|
Commentary
Source code review, according to COMELEC
By
Pablo Manalastas, PhD
Fellow and IT Consultant, CenPEG
Faculty, Ateneo and UP computer studies
February 8, 2010
Recently,
COMELEC announced that it will allow the review of the source codes
of the computer programs for Election 2010 by programmers of interested
political parties and groups, in conformity with the provision of
Section 14 of the AES Law Revised (RA9369), which states,
"Once
an AES technology is selected for implementation, the Commission
shall promptly make the source code of that technology available
and open to any interested political party or groups which may conduct
their own review thereof."
We
have to take this announcement with a grain of salt -- we can not
truly believe in the truth of this announcement. If we ask COMELEC
or Smartmatic exactly what the source code review is all about,
we get three different answers, depending on which person in COMELEC
or Smartmatic we are talking to.
Various
Definitions of Source Code Review by COMELEC-Smartmatic
Version
1. Atty. Ferdinand Rafanan, Chief Legal Counsel of COMELEC, has
one version. According to his pronouncements on various televised
forums, the "source code" review that COMELEC will allow
consists of showing the programmers in a closed door "walk-through"
session, the report on the source code review and program testing
done by Systest Labs of Denver, Colorado, USA. It does not require
a technical level of the English language to know that being shown
the report on the review done by another entity and doing the review
yourself are completely different. I believe that Atty. Rafanan
is insulting the intelligence of programmers by suggesting that
this is the review that Section 14 is all about. In fact it is the
duty of COMELEC to publish, on its website and in newspapers of
nationwide circulation, the results of the source code review and
program testing done by Systest Labs, if it is to remain true to
its claim of transparency.
Version
2. In a conversation between CenPEG Executive Director Evi-ta Jimenez
and Mr. Cesar Flores, spokeman of Smartmatic and now President of
Smartmatic International for Asia-Pacific, we get a second version
of the definition of "source code review". According to
Mr. Flores, the "source code review" that Smartmatic-COMELEC
will allow consists of a Smartmatic-appointed spokesperson, showing
in a closed door walk-through session, using an LCD projector, the
REAL source code of the PCOS and CCS programs, to programmers of
the interested political parties and groups. In programmer parlance
this procedure is called "code walk-through". Code walk-through
is not the intention of Section 14. The critical terminology here
are "make the source code ... available and open" and
"political party or groups ... may conduct their own review
thereof".
A
code walk-through conducted in closed door settings, in which programmers
see the code on an LCD screen but are unable to do a serious study
of the algorithms used, as proposed by Mr. Flores, is definitely
not a source code review. Writing the PCOS and CCS programs is hard
enough, but reading the same programs for the purpose of source
code review, to verify that these programs are correct implementations
of our laws and regulations (RA8436, RA9369, COMELEC TOR, COMELEC
GI, etc) is so difficult that code walk-through will not suffice.
If in 2007 when RA9369 was signed into law, the intention of Section
14 is "source code walk-through", then it would have used
that term instead of the term "source code review", since
both terms have been in existence in computer terminology since
the late 1960s.
Version
3. The COMELEC recently announced the guidelines for a "source
code review", and these guidelines provide another version
of COMELEC's definition of source code review. Here are some conditions
enumerated by COMELEC in its guidelines.
-
Entities approved by COMELEC shall sign a non-disclosure agreement
before they are allowed to conduct the source code review.
-
COMELEC shall provide a secure and enclosed location/facility
for the conduct of the source code review; and all entries and
exits into the facility shall be properly recorded.
-
A read-only copy of the source code shall be provided on secured
COMELEC workstations in the secured location/facility.
-
No copies of the source code or any part thereof may be taken
out from the secured location/facility.
-
No electronic devices of any kind, including but not limited to
laptops, mobile phones, cameras, USB drives and other storage
devices, shall be permitted inside the secured location/facility.
These
guidelines can be interpreted to mean that the reviewers of the
interested political parties and groups shall be free to read the
REAL source code of the PCOS and CCS computer programs, as long
as they do the review within the COMELEC-controlled facility, as
long as they do not take any copy of the source code out of the
facility, as long as they do not disclose to the public any item
in the source code listed in the non-disclosure agreement, and as
long as they do the review during the period February 10, 2010 to
May 10, 2010 and during those times of day dictated by COMELEC.
This
version 3 of the definition by COMELEC of source code review is
an acceptable definition of source code review of computer programs
that are released under commercial closed-source licenses. However,
this definition still falls short of the requirements of Section
14, in ways that we shall detail below.
Which
One, COMELEC?
Just
which one of these three versions COMELEC meant when it announced
that it will allow source code review of the election programs is
not clear? COMELEC will have to take a definite stand on the issue
of source code review, and we suggest that it takes the correct
stand, namely, implement source code review by interested political
parties and groups in the spirit of Section 14, by letting the reviewers
do their own review, independent of any review done by the COMELEC-appointed
international certification agency.
The
Substance and Spirit of Section 14
Section
14 of RA9369 requires that "Once an AES technology is selected
for implementation" COMELEC has to make the source code "available
and open" so that the interested political parties and groups
"may conduct their own review thereof". Let me expound
the three terms mentioned here.
A.
"Once an AES Technology is Selected for Implementation ..."
The AES technology was selected for implementation when COMELEC
signed the AES contract with Smartmatic-TIM on July 14, 2009, and
so the source code of the PCOS, CCS, and EMS computer programs should
have been released on that day to interested political parties and
groups, like the Center for People Empowerment in Governance (CenPEG).
