Source code review, according to COMELEC
By Pablo Manalastas, PhD
Fellow and IT Consultant, CenPEG
Faculty, Ateneo and UP computer studies
February 8, 2010
Recently, COMELEC announced that it will allow the review of the source codes of the computer programs for Election 2010 by programmers of interested political parties and groups, in conformity with the provision of Section 14 of the AES Law Revised (RA9369), which states,
"Once an AES technology is selected for implementation, the Commission shall promptly make the source code of that technology available and open to any interested political party or groups which may conduct their own review thereof."
We have to take this announcement with a grain of salt -- we can not truly believe in the truth of this announcement. If we ask COMELEC or Smartmatic exactly what the source code review is all about, we get three different answers, depending on which person in COMELEC or Smartmatic we are talking to.
Various Definitions of Source Code Review by COMELEC-Smartmatic
Version 1. Atty. Ferdinand Rafanan, Chief Legal Counsel of COMELEC, has one version. According to his pronouncements on various televised forums, the "source code" review that COMELEC will allow consists of showing the programmers in a closed door "walk-through" session, the report on the source code review and program testing done by Systest Labs of Denver, Colorado, USA. It does not require a technical level of the English language to know that being shown the report on the review done by another entity and doing the review yourself are completely different. I believe that Atty. Rafanan is insulting the intelligence of programmers by suggesting that this is the review that Section 14 is all about. In fact it is the duty of COMELEC to publish, on its website and in newspapers of nationwide circulation, the results of the source code review and program testing done by Systest Labs, if it is to remain true to its claim of transparency.
Version 2. In a conversation between CenPEG Executive Director Evi-ta Jimenez and Mr. Cesar Flores, spokeman of Smartmatic and now President of Smartmatic International for Asia-Pacific, we get a second version of the definition of "source code review". According to Mr. Flores, the "source code review" that Smartmatic-COMELEC will allow consists of a Smartmatic-appointed spokesperson, showing in a closed door walk-through session, using an LCD projector, the REAL source code of the PCOS and CCS programs, to programmers of the interested political parties and groups. In programmer parlance this procedure is called "code walk-through". Code walk-through is not the intention of Section 14. The critical terminology here are "make the source code ... available and open" and "political party or groups ... may conduct their own review thereof".
A code walk-through conducted in closed door settings, in which programmers see the code on an LCD screen but are unable to do a serious study of the algorithms used, as proposed by Mr. Flores, is definitely not a source code review. Writing the PCOS and CCS programs is hard enough, but reading the same programs for the purpose of source code review, to verify that these programs are correct implementations of our laws and regulations (RA8436, RA9369, COMELEC TOR, COMELEC GI, etc) is so difficult that code walk-through will not suffice. If in 2007 when RA9369 was signed into law, the intention of Section 14 is "source code walk-through", then it would have used that term instead of the term "source code review", since both terms have been in existence in computer terminology since the late 1960s.
Version 3. The COMELEC recently announced the guidelines for a "source code review", and these guidelines provide another version of COMELEC's definition of source code review. Here are some conditions enumerated by COMELEC in its guidelines.
These guidelines can be interpreted to mean that the reviewers of the interested political parties and groups shall be free to read the REAL source code of the PCOS and CCS computer programs, as long as they do the review within the COMELEC-controlled facility, as long as they do not take any copy of the source code out of the facility, as long as they do not disclose to the public any item in the source code listed in the non-disclosure agreement, and as long as they do the review during the period February 10, 2010 to May 10, 2010 and during those times of day dictated by COMELEC.
This version 3 of the definition by COMELEC of source code review is an acceptable definition of source code review of computer programs that are released under commercial closed-source licenses. However, this definition still falls short of the requirements of Section 14, in ways that we shall detail below.
Which One, COMELEC?
Just which one of these three versions COMELEC meant when it announced that it will allow source code review of the election programs is not clear? COMELEC will have to take a definite stand on the issue of source code review, and we suggest that it takes the correct stand, namely, implement source code review by interested political parties and groups in the spirit of Section 14, by letting the reviewers do their own review, independent of any review done by the COMELEC-appointed international certification agency.
The Substance and Spirit of Section 14
Section 14 of RA9369 requires that "Once an AES technology is selected for implementation" COMELEC has to make the source code "available and open" so that the interested political parties and groups "may conduct their own review thereof". Let me expound the three terms mentioned here.
