Share
In connection with the article "Experts: the risk of compromising the elections comes from Information Services, not from the machines" published on 30.06.2021 on the website bird.bg, we strongly disagree with the involvement of the National System Integrator Information Services in political theses and election suggestions.
In the material, which was reprinted in several other websites, many manipulatively presented claims are made, which are not supported by specific evidence. It is a primitive attempt to mislead readers in the run-up to the snap general election on 11 July 2021, designed to damage the company's reputation and image and to cast doubt on the results.
The allegations of the quoted expert show a categorical ignorance of the Electoral Code and the role that is assigned to Information Services by law in the electoral process, as well as the scope of works that the company carries out.
We would like to strongly emphasize that up to this moment not a single journalist from the website in question has contacted Information Services for an opinion and refutation of the theses expressed, which is the normal journalistic practice and ethics.
The manipulative suggestions that Information Services can somehow influence the results are categorically untrue. The computer processing of the election results is described in detail in an annex to Decision No 20-NS dated 16 May 2021 of the Central Election Commission (https://www.cik.bg/bg/decisions/20/2021-05-16). It details the instructions and rules to be followed by the teams involved in the election process.
Information Services strictly adheres to the described processes and procedures, and the developed software systems are demonstrated prior to each election before the Central Election Commission (CEC), where the full cycle of computer processing is carried out.
It is important to note that Information Services is a long-standing technology partner of the CEC. The company has been involved in the computer processing of all parliamentary, local, presidential elections and to date there has not been a single proven accusation of unprofessional work.
Information Services is a working body to the CEC and respectively the Regional election commissions / Polling station commissions (REC/PSC), which control and direct at every level the work of the company, and during the computer processing access to the computing stations have registered observers, advocates, poll workers and candidates in the elections. The computers in the established computing centres do not have Internet connectivity, which eliminates the possibility of external interference. The entire database, scanned protocols, all decisions of the REC and CEC are made available in machine-readable format and uploaded on the CEC website as open data.
Please note that all incoming information handled by the company is published online at the time of processing - these are the scanned samples of the polling station protocols filled in by the election commissions. The process is set up so that there is clear traceability of actions and results from the lowest level to the announcement of the decision with the final results.
It is important to highlight that since 2003, open data on the information processed and the analysis of discrepancies are also published. On this basis, any interested party can repeat and verify all the steps performed by the company until the calculation of the final results by the CEC.
We also recall that back in 2013 an official parallel processing of the results was carried out by the international consultancy company SORA, which confirmed the election results.
We also strongly oppose the allegations of a relationship between Information Services and the technology provider. The company had no involvement whatsoever in the processes carried out by the supplier of the voting machine technology during the elections.
The suspicions and suggestions that Information Services is able to manipulate electronic signatures show a lack of basic knowledge of certification services. The company is the first certified certification service provider in Bulgaria and has the necessary capacity to provide the smartcards for the voting machines. These smartcards are high-security devices, such as those used by the company in its role as a provider of qualified authentication services and made available to the company's customers. The cryptographic keys are unique to each smartcard; they are generated by the smartcards themselves and cannot be downloaded and copied to another device. Once the smartcards are issued, they are provided to the CEC, and Information Services has no physical contact with them during the entire computer processing process.
The information with the results from each voting machine are signed with an electronic signature, which ensures that there is no technical means of altering the data without it being identified subsequently for sure. "Displacing" the data on file from the machines, as the article claims, is impossible. Information Services also proposes to publish online all the data read from the voting machines, along with their electronic signature, so that the machine vote data can be verified.
In practice, the computerized election results processing systems developed by Information Services do not use data encryption, and the electronic signing is done to ensure transparency and immutability of the data.
In conclusion, we believe that the involvement of the company's name in political conversations and suggestions leads to huge risks in terms of the normal conduct of fair and transparent elections. We reserve the right to seek judicial remedy for the lies circulated and attempts to damage the good name and reputation of the National System Integrator.