late delivery of phones and specially configured simcards; issues with user credentials; versioning issues between server and phone; Lack of proper training. As with electronic voter identification, most of these can be sorted out with proper planning and following procedures, why do I say so? the IEBC has transmitted 100% of the results from all the by-elections that it has conducted since 2013. While in terms of scale these by-elections pale when compared to the general election, it’s my considered opinion that there have been numerous lessons learnt – these can be documented and used to inform the training and rollout process. What should happen in the event that result transmission fails for whatever reason? The IEBC still needs to have a fallback for electronic results transmission. Can some other technology offer a fallback? e.g. If results transmission from a primary device fails, should we have an electronic fallback using a different technology? Can the current election transmission system be used as a backup of whatever fancy results transmission system the IEBC procures? The IEBC has used satellite phones with success to transmit results for the Kalolol and Mosiro by-elections, why can this be used as a fallback on the telecommunication side. I think we can have all these fallbacks in place and these would be totally acceptable to all stakeholders. These questions are by no means comprehensive but should act as a starting point in deciding what the fallback(s) should be and when to fallback. It has always been my opinion that leaving the determination of important electoral matters at the polling station level to the discretion of people there without a trail of documentation that guides their decision making and a trail of accountability to why they took the action they did exposes the election operation to credibility questions. In 2012 Ghana went into their election with the NVNV (No [biometric] Verification, No Voting) mantra and they had to extend the voting period and also had many people disenfranchised because of the inadequacies of the technology they rolled out. In 2015 they rolled back and then introduced a manual verification fallback. The manual verification process required the presiding officer fill a manual verification form for each voter who is manually verified. The only way we can come up with this list of scenarios is if we carried out a proper and candid risk assessment and management process. This process should inform the IEBC on what to do to ensure that the “core business” on election day remains unaffected. From my perspective, human beings should always play the role of final "exception handlers" to ensure that during electronic voter identification no voter is ever disenfranchised by technology malfunction or it’s limitation. Indeed, if the electoral process must err, then it must err on the side of inclusion. However, these errors must be accounted for and thus the most appropriate role of technology is to ensure a level of transparency and accountability that allows for review of any of those human decisions on how to handle exceptions. As noted earlier on this paper, the process used for verification involves a one-to-one match of voters against their biometrics. The voter gets his ID No. captured by the verification device in a bid to ‘identify’ them and once their records are loaded on the screen of the device an additional fingerprint scan is required to ‘verify’ this person. i.e. answering the question – are you really the person who you claim to be? So, for example, if the validation device is unable to verify the fingerprint of a voter who the presiding officer knows or strongly believes to be a legitimate voter, and his/her particulars are on the voter register, the presiding officer should have the authority to override the device and allow the person to vote. In order to trigger the manual verification process, the presiding officer should collect as much information about the person being excluded from being electronically verified as possible. This information should include a photo of this person and the Serial Number not ID No. found on their National Identity card. Manual verification should not be misconstrued to mean manual verification using the physically printed out register or green books. This process should be endorsed by all party agents present at the polling station. It is important to have this information both in physical and electronic form. At the end of the day, any final reconciliation should include the number of decisions the presiding officer made contrary to the technology. This allows for review of the decisions of the presiding officer, and provides a deterrent since that officer knows that there will be an accounting of how many decisions he made of this nature. It also allows for reporting on anomalies where a polling station or ward has an inordinately high number of human exceptions. This information can be transmitted periodically so that during the course of the day to all stakeholders and thus all players are able to identify polling stations that have inordinately high numbers of human exceptions and vigilance can be increased to ensure only legitimate cases are excluded from electronic verification. Once this discussion has been held and we have a product that this has the blessing of all players contesting in the election. When accepted by all stakeholders the post-election process of massaging bruised egos and selling peace i.e. the 'accept and move on' message will be much easier.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kivuva%40transworldafrica.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
*"It was noted that CA sent the HR manager Juma Kandie to answer IT questions".* Now I understand why I yawned too much while listening to that guy!! Now I also understand why everything was tailored to mislead - from the CS ICT presentation. On 31 December 2016 at 18:20, Mwendwa Kivuva via kictanet < kictanet@lists.kictanet.or.ke> wrote:
I'm glad issues of Internet Governance that we have been advanced on this list for the past 5 years have come to bear, and were discussed at some level at the Senate committee, but not with any depth deserving the gravity of the situation we find ourselves in.
Some questions about Access that cropped up were; 1. "Why has CA not utilised USF to fill the gap where there is no coverage in the country? " - Senator Mutua Kilonzo 2. When will there be full 3G coverage in Kenya? 3. What is the state of last mile connectivity of NOFBI to all counties?
Some important statistics that came out from CA were that 94% of the country has 2G coverage, but 164 locations in the country do not have voice or data. I'm not sure what is the meaning of "locations". It was noted that CA sent the HR manager Juma Kandie to answer IT questions. It seems IT is not Rocket Science after all, but it goes to show the depth of the answers Senate got.
The Chair of The Universal Service Advisory Council (USAC), Catherine Ngahu sough to answer some of the questions on USF: She said the fund has not been used but 2.3billion will be used to cover unserved locations in 2017. She said that operators have refused to bid to covers some areas using those funds. That those areas are also unserved by other infrastructure like roads, and security. But she also said USF have tendered for the locations not covered, and awarded for 78 location out of the 164.
I would like a clarification from CA what is ment by "awarded". The USAC board should table these documents. Also, this figure 164 is different from 214 that CA shared with the list in April 2016.
*Catherine also said "By 2017, it is possible the funds will have covered all areas".* With this last statement, I wish her word is her bond.
All that said, CA gave us an update on USF in April 2016 ; viz below
</END>
Alwala, Rachel via kictanet <kictanet@lists.kictanet.or.ke> [image: Attachments]19 Apr to *Rachel*, Mwendwa Dear Listers,
We appreciate the engagement and wish to provide the following clarifications regarding the Universal Service Fund. >Please note that this is based on the questions raised and additional information for your understanding.
The Authority within the current FY 2015/16 contracted Intelecon Research Ltd of Canada to undertake an ICT Access Gaps Study whose objectives were:
• To engage the industry and other stakeholders / service providers to identify the gaps in the ICTs service provision.
• Conduct an in-depth analysis of communication services in the country and map out access gaps in voice, data, broadcasting and postal &courier services at sub-location level across all counties in Kenya.
• To support implementation of initial USF network expansion projects, grouping gap areas and special projects (e.g. schools connectivity) into optimal lots for purposes of tendering.
• Develop an interactive portal for regular updates and definition of the gaps for each service area giving GPS coordinates for selected USF clusters and other socio-economic characteristics.
• Develop a 5 year USF Implementation Strategy based on projected funding
• Review the existing Operational Manual with a view of aligning it with relevant internal procedures of the Authority and procurement legislations.
*The progress made To-date*
• The consultants have delivered an acceptable Final Access Gaps report herewith attached; Developed an interactive portal for regular updates by the Authority; Are currently reviewing the USF Operating Manual and thereafter develop the 5 year USF Implementation Strategy.
From the objectives of the ICT Gaps Study, it is clear the survey did not focus on the need to increase the USF levy amount neither did the study audit the use of USF funds.
It should further be noted that even though the Act that created USF came into being in 2009, it was not until in the FY 2013/14 that the Authority issued the first USF invoices.
As it awaited the legal framework to be in place and fully operationlize the Fund, the Authority undertook a number ofpreparatory activities for the implementation of USF. These include:
· Carrying out a number of studies to guide the implementation of the Fund, these included the 1st National ICT Survey (2010/2011) and the ICT Access Gaps Study (2011); The Internet Market Study; the 2nd National ICT Survey (2016) targeting Public Sector and Business Enterprises covering all the 47 counties in Kenya. The National ICT Survey has been undertaken in conjunction with the Kenya National Bureau of Statistics (KNBS) with the objective of; establishing ownership, access and usage of ICTs in enterprises; measuring the use and access ofICTs by Government employees; measuring availability of ICTs in enterprises and public sector institutions; measuring supply of e-Government services to citizens in Kenya and compute the e-Government development index. The data capture for the Public Sector and Business Enterprises has just been concluded and a report will be shared with stakeholders.
- The Authority also Implemented a number of Universal Access (UA) pilot projects whose lessons are instrumental in the implementation of USF projects. The pilot projects include: 16 ICT Centers in Secondary Schools (2 in each province), 4 Community Centers, 8 ICT Centers schools for PWDs (covering all secondary schools for PwDs in Kenya), 56 e-Resource Centers within the Kenya National Library Service outlets, E-health Project (implemented in collaboration with the Ministry of Health and Qualcomm Inc), Content Development that include the Digitization of the Kenya Certificate of Secondary School (KCSE) Form I and II curriculum by Kenya Institute ofCurriculum Development (KICD); developed a Web Portal for Persons With Disabilities (in partnership with the National Council for Persons with Disabilities and United Disabled Persons of Kenya(NCPWD); supported the development of National Broadband Strategy (2012) with technical support from USAID’s Global Broadband Innovation (GBI) programme. A number of stakeholders supported the development of the National Broadband Strategy (NBS). These included the Ministry of Information Communications and Technology, the ICT Authority, the then E-Government Directorate, Vision 2030 Secretariat and National Communications Secretariat and other stakeholders. This strategy is important in the realization of universal access to broadband services in Kenya. These projects have been fully funded by the Authority.
Universal Service Fund (USF) kitty has accumulated KES. 2.94 Billion from remittances by licensees while the Authority has contributed KES 1 Billion seed money to the fund putting the total collections at KES giving total collections to date at KES. 3.94 Billion.
The Access Gaps Study Report (attached) has identified basic services and broadband gaps as the two priorities for USFinvestment in the FY 2016/17:
- Infrastructure Projects: Closing the voice gaps in the identified 214 sub-locations. This will reduce the population coverage gap from 5.6% of the population to around half (2.8%) by 2018. The USF distributes Funds through subsidies. Since USF subsidies will be distributed on a progressive basis as the awarded Lots are implemented, it is not expected that the USF will distribute more than 67% of the awards made in the first fiscal year of operation (2016/17), thus the final amount distributed in 2016/17 on the voice service project will be approximately US$ 10 M (KES 1 billion). - Broadband Connectivity in Secondary Schools in Kenya. The cost of braodband connectivity is estimated at KES. 500M.
These priority projects shall be implemented under the accepted guidelines of the USF and the existing procurement laws in Kenya which stress on transparency and competition in the distribution of funds.
