MANILA, Philippines - On November 12, the Senate approved Senate Bill No. 1030. This bill requires qualified voters to register for voting through biometrics.
According to Sen Aquilino Pimentel III, the implementation of biometrics “will allow a thorough cleansing of the national voters’ registry that will reduce, if not eliminate, cheating." It attempts to ensure election results “are reflective of the genuine will of the people.”
As much as anyone would want to support a lofty goal such as this, there are issues that Filipinos need to ask about the technology behind it and the bill’s implementation if it is to successfully create meaningful change in the electoral process.
Senate Bill No. 1030 means well. Written by Sen Lito Lapid, the bill’s intent is to cut a swath through incidents of electoral fraud and cheating.
According to the press release, this is done by requiring registered voters to have their "photographs, fingerprints, signatures and other identifiable features" captured and stored as digital data by election officers at one’s place of registration using the data capturing machines of the Commission on Elections (Comelec).
If a registered voter fails to submit his biometric data for future national and local elections, such as those in 2016, he will get cut off the registration record of voters by the Election Registration Board (ERB).
If one has been deactivated from the registration record, that person can apply for reactivation after undergoing the biometric scanning process at the ERB.
During his sponsorship speech, Senator Pimentel said the Committee on Electoral Reforms and People’s Participation can ensure the Automated Fingerprint Identification System (AFIS) will weed out double or multiple registrants.
One major issue with this is the premise that data is just data, and the acquisition of a large amount of data is not the answer to a problem, especially if the means of acquiring, storing, and using that data is not secure.
Take fingerprints, for example. Google searches for information on fingerprint hacking led to an article on CNN discussing the hacking of biometric information, specifically iris scans. In that article, however, is a paragraph about researchers at the University of Bologna and their reconstruction of fingerprints from digital data.
The article states, “They were so successful that they were able to build gummy finger versions of the prints that could be pressed up against a reader and used to fool the computer into letting them into someone else's account.”
The University of Bologna appears to have a full research laboratory devoted to biometric systems, and their studies include a long list of activities related to the study of fingerprint recognition, generation, and falsification. They also study other types of biometrics, from faces to signatures, and biometric encryption.
While we’ve worried about election violence, coercion, vote buying, and other human agents interfering with elections in the past, we now have to add another wrinkle: the human elements who have access to the data.
There appears to be at least one notable case of information theft with regard to biometric data. According to the Fast Company website, a contract worker with the Israeli Welfare Ministry was accused of stealing Israel's primary national biometric database back in 2006. He accessed all this information from the relative privacy and comfort of his office. When he was relieved of his position for other offenses, he began sharing it with the Jewish underworld.
The report notes that “the stolen database contained the name, date of birth, national identification number, and family members of 9 million Israelis, living and dead.” Information on birth parents of hundreds of thousands of adopted Israelis and health details of citizens was also in the stolen data.
All this private data first got passed around among a small group of people. It eventually made its way online. So long as someone has this data available to them, it will probably remain online for the foreseeable future.
The idea that any sufficiently malicious person with access to the right skills and technology can wreak havoc to digital data should make politicians pause. Hackers have done it repeatedly with websites of the Philippine government, and potential crisis scenarios of this sort should be taken into account before making decisions of value to the nation.
More importantly, it should make voters ask questions about the specifics of a bill that directly affects their ability to vote and the planned implementation of this system. - Rappler.com
Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.