In May 2009, CenPEG submitted its request to COMELEC, in writing,
for the source codes of the election programs, and in an en banc
resolution dated June 16, 2009, COMELEC decided to grant to CenPEG
the requested source codes. On August 26, 2009, COMELEC reversed
itself and essentially refused CenPEG's request
for the source code, when it sent a letter to CenPEG signed by Atty.
Rafanan. In this letter Atty Rafanan suggested another interpretation
of the terminology "Once an AES technology is selected for
implementation". The new Rafanan interpretation is, "Once
an AES technology is selected, AND customizations are implemented,
and the resulting system is tested and certified". We feel
that this new Rafanan interpretation is a corruption of the original
intent of the law, and that Atty Rafanan, being a lawyer and not
himself an IT professional has no business interpreting an IT provision
of the law for the convenience of COMELEC, and subsequently causing
great inconvenience to the public who want to review the election
programs. We believe that the source codes refered to by the term
"selected for implementation" refer to the original uncustomized
raw source codes used by the bidder to win the contract, since if
that uncustomized version is good enough to win a contract, then
it is good enough for review. This need to do the review right away,
as soon as the technology is selected, even before customizations
are implemented, stems from the difficulty of the source code review
process -- source code review takes programming brains and takes
time. The former the lawyers of COMELEC do not have, and the latter
the lawyers of COMELEC do not want to give. Furthermore, we believe
that this Rafanan misinterpretation of Section 14 led to a most
serious miscarriage of the law committed by the very people mandated
to implement the law.
B.
"... Make the Source Code ... Available and Open ..."
It is true that if the COMELEC allows programmers to read
the source code under COMELEC-controlled conditions, then the COMELEC
is actually making the source code "available", if only
in the limited sense of the word. But to make the source code "open"
as required by Section 14 invites a whole universe of discourse
in which you need to consider the pioneering thoughts of Richard
Stallman, author of the "General Public License" (GPL),
and of Eric Raymond, author of "The Cathedral and the Bazaar".
Both documents are available on the Internet, and since we happen
to live in this Age of Computers, I invite the curious reader to
read them. But even if we do not agree with Stallman or Raymond,
the common sense interpretation of source code that is "open"
for review by interested political parties or groups, connotes discussion
by all interested parties of the features of the program that either
correctly or incorrectly implement our laws, in an environment of
"open" public discussions in which the merits or demerits
of specific code fragments of the program are discussed, without
fear of anyone violating artificial restrictions such as non-disclosure
agreements. I believe that COMELEC's guidelines on the source code
review, while making the source code "available", does
not make it "open".
C.
"... Political Parties and Groups May Conduct Their Own Review
..." What "own review" means was most eloquently
expressed by Supreme Court Justice Antonio Carpio, during the pleadings
in the Harry Roque versus COMELEC-Smartmatic case, in which he said,
"the COMELEC has to give the political parties the source code,
so that they can bring them home, and study them". We believe
that review by interested political parties and groups can not be
done in a COMELEC-Smartmatic-controlled environment as provided
for in the COMELEC guidelines, since COMELEC-control of the review
process is antithetical to the concept of independent (own) review
by political parties and groups.
Source
Code Review that Respects Commercial IPR
Can
COMELEC make the source codes available and open for independent
review by interested political parties and groups, in a manner described
in B and C above, and still respect the intellectual property rights
of the copyright owners? The answer is definitely YES!
In
the first place, COMELEC could have required Smartmatic, as part
of pre-bid documentation, to submit the correct source-level license
from the original copyright owners, with the right to sublicense
the source code to interested political parties and groups in the
Philippines, for the exclusive purpose of review. That COMELEC did
not impose this requirement on all bidders is a serious omission
which may be interpreted as an attempt to disobey the law (Section
14).
COMELEC
could still do the right thing. It could directly apply with the
original copyright owners for source-level licensing, with the right
to sublicense the source code to interested political parties and
groups so that they can review the programs. Then COMELEC could
charge Smartmatic for the cost of the license, which Smartmatic
should have arranged in the first place.
That
the reviewers will copy the program, steal it, improve it, and sell
it as their own -- these claims may have some basis in the case
of consumer software like Microsoft Windows and Office, which everyone
wants to use. But in the case of election programs, the only customer
who will license election programs are governments and government
election agencies. Most countries and governments have intellectual
property laws that protect the original copyright owners. In particular
in the Philippines, the Business Software Alliance (BSA) has been
known to put "teeth" in its implementation of our IPR
laws. So COMELEC and Smartmatic should have nothing to fear about
copying by reviewers.
Besides,
if the original copyright owners do not want to license the source
code to COMELEC to sublicense to reviewers, COMELEC can always get
its hardware and software from suppliers who are willing to license
their source code, for a licensing fee or for free. For example,
COMELEC can use the free and open source SHARP election software
from the TrustTheVote.org project of the Open Source Digital Voting
Foundation (OSDV.org). The Sharp software is now downloadable as
source code or as bootable iso image that you can run on a PC. For
a second example, COMELEC can use Sequoia Voting Systems' "Frontier
Election System". The source code and instructions for building
"Frontier" are available for download from www.sequoiavote.com.
These, of course, are suggestions for future elections in 2013 and
subsequent elections.
Summary
There
are steps that COMELEC can do to allow source code review of the
2010 election programs according to the provisions of Section 14
-- steps that are truly honorable steps, that remove the public
impression that COMELEC is hiding behind the shadow of Smartmatic,
the public impression that COMELEC is under Smartmatic control. |