*USF Projects Implementation Plan*
The Schools Connectivity project will be designed to run in parallel with the ICT Infrastructure (Voice) Project. The schedule of USF implementation is as follows;
- Project Design Report (scheduled for 27th May 2016) - Industry Workshop in the first week of June 2016. - Bidding Documents will be available at end of June 2016. - Awards of tender are expected to be made by early November 2016. - Implementation of the USF projects 2017
Kindly note that the Authority is the secretariat to the Univeral Service Advisory Council (USAC) and can provide any information required. The CA website is updated with news items, publications, so make effort to equally follow us on online platforms and achievements to date. Lastly, we wish to clarify that the Universal Service Levy imposed under section 84J (3) of the Act is to be charged on all licensees offering communication systems and services on a commercial basis. The Act provides for the Levy charged on licensees at an amount not exceeding one percent (1%) of the gross revenue of a licensee. However, the Authority's Board settled on 0.5% after due consultation with the industry. At no point has the Authority considered increasing the levy amount since the ICT voice gaps has considerably reduced to 5.6%. Any changes in the percentage of contribution will be subjected to industry consultations.
Hope this gives you some insights that are helpful.
Regards,
Rachel Alwala Assistant Director/Communications and External Affairs Communications Authority of Kenya PO Box 14448 Nairobi 00800 Tel: +254 703 042000 Email: alwala@ca.go.ke Website: www.ca.go.ke
______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh
On 31 December 2016 at 14:18, Collins Areba via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Listers, Allow me to share these wise words from a friend, Ben Ngumi Chege, who has had extensive on the field doing exactly this kind of work in more places than I can remember. Will paste the long text after the link in case its not visible to everyone.
https://web.facebook.com/notes/ben-chege/manual-vs-electroni c-elections/10154910551733923?__mref=message_bubble
“Manual” vs “Electronic” Elections
BEN CHEGE <https://web.facebook.com/masukuma>·FRIDAY, 30 DECEMBER 2016 <https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/10154910551733923> Every 5 years Kenyans queue to vote, this is an exercise that we have engaged in passionately for as long as I can remember and when each round of elections is done and dusted we as a nation learn a couple of lessons which we then reuse in succeeding election cycles in an attempt to make them better. However, looking at the current debate on the use of technology and witnessing what is happening, I suspect that there might have been an important lesson to be learnt in the 2007-08 when compared to the 2013 election cycle that has been missed and this lesson is that Having consensus among all players beforehand regarding the electoral process generally leads to widespread acceptance of the results of the process. Electoral process should be seen as contests, where groups of people with various interests engage willingly in order to not only determine political representation but also wield the power of the state, and just like any reputable contest it has its rules. These rules are well known and understood by all players and are accepted from the onset. These rules are deterministic in that they are predictable and must be seen by all parties to be fair. For a country to have a credible election - we need everyone to feel like they have a chance in this contest since from the onset the rules of the game do not favour their opponent(s). In 2007 ODM did not agree to the way the commissioners were picked after the terms of some expired as they felt it contravened the IPPG agreement and after the contest was done they did not accept the results announced by the commission. When the same commission asked them they refused! We all remember the situation the country found itself after the opposition refused to engage in a process they felt was flawed and disadvantageous to them. The 2017 election process is slowly mirroring the 2007 pre-election period especially when it comes to the role of technology on voting day. We are witnessing an emotive debate regarding the use of technology and the disregard of the voices of political players who hold contrary opinions. If lessons from the past hold true, this threatens the expectation of a peaceful electoral process and at the very least a credible one. On voting day there are 4 core activities that happen within a polling station, these are: 1) Voter identification/Verification – this answers the question – “Are you registered to vote in this polling station?” 2) Voting by secret ballot – you are given a ballot paper and then you mark it in secret and the cast the said ballot into a transparent ballot box. 3) Counting of results and declaration – counting of all votes cast in the polling station for each race and the declaration of the votes cast in favour of each candidate. 4) Results transmission – forwarding these results to the next level namely the constituency tally center for “tallying” and dispute resolution just in case there were any. The “Manual” vs “Electronic” debate is really touching on activities 1) and 4) and therefore at the core of this debate are 2 questions namely: 1) Can we solely verify/identify voters electronically using biometrics that they submitted? 2) Can we solely transmit results to the next level using electronic means? Fortunately, these two are not really new initiatives as the IEBC has been using technology in these two areas over the last 4 years. No one doubts the credibility boost that well executed technology has on elections. An example of this is the by-election in Kibwezi West where the winner won the race by the narrowest of margins - a paltry 175 votes and the loser did not file a petition challenging the results. This was unheard of in previous elections. Why then do we have a debate around it? Previously, the use of technology was not explicitly dictated by the Elections Act but rather the stipulation to use one form of it was found in regulations. Until now the official Electoral process has been manual where technology had been added for efficiency and confidence building. The latest Election Amendment Act 2016 has raised the profile of the said technologies from just being tools to be used in boosting confidence to be the exclusive means of conducting voter identification and results transmission. They say once stung – twice shy and thus it’s understandable that the IEBC is jittery in embracing technology full throttle without a fallback especially because it had technology failures in the said areas during the 2013 General elections. Technology is playing an increasing role in our lives and for us to move forward on the electoral field - I feel that this discussion needs to be informed by a mindset from big technology companies have when it comes to failure. Companies like Google, Yahoo and Facebook plan for failure more than they plan for success. They have a culture that says “failure is OK”, a culture where people are encouraged to ask: 1) What do we do if our technology fails? 2) How do we continue fulfilling our core business that is serving our customers and users when the systems around us fail? So as Kenyans we need to ask ourselves the same set of questions and ask how it affects the core business of elections. But for that to happen we need to synthesize what our core business on election day is. It’s said that “Election Day is still the one day when we strive to give equal voice to every eligible voter; the day when the woman working in the market stall has as much of a say as any wealthy banker, and the illiterate menial laborer has a voice that speaks as eloquently as any university professor. It is our shared responsibility to strive for processes and systems that ensure that every voter is given the opportunity to make their will known, and that every vote is counted.” If we agree that this is the core business of elections and everything on election day must support this, we should ask ourselves a couple of questions, namely: 1) What happens WHEN we place a piece of technology as a prerequisite to the recording of this voice and the said technology fails and thus affects the “core business”? What are the fallbacks available to us? 2) Since this is a contest, which out of the array of fallbacks available is most acceptable to all players? The issues around the failure of technology have been well documented. The IEBC conducted an internal audit of the March 2013 election and rather candidly highlighted these failures. I will try and address them and possibly give recommendations in question form that should advise our choice of an acceptable fallback or perhaps a list of fallbacks to be executed in when certain scenarios playout. When it came to the identification of voters electronically, the issues fell broadly into 3 categories namely: 1) Technology problems – some voters could not be found on some EVIDs but were present on the manual register. Some devices run out of power, some even exploded during charging 2) Procurement problems – getting the wrong device because procurement requirements were not met. 3) Rollout problems – some devices were not charged, insufficient training due to late delivery and lack of manuals e.t.c. With proper planning and time to go through the procurement procedures most of these can be sorted out. The new Elections amendment act stipulates that the IEBC should have procured and set in place technology 8 months to an election and then have it tested 60 days to an election. Even with this in place some of the problems categorized as “Technology problems” may not disappear or may only manifest themselves on polling day. In order to address them we need to ask ourselves what are the real risk factors related to technology? If the approach to voter verification is similar to what was employed in 2013 – then the disruption of telecommunication is not a potential failure point – why? The devices were self-contained – the register was loaded on the device and thus the device really had no need to communicate with external systems after rollout. If this is the model envisaged in the new KIEMs Rollout – we should not concern ourselves with telecommunication availability in the matters of voter verification. What should concern us is the issue of availability of power as the devices will be constantly in use throughout the day. The devices used for verification conduct a one-to-one match of voters against their biometrics – computationally – it can be a costly affair especially if a potential voter has to submit multiple fingers to get identified if one fails and so we need to have devices that can work for 18 hours or have capability to accept external power in the form of portable power cells. Can the software be written in such a way that it alerts the users well beforehand that it has X number of hours of charge left and that the clerks at the polling station need to make arrangement to keep the electronic means working? Ghana deployed a solution that utilized dry cells and they put in place an operational plan to replace them within 4 hours. The issue of some voters not being found on the EVIDs yet being found on the manual roll was puzzling, this may be aggravated in 2017 this is because the bulk of the current set of fingerprints were collected in 2013 and it will not be farfetched to expect that the quality of fingerprints submitted for verification in this election cycle by an eligible voter who work with their hands to be lower and thus this may require multiple passes. The current setup is one which a subset of the fingerprints collected is used to verify voters electronically. If we are to go full throttle – we will need to ensure that all fingerprints are available for matching on polling day to increase the chances of matching. An exercise to get fingerprints resubmitted for persons who fall in this category and also for all those that had their biometrics lost during the mass registration drive when BVR machines crashed and did not have backed up properly. Another reason that could explain why some voters were not found on the EVIDs and were found on the printed register is data corruption during copying polling station data into the SD cards that the devices used. How can we ensure that databases are not corrupted during saving into the machines? I propose that each device should have a way of hashing a file and checking the hash against a verified hash of a working copy and where it differs transferring data to this device should be repeated. Backups of these registers on verified SD cards should also accompany each EVID to the field. We should explore how to keep the logs of the persons who have voted safe when devices get technology issues. There is also an inconvenient reality that in any given population there will always be some persons whose fingerprints are difficult or impossible to capture or verify. This raises a fundamental ideological question of whether a person should be disenfranchised because of limitations of a technology. The issues around the provisional transmission of results were also well documented, these also fell into 3 broad categories namely: 1) Technology problems – the server’s well documented issue with system logs and it running out of space due to server misconfiguration; The failover issues that followed this. Network coverage issues; Erroneous display of tallied votes due to late integration and limited retesting. 2) Procurement/Acquisition problems – there was no time to really develop the transmission application. 