A. "Once an AES Technology is Selected for Implementation ..." The AES technology was selected for implementation when COMELEC signed the AES contract with Smartmatic-TIM on July 14, 2009, and so the source code of the PCOS, CCS, and EMS computer programs should have been released on that day to interested political parties and groups, like the Center for People Empowerment in Governance (CenPEG). In May 2009, CenPEG submitted its request to COMELEC, in writing, for the source codes of the election programs, and in an en banc resolution dated June 16, 2009, COMELEC decided to grant to CenPEG the requested source codes. On August 26, 2009, COMELEC reversed itself and essentially refused CenPEG's request
for the source code, when it sent a letter to CenPEG signed by Atty. Rafanan. In this letter Atty Rafanan suggested another interpretation of the terminology "Once an AES technology is selected for implementation". The new Rafanan interpretation is, "Once an AES technology is selected, AND customizations are implemented, and the resulting system is tested and certified". We feel that this new Rafanan interpretation is a corruption of the original intent of the law, and that Atty Rafanan, being a lawyer and not himself an IT professional has no business interpreting an IT provision of the law for the convenience of COMELEC, and subsequently causing great inconvenience to the public who want to review the election programs. We believe that the source codes refered to by the term "selected for implementation" refer to the original uncustomized raw source codes used by the bidder to win the contract, since if that uncustomized version is good enough to win a contract, then it is good enough for review. This need to do the review right away, as soon as the technology is selected, even before customizations are implemented, stems from the difficulty of the source code review process -- source code review takes programming brains and takes time. The former the lawyers of COMELEC do not have, and the latter the lawyers of COMELEC do not want to give. Furthermore, we believe that this Rafanan misinterpretation of Section 14 led to a most serious miscarriage of the law committed by the very people mandated to implement the law.
B. "... Make the Source Code ... Available and Open ..." It is true that if the COMELEC allows programmers to read the source code under COMELEC-controlled conditions, then the COMELEC is actually making the source code "available", if only in the limited sense of the word. But to make the source code "open" as required by Section 14 invites a whole universe of discourse in which you need to consider the pioneering thoughts of Richard Stallman, author of the "General Public License" (GPL), and of Eric Raymond, author of "The Cathedral and the Bazaar". Both documents are available on the Internet, and since we happen to live in this Age of Computers, I invite the curious reader to read them. But even if we do not agree with Stallman or Raymond, the common sense interpretation of source code that is "open" for review by interested political parties or groups, connotes discussion by all interested parties of the features of the program that either correctly or incorrectly implement our laws, in an environment of "open" public discussions in which the merits or demerits of specific code fragments of the program are discussed, without fear of anyone violating artificial restrictions such as non-disclosure agreements. I believe that COMELEC's guidelines on the source code review, while making the source code "available", does not make it "open".
C. "... Political Parties and Groups May Conduct Their Own Review ..." What "own review" means was most eloquently expressed by Supreme Court Justice Antonio Carpio, during the pleadings in the Harry Roque versus COMELEC-Smartmatic case, in which he said, "the COMELEC has to give the political parties the source code, so that they can bring them home, and study them". We believe that review by interested political parties and groups can not be done in a COMELEC-Smartmatic-controlled environment as provided for in the COMELEC guidelines, since COMELEC-control of the review process is antithetical to the concept of independent (own) review by political parties and groups.
Source Code Review that Respects Commercial IPR
Can COMELEC make the source codes available and open for independent review by interested political parties and groups, in a manner described in B and C above, and still respect the intellectual property rights of the copyright owners? The answer is definitely YES!
In the first place, COMELEC could have required Smartmatic, as part of pre-bid documentation, to submit the correct source-level license from the original copyright owners, with the right to sublicense the source code to interested political parties and groups in the Philippines, for the exclusive purpose of review. That COMELEC did not impose this requirement on all bidders is a serious omission which may be interpreted as an attempt to disobey the law (Section 14).
COMELEC could still do the right thing. It could directly apply with the original copyright owners for source-level licensing, with the right to sublicense the source code to interested political parties and groups so that they can review the programs. Then COMELEC could charge Smartmatic for the cost of the license, which Smartmatic should have arranged in the first place.
That the reviewers will copy the program, steal it, improve it, and sell it as their own -- these claims may have some basis in the case of consumer software like Microsoft Windows and Office, which everyone wants to use. But in the case of election programs, the only customer who will license election programs are governments and government election agencies. Most countries and governments have intellectual property laws that protect the original copyright owners. In particular in the Philippines, the Business Software Alliance (BSA) has been known to put "teeth" in its implementation of our IPR laws. So COMELEC and Smartmatic should have nothing to fear about copying by reviewers.
Besides, if the original copyright owners do not want to license the source code to COMELEC to sublicense to reviewers, COMELEC can always get its hardware and software from suppliers who are willing to license their source code, for a licensing fee or for free. For example, COMELEC can use the free and open source SHARP election software from the TrustTheVote.org project of the Open Source Digital Voting Foundation (OSDV.org). The Sharp software is now downloadable as source code or as bootable iso image that you can run on a PC. For a second example, COMELEC can use Sequoia Voting Systems' "Frontier Election System". The source code and instructions for building "Frontier" are available for download from www.sequoiavote.com. These, of course, are suggestions for future elections in 2013 and subsequent elections.
There are steps that COMELEC can do to allow source code review of the 2010 election programs according to the provisions of Section 14 -- steps that are truly honorable steps, that remove the public impression that COMELEC is hiding behind the shadow of Smartmatic, the public impression that COMELEC is under Smartmatic control.