Are Electronic Voting Machines (EVMs) Tamper-Proof?

Voter fraud allegations tend to be cyclical in India’s electoral process.

Mayawati in Uttar Pradesh, Arvind Kejriwal in Punjab, Lalu Prasad in Bihar and the Congress as a whole, have sought an investigation into “large-scale EVM fraud” in the recently concluded five-state assembly elections. Five years ago, BJP spokesperson GVL Narasimha Rao made a case against EVMs in a book, ‘Democracy At Risk! Can We Trust Our Electronic Voting Machines?’, which even came with a foreword by LK Advani.

There’s no doubt that conducting elections in India is a mammoth, constantly evolving process. While there’s no denying that any system is flawed and can be exploited, the question is – are the loopholes big enough to impact election outcomes?

Here’s what you need to know to make up your mind.

An argument has been made that developed countries, like the Netherlands, have discontinued use of EVMs after finding that they were susceptible to hacking. However, in a press release, the EC has addressed this concern, saying that the EVMs in developed countries were used online and were therefore vulnerable, while EVMs used in India operate in way that removes that particular weakness.

An EVM in India consists of a ‘Control Unit’, which remains in the control of the polling officer, and the ‘Balloting Unit’, which is where we, the voters, do the punching. The two units are connected by a 5-metre-long cable. The EVM runs on a 6-volt single alkaline battery, does not does not require any mobile or internet connectivity and can run in areas which don’t have electricity. One EVM can register up to 64 candidates and record up to 3,840 votes.

The ‘Balloting Unit’ is housed in a separate compartment to ensure voters have complete privacy when they punch the button corresponding to their choice of candidate and party. The Polling Officer appointed by the Election Commission, however, has to clear the previous deck on the ‘Control Unit’ and give the go-ahead to ensure each vote is registered.

Polling officials collecting Electronic Voting Machine (EVM) during 2014 Lok Sabha elections. (Photo: PTI)

The shift from paper ballot to EVMs was fraught with legal challenges to their efficacy and security.

In 2004, a retired US-based professor of computer science, Satinath Choudhary, who at the time was heading the ‘Better Democracy Forum’ in New York, filed a PIL to block the use of EVMs in India. Arguing his contention in The Indian Express the same year, he wrote:

Satinath Choudhary in The Indian Express, April 19, 2004.Computer chips that control the EVMs can be easily programmed to do all kinds of improper manipulations. For example, after a certain number of people (perhaps hundreds) have voted, the rest of the votes may be channeled to a chosen candidate… This kind of wrongdoing cannot be detected by the poll agents of candidates.

Nothing tangible came of Choudhary’s PIL.

EC introduced photos of the candidate next to the name during the 2015 Bihar assembly elections as several candidates with the same name were found to be contesting from the same constituency leading to confusion among voters. (Photo: The Quint/Lijumol Joseph)

More recently, an unauthenticated video showing how punching in a series of codes could re-distribute votes to make a candidate win without raising suspicion, has also been doing the rounds.

The Election Commission however, refutes claims that such tampering or manipulation is possible. The programme or software, it reasons, is burnt into a One Time Programmable or Masked Chip so that it cannot be altered or tampered with.

Election Commission of IndiaFurther, these machines are not networked either by wire or by wireless to any other machine or system. Therefore, there is no possibility of its data corruption.

In 2006, the EC added additional features, including real-time date and time stamping of every key pressed. Technical evaluations conducted after the updates ruled out any tampering of the Control Unit by coded signals, by wireless or outside, or Bluetooth or Wifi since it does not have a high-frequency receiver or a data decoder.

Members of election staff carry electronic voting machines (EVM) after collecting them from a distribution centre on the eve of the final phase of general election in Kolkata, 11 May 2014. (Photo: Reuters)

In 2010, Hari Prasad, a Hyderabad-based tech entrepreneur, along with two researchers from the University of Michigan, conducted tests on an EVM handed to them by an anonymous source. Their report stated they could manipulate election results through mobile phones. Speaking to the BBC, Professor J Alex Halderman said:

“We made an imitation display board that looks almost exactly like the real display in the machines. But underneath some of the components of the board, we hide a microprocessor and a Bluetooth radio. Our lookalike display board intercepts the vote totals that the machine is trying to display and replaces them with dishonest totals – basically whatever the bad guy wants to show up at the end of the election.”

Hari Prasad was later arrested by the Mumbai Police on the basis of a complaint filed by the Election Commission of India that claimed Hari Prasad was in possession of a machine stolen from its Mumbai warehouse.

He was later let out on bail.

J Alex Halderman, Hari K Prasad, Rop Gonggrijp collaborated on a research on the security of EVMs in India and concluded they are vulnerable to fraud. (Photo Courtesy: www.indiaevm.org)

The 2010 BBC news report resurfaced and was shared by many on social media following Mayawati and Arvind Kejriwal’s allegations of fixed EVMs.

In a subsequent press note, the Election Commission disputed the findings, saying the ‘machine’ which they claimed was stolen and subjected to changes by the activists and thus it was no longer the ‘machine’ used by the EC.

If the EC is to believed, there exists no convincing EVM hack. YET. But what’s stopping any administrative or procedural manipulation from taking place? An elaborate security system, the EC argues.

1. Every EVM has a corresponding identity number. This ID is cross-checked against the EC’s database when its being transported to and from the polling booth. They are guarded at all times by Central Forces.

2. From first level checks by engineers to the manufacturers in the presence of political parties’ representatives, to mock polls where at least 100 votes are cast by representatives of political parties on 5% of the EVMs randomly selected by them.

3. On the day of polling, such mock polls are repeated by casting 50 votes at every polling station, again, in the presence of political party representatives.

4. After polling is concluded, candidates and their representatives are allowed to put their own seals in the strong room. They are also allowed to keep a round the clock watch on the strong room.

People at a polling center to cast their vote in the first phase of the Uttar Pradesh assembly elections in Noida on Feb 11, 2017. (Photo: IANS)

In 2010, Subramanian Swamy filed a PIL proposing several ways to prevent EVM fraud. The Supreme Court saw merit in the most tangible solution – a print record of one’s electronic vote, and asked the EC to explore the possibility of introducing the Voter Verified Paper Audit Trail (VVPAT).

The Election Commission says VVPAT machines will be available at every polling booth by 2019.

. Read more on Explainers by The Quint.Gauri Lankesh: SIT Running out of CCTV Footage, No BreakthroughLower Taxes, Ease of Rules: 5 Key Changes in GST Reforms . Read more on Explainers by The Quint.