A preliminary expert report attached to the MK Party’s affidavit to the Constitutional Court would be inadmissible in court as expert evidence and does not show what the party claims it shows: “serious weaknesses including possible illicit deletion of data, the corruption thereof, as well as the loss of vital information”.
The report is significant because “inherent system weakness” is one of the grounds upon which the party claims the election was not free and fair — and the report is its only evidence for why this was so.
The party approached the ConCourt urgently on Monday seeking to interdict the first sitting of parliament, scheduled for Friday. It wants this interdict pending part B of its case, including asking the court to set aside the election.
The report does not perform any mathematical or statistical analysis of any data. It does not provide any models, nor show any patterns in data. Nor does it provide any logical deductive proof for its findings. It simply moves on swiftly to its 'concerns'
The affidavit by the party's interim secretary-general Sihle Ngubane is already slim on evidence — it says so itself. Ngubane says though the party is “in possession of a large and growing body of evidence to support ... material irregularities and/or vote-rigging, no useful purpose will be served including such information herein at this stage”.
But leaving aside evidence of vote-rigging, Ngubane said he can show the IEC acted unlawfully on facts that are “largely common cause”.
One of these common-cause facts, said Ngubane, was that on Friday May 31 “the entire results system and dashboard crushed [sic] and did not operate for almost two hours”.
It is unclear, however, whether it is in fact “common cause” — agreed by all — that the system crashed. Electoral Commission of South Africa (IEC) chairperson Sy Mamabolo is reported to have said that while the IEC regretted that leaderboards at centres could not display the results for a period, “we wish to emphasise our system did not crash, as reported, and no data was compromised”.
But Ngubane said the MK Party wrote a letter to the IEC asking it “pertinent questions” about the alleged crash. The response was “cavalier”, said Ngubane. He said the commission “reserved its right to respond in full” to the allegations in the letter at a future junction, if necessary. There was no further response, he said.
But the MK Party “procure[d] the services of the information technology [IT] experts to advise on the material issue of suspected inherent defects in the IEC’s IT system, as well as the ‘glitch’ itself”. This report identified “serious weaknesses including possible illicit deletion of data, the corruption thereof, as well as the loss of vital information”, he said.
The preliminary report is annexed to the papers. It does not name the IT experts or their field of expertise — the basics for admissibility for expert evidence. It is not dated.
On its “technical analysis”, there is a lot of jargon, for example: “we cover all aspects of mathematical and statistical analysis” and “to perform modelling techniques and tests to show patterns in data from all aspects [and] draw out logical deductive proof on findings”.
But the report does not perform any mathematical or statistical analysis of any data. It does not provide any models, nor show any patterns in data. Nor does it provide any logical deductive proof for its findings. It simply moves on swiftly to its “concerns”.
It expresses a “concern” about ICT Infrastructure – “about the level of competency with respect to the technology that IEC uses, as well as the training of personnel”.
Nowhere in the report does it mention which technology is used by the IEC, why this would be incompetent, or how its personnel were trained.
It expresses a “concern” about security – “based on the fact that the physical inspection was done and satisfying”. It is not clear who did this physical inspection, but whoever did it was apparently satisfied.
It proceeds to say: “Given the advent of 4IR [fourth industrial revolution] and 21st century technology and cybersecurity risk profile of the country as the top five most vulnerable and a victim of cybercrime country at a global scale,” the IEC did not demonstrate its ability or capacity with its cybersecurity management plan and give quality assurance that it has encryption algorithms complying with international standards.
However, the report does not say that it had examined the IEC’s cybersecurity management plan, what was lacking or how the IEC failed to demonstrate its capacity.
On the two-hour downtime, the report says only: “We are concerned about what had happened to systems resulting to downtime, as well as what was done during that time and how does this affect productivity and data that was previously fed into the system.”
It does not say, let alone attempt to show, that its analysis produced any reason for this concern.
The possible illicit deletion or loss of data is contained in a section of the report entitled “computer systems failure”. It says: “The following are possibilities on the data stored and processed in the systems” — data can be deleted, corrupted or not saved while processing. Finally, it says the “system will through [sic] away the activities if it does not have a valid save state”.
But the report does not say whether, on its analysis, this occurred or even was likely. It does not state how the computer systems failed.
The last line of the report that is attached to the court papers refers to “evidence” and says the information “is organised according to provinces and other special files”. These files are not attached and perhaps there is more to be found there.
But from what is annexed to the court papers, the report does not do what it sets out to do in its introduction, which is to “give scientific proof that the IEC has failed dismally to satisfy the expectations of its mandate that makes it a credible organisation”.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.