3) Rollout problems – late delivery of phones and specially configured simcards; issues with user credentials; versioning issues between server and phone; Lack of proper training. As with electronic voter identification, most of these can be sorted out with proper planning and following procedures, why do I say so? the IEBC has transmitted 100% of the results from all the by-elections that it has conducted since 2013. While in terms of scale these by-elections pale when compared to the general election, it’s my considered opinion that there have been numerous lessons learnt – these can be documented and used to inform the training and rollout process. What should happen in the event that result transmission fails for whatever reason? The IEBC still needs to have a fallback for electronic results transmission. Can some other technology offer a fallback? e.g. If results transmission from a primary device fails, should we have an electronic fallback using a different technology? Can the current election transmission system be used as a backup of whatever fancy results transmission system the IEBC procures? The IEBC has used satellite phones with success to transmit results for the Kalolol and Mosiro by-elections, why can this be used as a fallback on the telecommunication side. I think we can have all these fallbacks in place and these would be totally acceptable to all stakeholders. These questions are by no means comprehensive but should act as a starting point in deciding what the fallback(s) should be and when to fallback. It has always been my opinion that leaving the determination of important electoral matters at the polling station level to the discretion of people there without a trail of documentation that guides their decision making and a trail of accountability to why they took the action they did exposes the election operation to credibility questions. In 2012 Ghana went into their election with the NVNV (No [biometric] Verification, No Voting) mantra and they had to extend the voting period and also had many people disenfranchised because of the inadequacies of the technology they rolled out. In 2015 they rolled back and then introduced a manual verification fallback. The manual verification process required the presiding officer fill a manual verification form for each voter who is manually verified. The only way we can come up with this list of scenarios is if we carried out a proper and candid risk assessment and management process. This process should inform the IEBC on what to do to ensure that the “core business” on election day remains unaffected. From my perspective, human beings should always play the role of final "exception handlers" to ensure that during electronic voter identification no voter is ever disenfranchised by technology malfunction or it’s limitation. Indeed, if the electoral process must err, then it must err on the side of inclusion. However, these errors must be accounted for and thus the most appropriate role of technology is to ensure a level of transparency and accountability that allows for review of any of those human decisions on how to handle exceptions. As noted earlier on this paper, the process used for verification involves a one-to-one match of voters against their biometrics. The voter gets his ID No. captured by the verification device in a bid to ‘identify’ them and once their records are loaded on the screen of the device an additional fingerprint scan is required to ‘verify’ this person. i.e. answering the question – are you really the person who you claim to be? So, for example, if the validation device is unable to verify the fingerprint of a voter who the presiding officer knows or strongly believes to be a legitimate voter, and his/her particulars are on the voter register, the presiding officer should have the authority to override the device and allow the person to vote. In order to trigger the manual verification process, the presiding officer should collect as much information about the person being excluded from being electronically verified as possible. This information should include a photo of this person and the Serial Number not ID No. found on their National Identity card. Manual verification should not be misconstrued to mean manual verification using the physically printed out register or green books. This process should be endorsed by all party agents present at the polling station. It is important to have this information both in physical and electronic form. At the end of the day, any final reconciliation should include the number of decisions the presiding officer made contrary to the technology. This allows for review of the decisions of the presiding officer, and provides a deterrent since that officer knows that there will be an accounting of how many decisions he made of this nature. It also allows for reporting on anomalies where a polling station or ward has an inordinately high number of human exceptions. This information can be transmitted periodically so that during the course of the day to all stakeholders and thus all players are able to identify polling stations that have inordinately high numbers of human exceptions and vigilance can be increased to ensure only legitimate cases are excluded from electronic verification. Once this discussion has been held and we have a product that this has the blessing of all players contesting in the election. When accepted by all stakeholders the post-election process of massaging bruised egos and selling peace i.e. the 'accept and move on' message will be much easier.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kivuva%40transworldafrica.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/odhiambo%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
To set the record straight on this matter, Mr Kandie was representing the Director General who is currently on leave. And the information he provided was factual and not tailored to mislead. Sent from my iPhone On 31 Dec 2016, at 21:41, Odhiambo Washington via kictanet <kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke>> wrote: "It was noted that CA sent the HR manager Juma Kandie to answer IT questions". Now I understand why I yawned too much while listening to that guy!! Now I also understand why everything was tailored to mislead - from the CS ICT presentation. On 31 December 2016 at 18:20, Mwendwa Kivuva via kictanet <kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke>> wrote: I'm glad issues of Internet Governance that we have been advanced on this list for the past 5 years have come to bear, and were discussed at some level at the Senate committee, but not with any depth deserving the gravity of the situation we find ourselves in. Some questions about Access that cropped up were; 1. "Why has CA not utilised USF to fill the gap where there is no coverage in the country? " - Senator Mutua Kilonzo 2. When will there be full 3G coverage in Kenya? 3. What is the state of last mile connectivity of NOFBI to all counties? Some important statistics that came out from CA were that 94% of the country has 2G coverage, but 164 locations in the country do not have voice or data. I'm not sure what is the meaning of "locations". It was noted that CA sent the HR manager Juma Kandie to answer IT questions. It seems IT is not Rocket Science after all, but it goes to show the depth of the answers Senate got. The Chair of The Universal Service Advisory Council (USAC), Catherine Ngahu sough to answer some of the questions on USF: She said the fund has not been used but 2.3billion will be used to cover unserved locations in 2017. She said that operators have refused to bid to covers some areas using those funds. That those areas are also unserved by other infrastructure like roads, and security. But she also said USF have tendered for the locations not covered, and awarded for 78 location out of the 164. I would like a clarification from CA what is ment by "awarded". The USAC board should table these documents. Also, this figure 164 is different from 214 that CA shared with the list in April 2016. Catherine also said "By 2017, it is possible the funds will have covered all areas". With this last statement, I wish her word is her bond. All that said, CA gave us an update on USF in April 2016 ; viz below </END>
Alwala, Rachel via kictanet <kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke>>
[Attachments]19 Apr [https://mail.google.com/mail/u/0/images/cleardot.gif] [https://mail.google.com/mail/u/0/images/cleardot.gif] [https://mail.google.com/mail/u/0/images/cleardot.gif]
to Rachel, Mwendwa [https://mail.google.com/mail/u/0/images/cleardot.gif]
Dear Listers,
We appreciate the engagement and wish to provide the following clarifications regarding the Universal Service Fund. >Please note that this is based on the questions raised and additional information for your understanding.
The Authority within the current FY 2015/16 contracted Intelecon Research Ltd of Canada to undertake an ICT Access Gaps Study whose objectives were: • To engage the industry and other stakeholders / service providers to identify the gaps in the ICTs service provision. • Conduct an in-depth analysis of communication services in the country and map out access gaps in voice, data, broadcasting and postal &courier services at sub-location level across all counties in Kenya. • To support implementation of initial USF network expansion projects, grouping gap areas and special projects (e.g. schools connectivity) into optimal lots for purposes of tendering. • Develop an interactive portal for regular updates and definition of the gaps for each service area giving GPS coordinates for selected USF clusters and other socio-economic characteristics. • Develop a 5 year USF Implementation Strategy based on projected funding • Review the existing Operational Manual with a view of aligning it with relevant internal procedures of the Authority and procurement legislations. The progress made To-date • The consultants have delivered an acceptable Final Access Gaps report herewith attached; Developed an interactive portal for regular updates by the Authority; Are currently reviewing the USF Operating Manual and thereafter develop the 5 year USF Implementation Strategy.
From the objectives of the ICT Gaps Study, it is clear the survey did not focus on the need to increase the USF levy amount neither did the study audit the use of USF funds.
It should further be noted that even though the Act that created USF came into being in 2009, it was not until in the FY 2013/14 that the Authority issued the first USF invoices. As it awaited the legal framework to be in place and fully operationlize the Fund, the Authority undertook a number ofpreparatory activities for the implementation of USF. These include: · Carrying out a number of studies to guide the implementation of the Fund, these included the 1st National ICT Survey (2010/2011) and the ICT Access Gaps Study (2011); The Internet Market Study; the 2nd National ICT Survey (2016) targeting Public Sector and Business Enterprises covering all the 47 counties in Kenya. The National ICT Survey has been undertaken in conjunction with the Kenya National Bureau of Statistics (KNBS) with the objective of; establishing ownership, access and usage of ICTs in enterprises; measuring the use and access ofICTs by Government employees; measuring availability of ICTs in enterprises and public sector institutions; measuring supply of e-Government services to citizens in Kenya and compute the e-Government development index. The data capture for the Public Sector and Business Enterprises has just been concluded and a report will be shared with stakeholders. * The Authority also Implemented a number of Universal Access (UA) pilot projects whose lessons are instrumental in the implementation of USF projects. The pilot projects include: 16 ICT Centers in Secondary Schools (2 in each province), 4 Community Centers, 8 ICT Centers schools for PWDs (covering all secondary schools for PwDs in Kenya), 56 e-Resource Centers within the Kenya National Library Service outlets, E-health Project (implemented in collaboration with the Ministry of Health and Qualcomm Inc), Content Development that include the Digitization of the Kenya Certificate of Secondary School (KCSE) Form I and II curriculum by Kenya Institute ofCurriculum Development (KICD); developed a Web Portal for Persons With Disabilities (in partnership with the National Council for Persons with Disabilities and United Disabled Persons of Kenya(NCPWD); supported the development of National Broadband Strategy (2012) with technical support from USAID’s Global Broadband Innovation (GBI) programme. A number of stakeholders supported the development of the National Broadband Strategy (NBS). These included the Ministry of Information Communications and Technology, the ICT Authority, the then E-Government Directorate, Vision 2030 Secretariat and National Communications Secretariat and other stakeholders. This strategy is important in the realization of universal access to broadband services in Kenya. These projects have been fully funded by the Authority. Universal Service Fund (USF) kitty has accumulated KES. 2.94 Billion from remittances by licensees while the Authority has contributed KES 1 Billion seed money to the fund putting the total collections at KES giving total collections to date at KES. 3.94 Billion. The Access Gaps Study Report (attached) has identified basic services and broadband gaps as the two priorities for USFinvestment in the FY 2016/17: * Infrastructure Projects: Closing the voice gaps in the identified 214 sub-locations. This will reduce the population coverage gap from 5.6% of the population to around half (2.8%) by 2018. The USF distributes Funds through subsidies. Since USF subsidies will be distributed on a progressive basis as the awarded Lots are implemented, it is not expected that the USF will distribute more than 67% of the awards made in the first fiscal year of operation (2016/17), thus the final amount distributed in 2016/17 on the voice service project will be approximately US$ 10 M (KES 1 billion). * Broadband Connectivity in Secondary Schools in Kenya. The cost of braodband connectivity is estimated at KES. 500M. These priority projects shall be implemented under the accepted guidelines of the USF and the existing procurement laws in Kenya which stress on transparency and competition in the distribution of funds. USF Projects Implementation Plan The Schools Connectivity project will be designed to run in parallel with the ICT Infrastructure (Voice) Project. The schedule of USF implementation is as follows; * Project Design Report (scheduled for 27th May 2016) * Industry Workshop in the first week of June 2016. * Bidding Documents will be available at end of June 2016. * Awards of tender are expected to be made by early November 2016. * Implementation of the USF