The deployment of new technology in managing Kenya elections helped improve transparency, the Carter Centre says.
In its preliminary report from its expert mission to Kenya’s August 9 presidential election, the centre says that the Independent Electoral and Boundaries Commission (IEBC) made good strides in making sure that the country's polls were transparent and accountable.
The report, which focuses on the use of election technology, states that the mission found “that significant progress was made in using technology to enhance the transparency and verifiability of the election process”.
It also faults the Wafula Chebukati-led commission for failing to conduct vigorous voter education in regard to the deployment of technology to build public confidence.
“It also finds that the commission did not do enough to help voters better understand the role of election technologies in the run-up to the election. As such, it missed an opportunity to increase public confidence in the processes surrounding procurement, voter registration, voter verification, and equipment testing,” the Carter Center says.
The report also finds that the outgoing regime of President Uhuru Kenyatta and the country’s 12th Parliament did very little in supporting the IEBC for the sake of the overall deployment of technology in the elections noting that the electoral agency fell short of the target because of timely disbursement of funds as well as lateness in constituting the full commission.
“For most of the process, several factors impeded the IEBC’s overall ability to communicate how technology was used in the election. These included the Kenyatta administration’s delay in nominating replacement IEBC members, parliament’s failure to approve funding in a timely manner, the late onset of preparations, the lack of an IEBC commissioner with a background in information technology, and legal challenges that changed key processes at late stages,” the report says.
With the country’s presidential petitions having raised issues of external interference to the IEBC’s system, which could not be substantiated by Azimio La Umoja One Kenya leader Raila Odinga in the Supreme Court after the firm Smartmatic International BV, which was contracted by the electoral body, refused to provide access to its access citing security issues, the Carter Centre report suggests that for the sake of future elections, the matter needs to be relooked into.
“Both events nonetheless raise important questions for consideration over the coming electoral cycle regarding the ownership of data produced by electronic information gathering systems, particularly as it relates to both the use of proprietary software and the processing of data,” the report says.
Convinced by the kind of technology used by IEBC in the elections, the Carter Centre is also of the view that before the polls, the electoral agency should subject its election technologies to rigorous third-party reviews.
It also recommends that the IEBC results transmission system can better safeguard confidentiality, integrity, and availability through open-source software, modern digital signature schemes and other cryptographic methods.
“IEBC can use the following measures to reduce any risk of IEBC employees or contractors misusing access rights to IEBC databases to access or modify privileged information or prevent the system from working properly. Such threats include supply-chain attacks, whereby malicious code is introduced into an application by security updates through third-party components,” says the report.
It added: “Carter Center calculations show that a risk-limiting audit for the August 9, 2022, election would require drawing and inspecting a sample of 909 ballots to be 99.9 per cent certain that the result announced reflected ballots cast. As recommended by the Carter Center in 2017, the adoption of audits may help increase public confidence in the result.”
In regard to complaints raised by Kenyans before elections that they were registered as members of certain political parties without their consent, the report suggests that Kenya should ratify the African Convention on Cyber Security and Protecting Personal Data.