The external auditing company McGregor certifies the transparency and functionality of the pre-counting and verification software for the 2021 and 2022 election processes. National Register
Colombia entered the second round of the presidency with fears that the results would be so close that one of the candidates would not accept them, and that a social explosion could be triggered while the reviews are being conducted. For months, both left and right have been talking about the possibility of voter fraud. The credibility of the electoral institutions is also at a minimum.
Once voting is closed, the results will be known quickly. However, these dates, known as precounts, are only informative. “The preliminary results are meant to inspire confidence, basically that people will go to sleep peacefully on election day and we won’t kill each other,” said physicist Pilar Sáenz, coordinator of the Karisma Foundation’s Digital Security and Privacy Laboratory K+LAB.
The Colombian electoral system is mixed: both voting and pre-counting are done manually, but two state-commissioned disclosure and counting software are also involved. When voting ends, the jury — randomly selected citizens, usually civil servants — are responsible for counting the votes and recording the data on forms called E14s. They do this under the observation of election witnesses, these yes-fighters and volunteers registered by the parties. In these elections, the Petro movement registered 72,321 witnesses; while Hernández nominated 69,063 for the League of Anti-Corruption Governors.
The so-called E14, a common name among Colombians, are filled in three times. Some are collected by the company UT Disproel, which dictates them to a switchboard and feeds it real-time information that citizens will know on Election Day. The other, E14 delegate, goes to a scanning station and is scanned to end up on the registrar’s page. And the third, the most important, is known as the E14 Claveros and the one that is subject to examination, which is the legal process.
The examination dates formed by the judges, prosecutors and witnesses and the National Electoral Council are valid and also start on the same Sunday. “During the vote count, candidates use the information provided by the registry office and that of their witnesses to monitor the votes as they are consolidated and can also request and request recounts of spreadsheets to ensure the legitimacy of the process,” explains Karisma Foundation. Since the legislature, parties have had data analysis teams that review the information from each table.
Usually there is not much difference between the precount and the count, and historically candidates usually accept defeat on the same day of voting, but as Karisma experts attest, “with a small margin, any change can change the winner.” And if the candidates don’t accept those initial results before a final vote, a multi-day lawsuit would begin, putting the country on hold to find out who its new president is.
Distrust of the Chancellor’s office, which is responsible for the elections, increased after the parliamentary elections initially lost 700,000 votes from the Historic Pact, Gustavo Petro’s coalition. And this Sunday, the candidate’s complaints on social networks that some ballot papers are empty or that they come from his opponent Rodolfo Hernández fueled the idea of cheating again.
However, the biggest reservations were related to the counting software developed by the Spanish company Indra. A video was leaked by this company on Saturday, in which it presented a simulated disclosure of results, showing a tiny difference that gave Hernández, a 77-year-old millionaire, the win. Chancellor Alexander Vega had to go and make explanations, assuring that the agency he heads “does not conduct any exercises or statistical extrapolations of the results”. He insisted that no fraud was possible and that the audit they commissioned certifies the transparency of the process.
However, digital security experts and party representatives point out that the explanations are not sufficient as there has been neither an independent audit nor detailed information on the one commissioned by the registrar. “The register mentions transparency but doesn’t explain why the images we’ve seen lead to an exercise, nor what happens at places like the National Electoral Council (CNE) that visualize election dates. It also doesn’t tell us which database is feeding the API (Application Programming Interface) today,” said the Karisma Foundation, a digital security and social rights expert foundation that has overseen the testing software since 2018. Karisma has previously pointed out that software has “vulnerabilities” and “black boxes” exist, and the Election Observation Mission (EOM) has indicated that it is unfortunate that no type of independent testing has been carried out on any of the software.
Subscribe here to the EL PAÍS newsletter on Colombia and receive all the important information about current events in the country.