projects 2017 Kindly note that the Authority is the secretariat to the Univeral Service Advisory Council (USAC) and can provide any information required. The CA website is updated with news items, publications, so make effort to equally follow us on online platforms and achievements to date. Lastly, we wish to clarify that the Universal Service Levy imposed under section 84J (3) of the Act is to be charged on all licensees offering communication systems and services on a commercial basis. The Act provides for the Levy charged on licensees at an amount not exceeding one percent (1%) of the gross revenue of a licensee. However, the Authority's Board settled on 0.5% after due consultation with the industry. At no point has the Authority considered increasing the levy amount since the ICT voice gaps has considerably reduced to 5.6%. Any changes in the percentage of contribution will be subjected to industry consultations. Hope this gives you some insights that are helpful. Regards, Rachel Alwala Assistant Director/Communications and External Affairs Communications Authority of Kenya PO Box 14448 Nairobi 00800 Tel: +254 703 042000 Email: alwala@ca.go.ke<mailto:alwala@ca.go.ke> Website: www.ca.go.ke<http://www.ca.go.ke/> ______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh<http://twitter.com/lordmwesh> On 31 December 2016 at 14:18, Collins Areba via kictanet <kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke>> wrote: Listers, Allow me to share these wise words from a friend, Ben Ngumi Chege, who has had extensive on the field doing exactly this kind of work in more places than I can remember. Will paste the long text after the link in case its not visible to everyone. https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/1015... “Manual” vs “Electronic” Elections BEN CHEGE<https://web.facebook.com/masukuma>·FRIDAY, 30 DECEMBER 2016<https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/10154910551733923> Every 5 years Kenyans queue to vote, this is an exercise that we have engaged in passionately for as long as I can remember and when each round of elections is done and dusted we as a nation learn a couple of lessons which we then reuse in succeeding election cycles in an attempt to make them better. However, looking at the current debate on the use of technology and witnessing what is happening, I suspect that there might have been an important lesson to be learnt in the 2007-08 when compared to the 2013 election cycle that has been missed and this lesson is that Having consensus among all players beforehand regarding the electoral process generally leads to widespread acceptance of the results of the process. Electoral process should be seen as contests, where groups of people with various interests engage willingly in order to not only determine political representation but also wield the power of the state, and just like any reputable contest it has its rules. These rules are well known and understood by all players and are accepted from the onset. These rules are deterministic in that they are predictable and must be seen by all parties to be fair. For a country to have a credible election - we need everyone to feel like they have a chance in this contest since from the onset the rules of the game do not favour their opponent(s). In 2007 ODM did not agree to the way the commissioners were picked after the terms of some expired as they felt it contravened the IPPG agreement and after the contest was done they did not accept the results announced by the commission. When the same commission asked them they refused! We all remember the situation the country found itself after the opposition refused to engage in a process they felt was flawed and disadvantageous to them. The 2017 election process is slowly mirroring the 2007 pre-election period especially when it comes to the role of technology on voting day. We are witnessing an emotive debate regarding the use of technology and the disregard of the voices of political players who hold contrary opinions. If lessons from the past hold true, this threatens the expectation of a peaceful electoral process and at the very least a credible one. On voting day there are 4 core activities that happen within a polling station, these are: 1) Voter identification/Verification – this answers the question – “Are you registered to vote in this polling station?” 2) Voting by secret ballot – you are given a ballot paper and then you mark it in secret and the cast the said ballot into a transparent ballot box. 3) Counting of results and declaration – counting of all votes cast in the polling station for each race and the declaration of the votes cast in favour of each candidate. 4) Results transmission – forwarding these results to the next level namely the constituency tally center for “tallying” and dispute resolution just in case there were any. The “Manual” vs “Electronic” debate is really touching on activities 1) and 4) and therefore at the core of this debate are 2 questions namely: 1) Can we solely verify/identify voters electronically using biometrics that they submitted? 2) Can we solely transmit results to the next level using electronic means? Fortunately, these two are not really new initiatives as the IEBC has been using technology in these two areas over the last 4 years. No one doubts the credibility boost that well executed technology has on elections. An example of this is the by-election in Kibwezi West where the winner won the race by the narrowest of margins - a paltry 175 votes and the loser did not file a petition challenging the results. This was unheard of in previous elections. Why then do we have a debate around it? Previously, the use of technology was not explicitly dictated by the Elections Act but rather the stipulation to use one form of it was found in regulations. Until now the official Electoral process has been manual where technology had been added for efficiency and confidence building. The latest Election Amendment Act 2016 has raised the profile of the said technologies from just being tools to be used in boosting confidence to be the exclusive means of conducting voter identification and results transmission. They say once stung – twice shy and thus it’s understandable that the IEBC is jittery in embracing technology full throttle without a fallback especially because it had technology failures in the said areas during the 2013 General elections. Technology is playing an increasing role in our lives and for us to move forward on the electoral field - I feel that this discussion needs to be informed by a mindset from big technology companies have when it comes to failure. Companies like Google, Yahoo and Facebook plan for failure more than they plan for success. They have a culture that says “failure is OK”, a culture where people are encouraged to ask: 1) What do we do if our technology fails? 2) How do we continue fulfilling our core business that is serving our customers and users when the systems around us fail? So as Kenyans we need to ask ourselves the same set of questions and ask how it affects the core business of elections. But for that to happen we need to synthesize what our core business on election day is. It’s said that “Election Day is still the one day when we strive to give equal voice to every eligible voter; the day when the woman working in the market stall has as much of a say as any wealthy banker, and the illiterate menial laborer has a voice that speaks as eloquently as any university professor. It is our shared responsibility to strive for processes and systems that ensure that every voter is given the opportunity to make their will known, and that every vote is counted.” If we agree that this is the core business of elections and everything on election day must support this, we should ask ourselves a couple of questions, namely: 1) What happens WHEN we place a piece of technology as a prerequisite to the recording of this voice and the said technology fails and thus affects the “core business”? What are the fallbacks available to us? 2) Since this is a contest, which out of the array of fallbacks available is most acceptable to all players? The issues around the failure of technology have been well documented. The IEBC conducted an internal audit of the March 2013 election and rather candidly highlighted these failures. I will try and address them and possibly give recommendations in question form that should advise our choice of an acceptable fallback or perhaps a list of fallbacks to be executed in when certain scenarios playout. When it came to the identification of voters electronically, the issues fell broadly into 3 categories namely: 1) Technology problems – some voters could not be found on some EVIDs but were present on the manual register. Some devices run out of power, some even exploded during charging 2) Procurement problems – getting the wrong device because procurement requirements were not met. 3) Rollout problems – some devices were not charged, insufficient training due to late delivery and lack of manuals e.t.c. With proper planning and time to go through the procurement procedures most of these can be sorted out. The new Elections amendment act stipulates that the IEBC should have procured and set in place technology 8 months to an election and then have it tested 60 days to an election. Even with this in place some of the problems categorized as “Technology problems” may not disappear or may only manifest themselves on polling day. In order to address them we need to ask ourselves what are the real risk factors related to technology? If the approach to voter verification is similar to what was employed in 2013 – then the disruption of telecommunication is not a potential failure point – why? The devices were self-contained – the register was loaded on the device and thus the device really had no need to communicate with external systems after rollout. If this is the model envisaged in the new KIEMs Rollout – we should not concern ourselves with telecommunication availability in the matters of voter verification. What should concern us is the issue of availability of power as the devices will be constantly in use throughout the day. The devices used for verification conduct a one-to-one match of voters against their biometrics – computationally – it can be a costly affair especially if a potential voter has to submit multiple fingers to get identified if one fails and so we need to have devices that can work for 18 hours or have capability to accept external power in the form of portable power cells. Can the software be written in such a way that it alerts the users well beforehand that it has X number of hours of charge left and that the clerks at the polling station need to make arrangement to keep the electronic means working? Ghana deployed a solution that utilized dry cells and they put in place an operational plan to replace them within 4 hours. The issue of some voters not being found on the EVIDs yet being found on the manual roll was puzzling, this may be aggravated in 2017 this is because the bulk of the current set of fingerprints were collected in 2013 and it will not be farfetched to expect that the quality of fingerprints submitted for verification in this election cycle by an eligible voter who work with their hands to be lower and thus this may require multiple passes. The current setup is one which a subset of the fingerprints collected is used to verify voters electronically. If we are to go full throttle – we will need to ensure that all fingerprints are available for matching on polling day to increase the chances of matching. An exercise to get fingerprints resubmitted for persons who fall in this category and also for all those that had their biometrics lost during the mass registration drive when BVR machines crashed and did not have backed up properly. Another reason that could explain why some voters were not found on the EVIDs and were found on the printed register is data corruption during copying polling station data into the SD cards that the devices used. How can we ensure that databases are not corrupted during saving into the machines? I propose that each device should have a way of hashing a file and checking the hash against a verified hash of a working copy and where it differs transferring data to this device should be repeated. Backups of these registers on verified SD cards should also accompany each EVID to the field. We should explore how to keep the logs of the persons who have voted safe when devices get technology issues. There is also an inconvenient reality that in any given population there will always be some persons whose fingerprints are difficult or impossible to capture or verify. This raises a fundamental ideological question of whether a person should be disenfranchised because of limitations of a technology. The issues around the provisional transmission of results were also well documented, these also fell into 3 broad categories namely: 1) Technology problems – the server’s well documented issue with system logs and it running out of space due to server misconfiguration; The failover issues that followed this. Network coverage issues; Erroneous display of tallied votes due to late integration and limited retesting. 2) Procurement/Acquisition problems – there was no time to really develop the transmission application. 