Confirmed: Comelec computer stolen in Lanao contains national voters' list

MANILA, Philippines - The Commission on Elections (Comelec) confirmed that a copy of the national voters' list was on a computer that was stolen in January at the poll body's field office in Wao, Lanao del Sur.

In a press conference on Monday, February 20, Comelec Executive Director Jose Tolentino Jr said the National List of Registered Voters (NLRV) contains the demographics data of nearly 76 million active and deactivated voters as of October 2016, but not their biometrics data.

Only the biometrics data of voters in Wao are on the stolen computer, where the municipality's Voter Registration System (VRS) is stored, said the Comelec and the National Privacy Commission (NPC).

Based on latest Comelec statistics, Wao has 58,364 registered voters, of which 40,991 are for the barangay elections and 17,373 are for the Sangguniang Kabataan (SK) elections. Among them, 35,491 barangay voter records and 17,336 SK voter records are active.

Tolentino emphasized that the data in the NLRV and in the VRS that were used in Wao had been encrypted since October 2016.

"The data breach has not been confirmed. The possibility of such breach is remote, since the data are encrypted using AES-256 encryption," said the Comelec in a report given to the media.

"I'm confident [that the encryption is strong], although we all know that no encryption is hack-proof. It will take a long time [for the hackers]," Tolentino said.

Comelec Chairman Andres Bautista on Thursday, February 16, confirmed to Rappler the robbery incident at the Office of the Election Officer in Wao.

The NPC is investigating the incident. Tolentino said that the Wao local police is also looking into the robbery. 

"To expedite the recovery of the computer, and to put a closure to the robbery incident, we will be submitting a letter of request to the regional office of the Philippine National Police in Marawi City," Tolentino said.

He also said that the incident will not affect the results of the 2016 national elections. "The voter registration machines are not in any way connected to the vote-counting machines. Its output would only be the list of voters."

"This is the 2nd breach involving the Comelec voter registration database" in a span of less than a year, said NPC Commissioner Raymund Liboro. In March 2016, hackers leaked voter records stored in the Comelec website, in what was said to be the biggest leak of personal information in Philippine history.

In December 2016, the NPC said it found Bautista "criminally liable" for the said massive breach, which has since become known as "Comeleak."

Delay in notification

Tolentino, who also serves as the Comelec's data protection officer, said the robbery at the Comelec-Wao office took place at around midnight of January 11. A police report on the incident quoted a local employee saying that the unidentified suspect or suspects may have "gained entry through the improvised window at the back portion of the Comelec office."

"What they stole was the new [computer]. There are still old computers there. That's why we were thinking this was an ordinary incident," Tolentino added. 

The NPC was notified of the incident on January 28, or 17 days after. Explaining the delay, Tolentino said in a mix of English and Filipino that the incident was initially treated as an ordinary robbery. "But then, since the computer contained personal information, we have to submit a report to the NPC."

The Comelec's mindset "is on the operational aspect of voter registration," he added. "That's why the first thing that we did...is to ensure that another computer will be available for Wao so as not to interrupt the registration process."

Why the full voters' list in local offices?

The NLRV in each local Comelec office is used to determine the application type of a new voter through a voter search application, explained Tolentino. 

"That is the faster process, so that at the election office level, the voters' application could be processed and included in the next election registration board hearing," he said in Filipino.

This is different from the Precinct Finder on the Comelec website, which is only used to verify the location of a voter's precinct, he added.

Security measures

In response to the break-in, the NPC ordered the Comelec to erase copies of the NLRV in the computer systems in 1,656 election offices in all cities and municipalities nationwide.

The privacy body also ordered the Comelec to notify affected voters in the NLRV and in Wao's voter registration system within two weeks. NPC's compliance order to Comelec was issued on February 10.

Tolentino said that, on January 23, his office recommended to the Comelec en banc the installation of CCTV cameras in all field offices nationwide. This would mean a procurement of CCTVs estimated at P63.4 million through public bidding.

In addition to NPC's order, the Comelec en banc approved on February 14 to limit the use of copies of the NLRV to only the offices of provincial election supervisors in each of the 81 provinces in the country.

The Comelec would also limit the personal data in the NLRV database to only a few necessary fields, such as the voters' name, birthday, and place and status of registration.

Additional security measures – such as multifactor authentication and the use of biometrics to access the VRS and NLRV, and a mandatory VRS password change every quarter – will be implemented, Tolentino said.

He also reported that Comelec regional election officers have been instructed to implement interim security measures to secure voter data, "pending the issuance of the key policies related to data security, use, processing, storage and disposal." – Rappler.com

Michael Bueza

Michael is a data curator under Rappler's Tech Team. He works on data about elections, governance, and the budget. He also follows the Philippine pro wrestling scene and the WWE. Michael is also part of the Laffler Talk podcast trio.

image