Prashant Bhushan, a notorious attorney for the Supreme Court, has continued to criticise electronic voting machines. He has lately restated the long-standing demand that the ECI make the source code of EVMs publicly available. Remarkably, the Supreme Court denied this request last year, citing concerns that it would increase the vulnerability of the source code.
“How the lapdog CEC is behaving with EVMs: Not revealing the source code of the programmable chips; not willing to meet Opp parties on this; not willing to even count the VVPAT slips; reveals the malafide intent of the CEC,” Prashant Bhushan railed in a diatribe against the ECI and the current CEC.
The disgraced Supreme Court attorney continued, “They must know they will be jailed if they are caught manipulating EVMs,” sounding like an outright threat.
Bhushan made the aforementioned statements in response to a media report stating that the Chief Information Commissioner (CIC) had criticised ECI for allegedly failing to reply to RTI requests concerning EVM and VVPATs for over a year. Former Indian Administrative Service (IAS) official M. G. Devasahayam filed the aforementioned RTI.
Devasahayam was one of the signatories who attempted to raise doubts over the validity of voter-verifiable paper audit trails (VVPATs), electronic voting machines (EVMs), and the vote-counting procedure. On November 22, 2022, he submitted an application to the poll panel under the Right to Information (RTI) Act, requesting information on the measures taken in relation to their representation.
Devasahayam applied for an RTI to learn more about the people and government agencies that received the representation, held meetings, and received relevant file notes.
Although Prashant Bhushan criticised the ECI for withholding the source of the “programmable chips” used in the EVMs, the country’s top court has already rejected this claim.
Notably, in September 2023, a Public Interest Litigation (PIL) seeking an audit of the source code of all electronic voting machines (EVMs) was dismissed by a three-judge panel of the Supreme Court of India, presided over by Chief Justice DY Chandrachud. Additionally, the PIL had requested that the audit report be made available to the general public.
“What is the material to doubt about the Election Commission?” The CJI dismissed the PIL. What is the process for making source code publicly available? It is not permitted to be placed in the public domain. They will become more exposed as a result.
During a brief hearing, petitioner Sunil Ahya, speaking on his own behalf, told the bench that he had earlier sent a representation to the Indian Election Commission but had not heard back.
“Plea is filed seeking an independent audit of the source code of the EVM applying to a particular standard of IEEE 1028 and so that the report is placed in the public domain,” the bench stated in its judgement, rejecting the PIL. Before the 2019 general elections, the petitioner had filed a plea; however, the court ruled that the plea could not be accepted because of the upcoming elections.
The judgement states, “He filed another PIL in 2020, and this court allowed him to appear before the ECI.” The petitioner claims he has sent the ECI three representations but has not received a response. Election management is delegated to the ECI. The petitioner has not presented this court with any material that may be used to prove that ECI violated its constitutional mandate. In the end, making the source code audit publicly available interferes with the policy matter, and we are not inclined to meddle in this particular policy matter. There is no evidence that ECI is not carrying out its mandate. We, therefore, don’t become involved in this petition.
Using the term “programmable chip,” Prashant Bhushan disseminated another falsehood because the EVMs include One-Time Programmable (OTP) microcontrollers. This implies that the programme cannot be changed once it is loaded into the processors.
Furthermore, Bhushan was misled when he said that ECI would not even count the VVPAT slips. As per an order from the Supreme Court, VVPAT slips of five EVM-VVPATs in each assembly segment are currently counted. The returning officer conducts a “draw of lots” to randomly choose the VVPATs for counting paper slips in front of the general observer, the candidates, or their representatives. Following the final vote counting on the constituency’s electronic voting machines, the paper slips are tallied in a secure VVPAT counting booth beneath a camera inside the counting hall.
The Supreme Court is currently considering a petition to count every VVPAT that has been filed there. The ECI, however, has objected to the demand that all or even 50% of the VVPAT slips be counted, claiming that doing so would cause a five- to six-day delay in the publication of the results.
ECI further notes that no disparity between the EVM results and the slip counts was discovered in any cases where the slips were counted. The Indian Statistical Institute calculated that even counting slips from 479 randomly chosen VVPATs nationwide would ensure over 99% accuracy, according to the poll body. More than 20,000 VVPATs are counted, with 5 VVPATs per assembly constituency.
Thus, slips of randomly chosen VVPATs are counted now, and the Supreme Court is considering a motion to count them all.
What does ECI state regarding the EVM source code?
The ECI website’s FAQ page on EVMs provides comprehensive details regarding the EVMs’ source code, which explains why they are impenetrable.
The Election Commission’s EVM FAQ states that Bharat Electronics in Bengaluru and Electronics Corporation of India in Hyderabad are the two Indian companies that manufacture all of the EVMs used in India; no EVMs are imported. These two businesses write the software programme code for the voting machines internally; it is not outsourced. At the factory level, security protocols are applied to the process to ensure the highest standards of integrity.
Once written, the code is translated into machine code; only this machine code, expressed in machine language, is sent to the foreign chip maker. This is due to the fact that there isn’t an Indian chip manufacturer that can create these kinds of semiconductor microchips now.
According to the FAQ website, “Every microchip bears the digital signatures of the manufacturers and an identification number that is embedded into memory.” Consequently, since microchips are put through functional testing pertaining to the software, the matter of their replacement does not even come up. Any effort to change the microchip can be detected, and the EVM could be rendered unusable. Therefore, it is detectable to change an existing programme or introduce a new one, rendering the EVM inoperative.
In addition, the recently released third-generation M3 EVM boasts further capabilities, including self-disaline and tamper detection. Thanks to the tamper detection mechanism, an EVM becomes unusable when someone tries to open it. Upon activation, the self-diagnostic function thoroughly examines the EVM. It will detect any changes made to its software or hardware.
The EVMs’ technology is detailed in the Frequently Asked Questions (FAQ) section. “The ECI-EVMs use some of the most advanced technological features to ensure the machine cannot be tampered with. These include one-time programmable (OTP) microcontrollers, dynamic coding of key codes, date and time stamping of every key press, advanced encryption technology, and EVM-tracking software to handle EVM logistics.” Tamper detection and self-diagnostics are other features added to the new model M3 EVMs. Software cannot be changed, rewritten, or reread because it is built on OTP. EVM is, therefore, tamper-resistant. The machine will stop working if someone tries to operate it.