3) Rollout problems – late delivery of phones and specially configured simcards; issues with user credentials; versioning issues between server and phone; Lack of proper training. As with electronic voter identification, most of these can be sorted out with proper planning and following procedures, why do I say so? the IEBC has transmitted 100% of the results from all the by-elections that it has conducted since 2013. While in terms of scale these by-elections pale when compared to the general election, it’s my considered opinion that there have been numerous lessons learnt – these can be documented and used to inform the training and rollout process. What should happen in the event that result transmission fails for whatever reason? The IEBC still needs to have a fallback for electronic results transmission. Can some other technology offer a fallback? e.g. If results transmission from a primary device fails, should we have an electronic fallback using a different technology? Can the current election transmission system be used as a backup of whatever fancy results transmission system the IEBC procures? The IEBC has used satellite phones with success to transmit results for the Kalolol and Mosiro by-elections, why can this be used as a fallback on the telecommunication side. I think we can have all these fallbacks in place and these would be totally acceptable to all stakeholders. These questions are by no means comprehensive but should act as a starting point in deciding what the fallback(s) should be and when to fallback. It has always been my opinion that leaving the determination of important electoral matters at the polling station level to the discretion of people there without a trail of documentation that guides their decision making and a trail of accountability to why they took the action they did exposes the election operation to credibility questions. In 2012 Ghana went into their election with the NVNV (No [biometric] Verification, No Voting) mantra and they had to extend the voting period and also had many people disenfranchised because of the inadequacies of the technology they rolled out. In 2015 they rolled back and then introduced a manual verification fallback. The manual verification process required the presiding officer fill a manual verification form for each voter who is manually verified. The only way we can come up with this list of scenarios is if we carried out a proper and candid risk assessment and management process. This process should inform the IEBC on what to do to ensure that the “core business” on election day remains unaffected. From my perspective, human beings should always play the role of final "exception handlers" to ensure that during electronic voter identification no voter is ever disenfranchised by technology malfunction or it’s limitation. Indeed, if the electoral process must err, then it must err on the side of inclusion. However, these errors must be accounted for and thus the most appropriate role of technology is to ensure a level of transparency and accountability that allows for review of any of those human decisions on how to handle exceptions. As noted earlier on this paper, the process used for verification involves a one-to-one match of voters against their biometrics. The voter gets his ID No. captured by the verification device in a bid to ‘identify’ them and once their records are loaded on the screen of the device an additional fingerprint scan is required to ‘verify’ this person. i.e. answering the question – are you really the person who you claim to be? So, for example, if the validation device is unable to verify the fingerprint of a voter who the presiding officer knows or strongly believes to be a legitimate voter, and his/her particulars are on the voter register, the presiding officer should have the authority to override the device and allow the person to vote. In order to trigger the manual verification process, the presiding officer should collect as much information about the person being excluded from being electronically verified as possible. This information should include a photo of this person and the Serial Number not ID No. found on their National Identity card. Manual verification should not be misconstrued to mean manual verification using the physically printed out register or green books. This process should be endorsed by all party agents present at the polling station. It is important to have this information both in physical and electronic form. At the end of the day, any final reconciliation should include the number of decisions the presiding officer made contrary to the technology. This allows for review of the decisions of the presiding officer, and provides a deterrent since that officer knows that there will be an accounting of how many decisions he made of this nature. It also allows for reporting on anomalies where a polling station or ward has an inordinately high number of human exceptions. This information can be transmitted periodically so that during the course of the day to all stakeholders and thus all players are able to identify polling stations that have inordinately high numbers of human exceptions and vigilance can be increased to ensure only legitimate cases are excluded from electronic verification. Once this discussion has been held and we have a product that this has the blessing of all players contesting in the election. When accepted by all stakeholders the post-election process of massaging bruised egos and selling peace i.e. the 'accept and move on' message will be much easier. _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke> https://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/kivuva%40transworldafr... The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke> https://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/odhiambo%40gmail.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft." _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke> https://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/wambua%40ca.go.ke The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
Thank you Mwendwa and others for these very informative updates on USF and the issues of connectivity. I have also read the paper (article) by Ben Chege. The arguments there are reasonable as regards use of ICT as a tool for increased efficiency. Am unsure about its adequacy in addressing the aspiration of using ICT as a way to safeguard the integrity of the vote. For instance, I am unsure about the assertion that the presiding officer in concurrence with agents should have final say regardless of what the EVID system says. The writeup's analogy of a person well known to the presiding officer deserving a manual intervention if EVID fails to positively identify the person can be put to question. This is to the extent that there may be valid reasons the system might have for refusing to authenticate him. Eg. Not being a registered voter (in that station), a repeating voter, etc. The argument there speaks well to the use of ICT for increased efficiency in the electoral process. It however does not advance to address the matter of using ICT to safeguard the integrity of the vote as envisaged in the earlier election law amendment. The emerging discussion of citizens being denied the right to vote (eg. in Ghana) if they are not biometricaly identified (through an NVNV implementation) is also interesting. We already deny the right to vote if one is not a registered voter but still a citizen - for good or bad reasons. Arguably, a similar denial might be understandable if one cannot be biometricaly identified - for good or bad reasons. Of course an NVNV implementation would be a NO NO to many people. Such disenfranchisement can be however be mitigated against by IEBC providing for an adequate period when individuals can visit their poling stations to verify their finger print records (some months in advance.) In summary, am stuck with the argument that for a good solution to be sought, there is need for people involved to isolate issues of "the right to vote" from issues of "integrity of the vote". The two issues can be addressed separately but complementarity is expected. I also think that in safeguarding the integrity of then vote, IEBC could agree with stakeholders to pursue redundancy at multiple levels including data transmission paths, and data replication by IEBC or its key stakeholders. Happy 2017! On Dec 31, 2016 21:41, "Odhiambo Washington via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
*"It was noted that CA sent the HR manager Juma Kandie to answer IT questions".*
Now I understand why I yawned too much while listening to that guy!!
Now I also understand why everything was tailored to mislead - from the CS ICT presentation.
On 31 December 2016 at 18:20, Mwendwa Kivuva via kictanet < kictanet@lists.kictanet.or.ke> wrote:
I'm glad issues of Internet Governance that we have been advanced on this list for the past 5 years have come to bear, and were discussed at some level at the Senate committee, but not with any depth deserving the gravity of the situation we find ourselves in.
Some questions about Access that cropped up were; 1. "Why has CA not utilised USF to fill the gap where there is no coverage in the country? " - Senator Mutua Kilonzo 2. When will there be full 3G coverage in Kenya? 3. What is the state of last mile connectivity of NOFBI to all counties?
Some important statistics that came out from CA were that 94% of the country has 2G coverage, but 164 locations in the country do not have voice or data. I'm not sure what is the meaning of "locations". It was noted that CA sent the HR manager Juma Kandie to answer IT questions. It seems IT is not Rocket Science after all, but it goes to show the depth of the answers Senate got.
The Chair of The Universal Service Advisory Council (USAC), Catherine Ngahu sough to answer some of the questions on USF: She said the fund has not been used but 2.3billion will be used to cover unserved locations in 2017. She said that operators have refused to bid to covers some areas using those funds. That those areas are also unserved by other infrastructure like roads, and security. But she also said USF have tendered for the locations not covered, and awarded for 78 location out of the 164.
I would like a clarification from CA what is ment by "awarded". The USAC board should table these documents. Also, this figure 164 is different from 214 that CA shared with the list in April 2016.
*Catherine also said "By 2017, it is possible the funds will have covered all areas".* With this last statement, I wish her word is her bond.
All that said, CA gave us an update on USF in April 2016 ; viz below
</END>
Alwala, Rachel via kictanet <kictanet@lists.kictanet.or.ke> [image: Attachments]19 Apr to *Rachel*, Mwendwa Dear Listers,
We appreciate the engagement and wish to provide the following clarifications regarding the Universal Service Fund. >Please note that this is based on the questions raised and additional information for your understanding.
The Authority within the current FY 2015/16 contracted Intelecon Research Ltd of Canada to undertake an ICT Access Gaps Study whose objectives were:
• To engage the industry and other stakeholders / service providers to identify the gaps in the ICTs service provision.
• Conduct an in-depth analysis of communication services in the country and map out access gaps in voice, data, broadcasting and postal &courier services at sub-location level across all counties in Kenya.
• To support implementation of initial USF network expansion projects, grouping gap areas and special projects (e.g. schools connectivity) into optimal lots for purposes of tendering.
• Develop an interactive portal for regular updates and definition of the gaps for each service area giving GPS coordinates for selected USF clusters and other socio-economic characteristics.
• Develop a 5 year USF Implementation Strategy based on projected funding
• Review the existing Operational Manual with a view of aligning it with relevant internal procedures of the Authority and procurement legislations.
*The progress made To-date*
• The consultants have delivered an acceptable Final Access Gaps report herewith attached; Developed an interactive portal for regular updates by the Authority; Are currently reviewing the USF Operating Manual and thereafter develop the 5 year USF Implementation Strategy.
From the objectives of the ICT Gaps Study, it is clear the survey did not focus on the need to increase the USF levy amount neither did the study audit the use of USF funds.
It should further be noted that even though the Act that created USF came into being in 2009, it was not until in the FY 2013/14 that the Authority issued the first USF invoices.
As it awaited the legal framework to be in place and fully operationlize the Fund, the Authority undertook a number ofpreparatory activities for the implementation of USF. These include:
· Carrying out a number of studies to guide the implementation of the Fund, these included the 1st National ICT Survey (2010/2011) and the ICT Access Gaps Study (2011); The Internet Market Study; the 2nd National ICT Survey (2016) targeting Public Sector and Business Enterprises covering all the 47 counties in Kenya. The National ICT Survey has been undertaken in conjunction with the Kenya National Bureau of Statistics (KNBS) with the objective of; establishing ownership, access and usage of ICTs in enterprises; measuring the use and access ofICTs by Government employees; measuring availability of ICTs in enterprises and public sector institutions; measuring supply of e-Government services to citizens in Kenya and compute the e-Government development index. The data capture for the Public Sector and Business Enterprises has just been concluded and a report will be shared with stakeholders.
- The Authority also Implemented a number of Universal Access (UA) pilot projects whose lessons are instrumental in the implementation of USF projects. The pilot projects include: 16 ICT Centers in Secondary Schools (2 in each province), 4 Community Centers, 8 ICT Centers schools for PWDs (covering all secondary schools for PwDs in Kenya), 56 e-Resource Centers within the Kenya National Library Service outlets, E-health Project (implemented in collaboration with the Ministry of Health and Qualcomm Inc), Content Development that include the Digitization of the Kenya Certificate of Secondary School (KCSE) Form I and II curriculum by Kenya Institute ofCurriculum Development (KICD); developed a Web Portal for Persons With Disabilities (in partnership with the National Council for Persons with Disabilities and United Disabled Persons of Kenya(NCPWD); supported the development of National Broadband Strategy (2012) with technical support from USAID’s Global Broadband Innovation (GBI) programme. A number of stakeholders supported the development of the National Broadband Strategy (NBS). These included the Ministry of Information Communications and Technology, the ICT Authority, the then E-Government Directorate, Vision 2030 Secretariat and National Communications Secretariat and other stakeholders. This strategy is important in the realization of universal access to broadband services in Kenya. These projects have been fully funded by the Authority.
