There has been an intense discussion on EVMs in India
after the arrest of Hariprasad who was involved in a demonstration of
the vulnerability of the EVMs.
The issues raised fall into the following categories.
1.Was it ethical to arrest Mr Hariprasad whose intention was only to
alert the GOI on the technical issues involved in security?
2.Is the vulnerability of EVM an issue which comes under ITA 2008?
3. Are there any solutions for maintaining confidentiality of voting
along with keeping a paper trail?
Naai has been in the forefront of discussing the
cyber law compliance of EVMs ever since the ITA 2000 eas enacted. Some
of his earlier writings can be accessed at
Now in continuation of what was stated earlier it is necessary to
express the followign views.
1. Was it right for Hariprasad to be arrested?
Hariprasad has been arrested under charges of “Theft” of an EVM. The
fact that EVM was stolen is indisputable. It is also not in dispute that
Hariprasad was in posession of the stolen property. But it is not clear
if he was arrested for being in posession of the stolen property or for
stealing itself? It appears that Hariprasad stated that the machine was
given by some body else whose identity he wants to guard. Prima facie
therefore it appears that he is guilty of shielding another person who
might have stolen the EVM. The charge should therefore have been perhaps
under CrPc for not parting with evidence in his possession and not for
theft. I tis not clear if suitable procedures were followed in this
regard. There is no credible proof that Hariprasad himself could have
stolen the EVM.
Having admitted that Hariprasad was in possession of the stolen property
and does not want to reveal his source, technically he may be guilty of
a minor offence which is perhaps bailable particularly since the stolen
property has also been recovered.
The question remains however whether it was ethical to target a person
who has not demonstrated any malicious intention except perhaps to
expose how the system could be misused.
2. Does EVM come under ITA 2008?
EVM is an electronic device and there is no doubt that it attracts the
provisions of ITA 2008. There is no exemption either under the ITA 2008
or under the provisions of laws relating to conduct of elections that
EVMs are not subject to ITA 2008.
3. Are there any solutions to maintain confidentiality of elections and
Naavi has already presented a Cyber Law Compliant solution of EVMs
elsewhere and proposed how the machine can be modified to meet the
requirements of “Verifyability” without compromising on
“Confidentiality”. If BEL or EC is interested, the design can be
.. More may follow.
Aug 26 2010
Comments are Welcome at