Universal Service Fund (USF) kitty has accumulated KES. 2.94 Billion from remittances by licensees while the Authority has contributed KES 1 Billion seed money to the fund putting the total collections at KES giving total collections to date at KES. 3.94 Billion.
The Access Gaps Study Report (attached) has identified basic services and broadband gaps as the two priorities for USFinvestment in the FY 2016/17:
- Infrastructure Projects: Closing the voice gaps in the identified 214 sub-locations. This will reduce the population coverage gap from 5.6% of the population to around half (2.8%) by 2018. The USF distributes Funds through subsidies. Since USF subsidies will be distributed on a progressive basis as the awarded Lots are implemented, it is not expected that the USF will distribute more than 67% of the awards made in the first fiscal year of operation (2016/17), thus the final amount distributed in 2016/17 on the voice service project will be approximately US$ 10 M (KES 1 billion). - Broadband Connectivity in Secondary Schools in Kenya. The cost of braodband connectivity is estimated at KES. 500M.
These priority projects shall be implemented under the accepted guidelines of the USF and the existing procurement laws in Kenya which stress on transparency and competition in the distribution of funds.
*USF Projects Implementation Plan*
The Schools Connectivity project will be designed to run in parallel with the ICT Infrastructure (Voice) Project. The schedule of USF implementation is as follows;
- Project Design Report (scheduled for 27th May 2016) - Industry Workshop in the first week of June 2016. - Bidding Documents will be available at end of June 2016. - Awards of tender are expected to be made by early November 2016. - Implementation of the USF projects 2017
Kindly note that the Authority is the secretariat to the Univeral Service Advisory Council (USAC) and can provide any information required. The CA website is updated with news items, publications, so make effort to equally follow us on online platforms and achievements to date. Lastly, we wish to clarify that the Universal Service Levy imposed under section 84J (3) of the Act is to be charged on all licensees offering communication systems and services on a commercial basis. The Act provides for the Levy charged on licensees at an amount not exceeding one percent (1%) of the gross revenue of a licensee. However, the Authority's Board settled on 0.5% after due consultation with the industry. At no point has the Authority considered increasing the levy amount since the ICT voice gaps has considerably reduced to 5.6%. Any changes in the percentage of contribution will be subjected to industry consultations.
Hope this gives you some insights that are helpful.
Regards,
Rachel Alwala Assistant Director/Communications and External Affairs Communications Authority of Kenya PO Box 14448 Nairobi 00800 Tel: +254 703 042000 Email: alwala@ca.go.ke Website: www.ca.go.ke
______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh
On 31 December 2016 at 14:18, Collins Areba via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Listers, Allow me to share these wise words from a friend, Ben Ngumi Chege, who has had extensive on the field doing exactly this kind of work in more places than I can remember. Will paste the long text after the link in case its not visible to everyone.
https://web.facebook.com/notes/ben-chege/manual-vs-electroni c-elections/10154910551733923?__mref=message_bubble
“Manual” vs “Electronic” Elections
BEN CHEGE <https://web.facebook.com/masukuma>·FRIDAY, 30 DECEMBER 2016 <https://web.facebook.com/notes/ben-chege/manual-vs-electronic-elections/10154910551733923> Every 5 years Kenyans queue to vote, this is an exercise that we have engaged in passionately for as long as I can remember and when each round of elections is done and dusted we as a nation learn a couple of lessons which we then reuse in succeeding election cycles in an attempt to make them better. However, looking at the current debate on the use of technology and witnessing what is happening, I suspect that there might have been an important lesson to be learnt in the 2007-08 when compared to the 2013 election cycle that has been missed and this lesson is that Having consensus among all players beforehand regarding the electoral process generally leads to widespread acceptance of the results of the process. Electoral process should be seen as contests, where groups of people with various interests engage willingly in order to not only determine political representation but also wield the power of the state, and just like any reputable contest it has its rules. These rules are well known and understood by all players and are accepted from the onset. These rules are deterministic in that they are predictable and must be seen by all parties to be fair. For a country to have a credible election - we need everyone to feel like they have a chance in this contest since from the onset the rules of the game do not favour their opponent(s). In 2007 ODM did not agree to the way the commissioners were picked after the terms of some expired as they felt it contravened the IPPG agreement and after the contest was done they did not accept the results announced by the commission. When the same commission asked them they refused! We all remember the situation the country found itself after the opposition refused to engage in a process they felt was flawed and disadvantageous to them. The 2017 election process is slowly mirroring the 2007 pre-election period especially when it comes to the role of technology on voting day. We are witnessing an emotive debate regarding the use of technology and the disregard of the voices of political players who hold contrary opinions. If lessons from the past hold true, this threatens the expectation of a peaceful electoral process and at the very least a credible one. On voting day there are 4 core activities that happen within a polling station, these are: 1) Voter identification/Verification – this answers the question – “Are you registered to vote in this polling station?” 2) Voting by secret ballot – you are given a ballot paper and then you mark it in secret and the cast the said ballot into a transparent ballot box. 3) Counting of results and declaration – counting of all votes cast in the polling station for each race and the declaration of the votes cast in favour of each candidate. 4) Results transmission – forwarding these results to the next level namely the constituency tally center for “tallying” and dispute resolution just in case there were any. The “Manual” vs “Electronic” debate is really touching on activities 1) and 4) and therefore at the core of this debate are 2 questions namely: 1) Can we solely verify/identify voters electronically using biometrics that they submitted? 2) Can we solely transmit results to the next level using electronic means? Fortunately, these two are not really new initiatives as the IEBC has been using technology in these two areas over the last 4 years. No one doubts the credibility boost that well executed technology has on elections. An example of this is the by-election in Kibwezi West where the winner won the race by the narrowest of margins - a paltry 175 votes and the loser did not file a petition challenging the results. This was unheard of in previous elections. Why then do we have a debate around it? Previously, the use of technology was not explicitly dictated by the Elections Act but rather the stipulation to use one form of it was found in regulations. Until now the official Electoral process has been manual where technology had been added for efficiency and confidence building. The latest Election Amendment Act 2016 has raised the profile of the said technologies from just being tools to be used in boosting confidence to be the exclusive means of conducting voter identification and results transmission. They say once stung – twice shy and thus it’s understandable that the IEBC is jittery in embracing technology full throttle without a fallback especially because it had technology failures in the said areas during the 2013 General elections. Technology is playing an increasing role in our lives and for us to move forward on the electoral field - I feel that this discussion needs to be informed by a mindset from big technology companies have when it comes to failure. Companies like Google, Yahoo and Facebook plan for failure more than they plan for success. They have a culture that says “failure is OK”, a culture where people are encouraged to ask: 1) What do we do if our technology fails? 2) How do we continue fulfilling our core business that is serving our customers and users when the systems around us fail? So as Kenyans we need to ask ourselves the same set of questions and ask how it affects the core business of elections. But for that to happen we need to synthesize what our core business on election day is. It’s said that “Election Day is still the one day when we strive to give equal voice to every eligible voter; the day when the woman working in the market stall has as much of a say as any wealthy banker, and the illiterate menial laborer has a voice that speaks as eloquently as any university professor. It is our shared responsibility to strive for processes and systems that ensure that every voter is given the opportunity to make their will known, and that every vote is counted.” If we agree that this is the core business of elections and everything on election day must support this, we should ask ourselves a couple of questions, namely: 1) What happens WHEN we place a piece of technology as a prerequisite to the recording of this voice and the said technology fails and thus affects the “core business”? What are the fallbacks available to us? 2) Since this is a contest, which out of the array of fallbacks available is most acceptable to all players? The issues around the failure of technology have been well documented. The IEBC conducted an internal audit of the March 2013 election and rather candidly highlighted these failures. I will try and address them and possibly give recommendations in question form that should advise our choice of an acceptable fallback or perhaps a list of fallbacks to be executed in when certain scenarios playout. When it came to the identification of voters electronically, the issues fell broadly into 3 categories namely: 1) Technology problems – some voters could not be found on some EVIDs but were present on the manual register. Some devices run out of power, some even exploded during charging 2) Procurement problems – getting the wrong device because procurement requirements were not met. 3) Rollout problems – some devices were not charged, insufficient training due to late delivery and lack of manuals e.t.c. With proper planning and time to go through the procurement procedures most of these can be sorted out. The new Elections amendment act stipulates that the IEBC should have procured and set in place technology 8 months to an election and then have it tested 60 days to an election. Even with this in place some of the problems categorized as “Technology problems” may not disappear or may only manifest themselves on polling day. In order to address them we need to ask ourselves what are the real risk factors related to technology? If the approach to voter verification is similar to what was employed in 2013 – then the disruption of telecommunication is not a potential failure point – why? The devices were self-contained – the register was loaded on the device and thus the device really had no need to communicate with external systems after rollout. If this is the model envisaged in the new KIEMs Rollout – we should not concern ourselves with telecommunication availability in the matters of voter verification. What should concern us is the issue of availability of power as the devices will be constantly in use throughout the day. The devices used for verification conduct a one-to-one match of voters against their biometrics – computationally – it can be a costly affair especially if a potential voter has to submit multiple fingers to get identified if one fails and so we need to have devices that can work for 18 hours or have capability to accept external power in the form of portable power cells. Can the software be written in such a way that it alerts the users well beforehand that it has X number of hours of charge left and that the clerks at the polling station need to make arrangement to keep the electronic means working? Ghana deployed a solution that utilized dry cells and they put in place an operational plan to replace them within 4 hours. The issue of some voters not being found on the EVIDs yet being found on the manual roll was puzzling, this may be aggravated in 2017 this is because the bulk of the current set of fingerprints were collected in 2013 and it will not be farfetched to expect that the quality of fingerprints submitted for verification in this election cycle by an eligible voter who work with their hands to be lower and thus this may require multiple passes. The current setup is one which a subset of the fingerprints collected is used to verify voters electronically. If we are to go full throttle – we will need to ensure that all fingerprints are available for matching on polling day to increase the chances of matching. An exercise to get fingerprints resubmitted for persons who fall in this category and also for all those that had their biometrics lost during the mass registration drive when BVR machines crashed and did not have backed up properly. Another reason that could explain why some voters were not found on the EVIDs and were found on the printed register is data corruption during copying polling station data into the SD cards that the devices used. How can we ensure that databases are not corrupted during saving into the machines? I propose that each device should have a way of hashing a file and checking the hash against a verified hash of a working copy and where it differs transferring data to this device should be repeated. Backups of these registers on verified SD cards should also accompany each EVID to the field. We should explore how to keep the logs of the persons who have voted safe when devices get technology issues. There is also an inconvenient reality that in any given population there will always be some persons whose fingerprints are difficult or impossible to capture or verify. This raises a fundamental ideological question of whether a person should be disenfranchised because of limitations of a technology. The issues around the provisional transmission of results were also well documented, these also fell into 3 broad categories namely: 1) Technology problems – the server’s well documented issue with system logs and it running out of space due to server misconfiguration; The failover issues that followed this. Network coverage issues; Erroneous display of tallied votes due to late integration and limited retesting. 2) Procurement/Acquisition problems – there was no time to really develop the transmission application. 3) Rollout problems – late delivery of phones and specially configured simcards; issues with user credentials; versioning issues between server and phone; Lack of proper training. As with electronic voter identification, most of these can be sorted out with proper planning and following procedures, why do I say so? the IEBC has transmitted 100% of the results from all the by-elections that it has conducted since 2013. While in terms of scale these by-elections pale when compared to the general election, it’s my considered opinion that there have been numerous lessons learnt – these can be documented and used to inform the training and rollout process. What should happen in the event that result transmission fails for whatever reason? The IEBC still needs to have a fallback for electronic results transmission. Can some other technology offer a fallback? e.g. If results transmission from a primary device fails, should we have an electronic fallback using a different technology? Can the current election transmission system be used as a backup of whatever fancy results transmission system the IEBC procures? The IEBC has used satellite phones with success to transmit results for the Kalolol and Mosiro by-elections, why can this be used as a fallback on the telecommunication side. I think we can have all these fallbacks in place and these would be totally acceptable to all stakeholders. These questions are by no means comprehensive but should act as a starting point in deciding what the fallback(s) should be and when to fallback. It has always been my opinion that leaving the determination of important electoral matters at the polling station level to the discretion of people there without a trail of documentation that guides their decision making and a trail of accountability to why they took the action they did exposes the election operation to credibility questions. In 2012 Ghana went into their election with the NVNV (No [biometric] Verification, No Voting) mantra and they had to extend the voting period and also had many people disenfranchised because of the inadequacies of the technology they rolled out. In 2015 they rolled back and then introduced a manual verification fallback. The manual verification process required the presiding officer fill a manual verification form for each voter who is manually verified. The only way we can come up with this list of scenarios is if we carried out a proper and candid risk assessment and management process. This process should inform the IEBC on what to do to ensure that the “core business” on election day remains unaffected. From my perspective, human beings should always play the role of final "exception handlers" to ensure that during electronic voter identification no voter is ever disenfranchised by technology malfunction or it’s limitation. Indeed, if the electoral process must err, then it must err on the side of inclusion. However, these errors must be accounted for and thus the most appropriate role of technology is to ensure a level of transparency and accountability that allows for review of any of those human decisions on how to handle exceptions. As noted earlier on this paper, the process used for verification involves a one-to-one match of voters against their biometrics. The voter gets his ID No. captured by the verification device in a bid to ‘identify’ them and once their records are loaded on the screen of the device an additional fingerprint scan is required to ‘verify’ this person. i.e. answering the question – are you really the person who you claim to be? So, for example, if the validation device is unable to verify the fingerprint of a voter who the presiding officer knows or strongly believes to be a legitimate voter, and his/her particulars are on the voter register, the presiding officer should have the authority to override the device and allow the person to vote. In order to trigger the manual verification process, the presiding officer should collect as much information about the person being excluded from being electronically verified as possible. This information should include a photo of this person and the Serial Number not ID No. found on their National Identity card. Manual verification should not be misconstrued to mean manual verification using the physically printed out register or green books. This process should be endorsed by all party agents present at the polling station. It is important to have this information both in physical and electronic form. At the end of the day, any final reconciliation should include the number of decisions the presiding officer made contrary to the technology. This allows for review of the decisions of the presiding officer, and provides a deterrent since that officer knows that there will be an accounting of how many decisions he made of this nature. It also allows for reporting on anomalies where a polling station or ward has an inordinately high number of human exceptions. This information can be transmitted periodically so that during the course of the day to all stakeholders and thus all players are able to identify polling stations that have inordinately high numbers of human exceptions and vigilance can be increased to ensure only legitimate cases are excluded from electronic verification. Once this discussion has been held and we have a product that this has the blessing of all players contesting in the election. When accepted by all stakeholders the post-election process of massaging bruised egos and selling peace i.e. the 'accept and move on' message will be much easier.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/kivuva%40transworldafrica.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/odhiambo%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/m ailman/options/kictanet/jkieti%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
<https://twitter.com/IEBCKenya> IEBCVerified account@IEBCKenya We register, identify and transmit results electronically. But that is not "electronic voting". Voting, has and still is, by a ballot paper https://twitter.com/IEBCKenya/status/814390489449459712 From: kictanet [mailto:kictanet-bounces+awatila=yahoo.co.uk@lists.kictanet.or.ke] On Behalf Of Collins Areba via kictanet Sent: Friday, December 30, 2016 6:07 PM To: awatila@yahoo.co.uk Cc: Collins Areba <arebacollins@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Let's dissect the problem into pieces. 1: voter registration: collecting details, photos and fingerprints. (Multiple data types) 2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No) 3: voting: choosing from one of several options. 4: tallying : counting the choices at the polling stations and recording the results on paper or device. 5: transmission: sending this information to regional and national tallying centers. Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice. On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote: Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides. I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency. The tech community has an important role to play in demystifying some of these concepts. a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests. b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage? Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered. Raha tupate na ustawi 2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> >: I agree. We should put together our submissions as the ICT community and present the same to bunge. Victor On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote: Thanks Walu, it's time for us to stand up. Let's demystify this tech. On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote: I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this. I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?). A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following: IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone? If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007. walu. _____ From: JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > To: jwalu@yahoo.com <mailto:jwalu@yahoo.com> Cc: JImmy Gitonga <jimmygitts@gmail.com <mailto:jimmygitts@gmail.com> > Sent: Friday, December 30, 2016 1:14 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Thank you Odhiambo Washington, I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day. I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words. I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling. Regards, Jimmy Gitonga Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com <mailto:odhiambo@gmail.com> > To: Kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <mailto:CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" Dear Listers, I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality. All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes. That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important. However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large. Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY? My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.* 1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot. 2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI. The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that?? Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason??? (a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is). (b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*." The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote. At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"? Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS?? There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
... and here's an example of why we need backup systems in case primary systems fail: http://www.bbc.co.uk/news/uk-38482746 "London ambulance service hit by New Year fault" Happy New Year to all 'Kictanetters' :) Tony On 31/12/2016, Alex Watila via kictanet <kictanet@lists.kictanet.or.ke> wrote:
<https://twitter.com/IEBCKenya> IEBCVerified account@IEBCKenya
We register, identify and transmit results electronically. But that is not "electronic voting". Voting, has and still is, by a ballot paper
https://twitter.com/IEBCKenya/status/814390489449459712
From: kictanet [mailto:kictanet-bounces+awatila=yahoo.co.uk@lists.kictanet.or.ke] On Behalf Of Collins Areba via kictanet Sent: Friday, December 30, 2016 6:07 PM To: awatila@yahoo.co.uk Cc: Collins Areba <arebacollins@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Let's dissect the problem into pieces.
1: voter registration: collecting details, photos and fingerprints. (Multiple data types)
2: verification: ascertaining that registered persons are in the system, and dead / expired ones are removed from the system. (Boolean: yes / No)
3: voting: choosing from one of several options.
4: tallying : counting the choices at the polling stations and recording the results on paper or device.
5: transmission: sending this information to regional and national tallying centers.
Maybe the good CS can explain how al shabbat can disable IT solutions so much that manual "backups" would suffice.
On 30 Dec 2016 17:58, "Grace Mutung'u via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote:
Thank you Wash for initiating the discussion. I also wondered whether a complimentary system was used in voter registration and where this system resides.
I remember a quote by the IEBC CEO during the Kenya IGF where he stated that being a Republic based on democracy, we have made elections the only means to access power. https://livestream.com/internetsociety2/kigf
He recalled the use of tech in the 2010 Referendum, 2013 elections and the various by-elections that have taken place. In the Referendum and most by-elections, there was not much contest about use of technology while for 2013 some issues were raised- these included multiple registers, voter impersonation and transparency.
The tech community has an important role to play in demystifying some of these concepts.
a) The wording of the amendment read "complimentary mechanism for identification of voters". It has now been expanded to include transmission of election results "where technology deployed initially fails". What would this mean, in the case of identification of voters and in the case of transmission of results? What complimentary systems were envisaged here? "Manual backup?" The ambiguity in the wording is a challenge as it leaves too room for interpretation in a system of high contests.
b) The mischief that technology was meant to cure in elections management was among others allegations of voter impersonation and transparency in management of elections. Tech is therefore supposed to achieve simplicity, accuracy, verifiablilty, security, accountability and transparency. Is the conversation about a " complimentary" system a necessary one at this stage?
Outside of the amendment, has anyone come across the data that CA presented on network coverage in the counties? A visualisation of that data besides the polling stations would be useful in helping us identify the specific polling stations/tallying centres that are not covered. I am asking this because the presenters spoke of areas not covered by network as opposed to polling stations/tallying centres not covered.
Raha tupate na ustawi
2016-12-30 13:54 GMT+03:00 Victor Kapiyo via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> >:
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep?
Regulator: CEO or Rep?
Operator: Safcom/Airtel/Telkom?
ICT Min: Minister or rep?
Academia: MMU/Strath/UoN/?
Political Party: Jubilee+CORD Rep?
Moderator &Broadcaster: Media (Citizen, NTV,KTN)
Convenor: KICTAnet -GG are you back from holiday?
Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
_____
From: JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > To: jwalu@yahoo.com <mailto:jwalu@yahoo.com> Cc: JImmy Gitonga <jimmygitts@gmail.com <mailto:jimmygitts@gmail.com> > Sent: Friday, December 30, 2016 1:14 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards,
Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com <mailto:odhiambo@gmail.com> > To: Kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <mailto:CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
Dear All, As we discuss the tech let’s not forget the basics. During the last election many polling staff did not turn up for training on the technology and where then unable to use the technology during the election. I remember stories of polling staff being unable to logon to the devices. Does IEBC have rules that only polling agents that were trained will work on election day? Regards, Alex From: kictanet [mailto:kictanet-bounces+awatila=yahoo.co.uk@lists.kictanet.or.ke] On Behalf Of Victor Kapiyo via kictanet Sent: Friday, December 30, 2016 1:54 PM To: awatila@yahoo.co.uk Cc: Victor Kapiyo <vkapiyo@gmail.com>; JImmy Gitonga <jimmygitts@gmail.com> Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest I agree. We should put together our submissions as the ICT community and present the same to bunge. Victor On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote: Thanks Walu, it's time for us to stand up. Let's demystify this tech. On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > wrote: I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this. I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?). A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following: IEBC: CEO or Rep? Regulator: CEO or Rep? Operator: Safcom/Airtel/Telkom? ICT Min: Minister or rep? Academia: MMU/Strath/UoN/? Political Party: Jubilee+CORD Rep? Moderator &Broadcaster: Media (Citizen, NTV,KTN) Convenor: KICTAnet -GG are you back from holiday? Sponsors: Anyone? If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007. walu. _____ From: JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > To: jwalu@yahoo.com <mailto:jwalu@yahoo.com> Cc: JImmy Gitonga <jimmygitts@gmail.com <mailto:jimmygitts@gmail.com> > Sent: Friday, December 30, 2016 1:14 PM Subject: Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Thank you Odhiambo Washington, I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day. I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words. I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling. Regards, Jimmy Gitonga Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com <mailto:odhiambo@gmail.com> > To: Kictanet <kictanet@lists.kictanet.or.ke <mailto:kictanet@lists.kictanet.or.ke> > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <mailto:CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" Dear Listers, I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality. All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes. That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important. However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large. Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY? My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.* 1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot. 2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI. The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that?? Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason??? (a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is). (b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*." The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote. At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"? Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS?? There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
....and some did not charge the equipment. It was all part of the game plan! I do not see how such should be allowed to happen without connivance! On 31 December 2016 at 13:02, Alex Watila via kictanet < kictanet@lists.kictanet.or.ke> wrote:
Dear All,
As we discuss the tech let’s not forget the basics.
During the last election many polling staff did not turn up for training on the technology and where then unable to use the technology during the election.
I remember stories of polling staff being unable to logon to the devices.
Does IEBC have rules that only polling agents that were trained will work on election day?
Regards,
Alex
*From:* kictanet [mailto:kictanet-bounces+awatila=yahoo.co.uk@lists. kictanet.or.ke] *On Behalf Of *Victor Kapiyo via kictanet *Sent:* Friday, December 30, 2016 1:54 PM *To:* awatila@yahoo.co.uk *Cc:* Victor Kapiyo <vkapiyo@gmail.com>; JImmy Gitonga < jimmygitts@gmail.com>
*Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
I agree. We should put together our submissions as the ICT community and present the same to bunge.
Victor
On 30 Dec 2016 13:50, "Dorcas Muthoni via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
Thanks Walu, it's time for us to stand up. Let's demystify this tech.
On Dec 30, 2016 1:43 PM, "Walubengo J via kictanet" < kictanet@lists.kictanet.or.ke> wrote:
I think this is an opportunity for the ICT fraternity to take up the challenge and demystify electronic systems in elections. I believe this forum has the most neutral platform where the media, academia, operators, regulators, government, legal and other interested parties can brainstorm on this.
I propose that early in the year, a face-2-face roundtable TV /Radio broadcast (NTV, Citizen, KTN?) deliberation to break this down -perhaps at Strath University (CPIT are you there?).
A lot has been written on the issue of electronic systems in elections but seems nobody READS, least of all politicians from both sides of the divide. I can imagine a cast of the following:
IEBC: CEO or Rep?
Regulator: CEO or Rep?
Operator: Safcom/Airtel/Telkom?
ICT Min: Minister or rep?
Academia: MMU/Strath/UoN/?
Political Party: Jubilee+CORD Rep?
Moderator &Broadcaster: Media (Citizen, NTV,KTN)
Convenor: KICTAnet -GG are you back from holiday?
Sponsors: Anyone?
If we do not hijack this ICT conversation, the politicians will run with it in the wrong direction and we might find ourselves exactly where we were in 2007.
walu.
------------------------------
*From:* JImmy Gitonga via kictanet <kictanet@lists.kictanet.or.ke> *To:* jwalu@yahoo.com *Cc:* JImmy Gitonga <jimmygitts@gmail.com> *Sent:* Friday, December 30, 2016 1:14 PM *Subject:* Re: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest
Thank you Odhiambo Washington,
I have the same concerns myself. I reached the conclusion that it would be nice if "ICT Experts" could lay their hands on a BVI machine as well as a and show the rest of us what the problem really is. The ERT issue is a red herring. It has worked flawlessly in the bi-elections that have happened ever since. With PKI and 2 factor authentication, this can be solved for election day.
I am sure Victor Kyalo and Joseph Mucheru could make this possible. Call it a "Kenyans as ICT stakeholders" meeting. All Listers with time will begin to be asked by their family or neighbours, what the issue really is. I, for one, do not want to echo the CS's words.
I think the CS and the PS should help us help them. Otherwise they will be on their own when the political vultures come calling.
Regards,
Jimmy Gitonga
Message: 4 Date: Fri, 30 Dec 2016 11:30:08 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Kictanet <kictanet@lists.kictanet.or.ke > Subject: [kictanet] Manual Backup and Elections 2017: Is the CS ICT Honest Message-ID: <CAAdA2WPFoRvjF5Bodk+sHb-P4_ rUp2AXpA9Q3zAk-UR57cqwGw@mail. gmail.com <CAAdA2WPFoRvjF5Bodk%2BsHb-P4_rUp2AXpA9Q3zAk-UR57cqwGw@mail.gmail.com>> Content-Type: text/plain; charset="utf-8"
Dear Listers,
I am at that position where I feel very lost. In fact, I feel like I am quite detached from the reality.
All along, I have keenly considered this matter that seems to have divided the country down the middle: *Manual Backup* during the 2017 voting process. From the Jubilee/govt side this is a do or die and so it must be there. This govt side seems hell-bent on confusing the masses, as well as the experts like the ICT Community. From the Opposition side, the agenda seems to be very clear - that of ensuring integrity of the Voters Register and stopping 'ghost voters' from ever casting their votes.
That brings us to the famous acronyms - BVI (Biometric Voter Register) / BVI (Biometric Voter Identification). Having been to a Voter Registration Centre (later to become a Polling Station) to register as a voter, I did look at the equipment in use for the registration process. I saw the laptop which was fitted with a camera and fingerprints scanner. All these require power to run. I did not dwell on how they were powered, but probably there was a battery backup somewhere (besides the electricity) given that they needed to run for a whole day for several days during the voter registration process. When it comes to the Elections, they only need to run for about 11 hours. My point here is that of *Backup Power* should it be that there's electricity blackout and the built-in batteries can't last the whole day. That backup is very important.
However, I did not see any piece of equipment which could suggest that the equipment in use required any form of connectivity back to some central server in order to function! Which now brings me to the currently national debate - Manual Backup during the Poll Day. What is it? Was the CS honest with his presentation before the Senate/Amos Wako committee yesterday? Does the CS himself really believe in the content of his presentation? I am asking that because I watched him and I don't believe him. I actually think he mislead the committee, and hence the nation at large.
Someone please prove me wrong. I am at that point where I believe that the BVR/BVI does NOT require any form of connectivity and so this Manual Backup being touted by the ruling coalition side, strongly supported by the ICT CS is a big lie. WHY?
My very first answer: Simply put, *when there was no requirement for a manual backup during voter registration, it goes without saying that there is NO NEED for on the polling day.*
1. For the issue that is in contention - BVR (used for BVI during polling) - this is a database that can be (and should be) statically stored on the equipment for each polling station. We are not supposed to rely on the Mobile Network to access this voters database. And every polling station can have two/three laptops/Biometrics scanner/Backup batteries to ensure that the voter identification doesn't fail. Some excuse has been fronted about some voters being mechanics, such that their fingerprints wouldn't be recognized by the BVI systems hence need for manual identification. My take on that is that every voter must carry their voter's card on that day. The clerks can check that card number against the electronic system - enter it, and it will bring the person's picture, ID number, etc and let him cast his ballot.
2. For electronics results transmission (ERT), this is not even necessary in the first place. We can have the results collated/announced at the tallying centres after being certified - forms 36A, and such. However, if the ERT must be done, the data footprint is so tiny that a 2G network can be used. Besides, it can be an SMS based system, which doesn't require 3G or VSAT. The results data isn't that large - it can't be in Megabytes to be sincere. Well, VSAT can be used if they MUST, but this is after the voting process itself is complete, has nothing to do with BVI.
The ERT and the BVR/BVI are two distinct systems. That is what I want to believe. The ERT gets feedback from a manual process - of voters casting their vote, clerks/agents counting, verifying, and certifying, filling requisite forms then communicating the same via some customized phones which are programmed to communicate to a backend system. Am I right on that??
Now the big question here is, where do we need this much touted manual backup where network connectivity is being used as the major reason???
(a) Citing terrorism and the possibility of Al Shabaab knocking off base stations seems like well thought out lie meant to cover our eyes! If they attacked an area, I doubt there will be voting in the 1st place. And even so, the network connectivity is not required for BVI so there is no disenfranchising anyone if there is no manual backup (whatever that is).
(b) Citing hacking is neither here nor there for a BVR/BVI system because it's not being accessed live during the voting. It's a static database, unique to the polling station, resident on the laptop used by the clerks. The only hacking that can be done then can only be by an "insider". Quoting Victor Kapiyo from Social Media, "*I guess it's a question of trust. Trust in systems and in trustworthy people to do the right thing. For M-Pesa, or KCSE results, we trust both. For IEBC, I guess the jury is still out*."
The main issue is not allowing the dead voters to rise again to vote in the presidential vote, then disappear. So the important component here is the BVR/BVI, the credibility of the register and hence the vote.
At what point does the BVI system require this connectivity they are talking about, which then necessitates the so called "manual backup"?
Did the CS ICT lie to the Senate?? Did the CAK lie to the Senate in supporting the lie from the CS??
There is insincerity in this whole debate about 'manual backup' and the ICT community seems to either support it or is simply lost in the pool of confusion being peddled by politicians.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
participants (14)
-
alex watila -
Barrack Otieno -
Collins Areba -
Dorcas Muthoni -
Grace Mutung'u -
JImmy Gitonga -
John Kieti -
Mwendwa Kivuva -
Ngigi Waithaka -
Odhiambo Washington -
Tony White -
Victor Kapiyo -
Walubengo J -
Wambua, Christopher