UK-Based Tech Company Smartmatic Refuses to Grant Raila Full Access to Servers

Smartmatic International, the UK-based company contracted by IEBC to facilitate electronic voter identification and result transmission, says it cannot grant full access to its servers as directed by the Supreme Court of Kenya.

In a letter addressed to IEBC CEO Marjan Hussein Marjan, the company says it is unable to release images of NTC Server(s) since the images contain software owned and copyrighted by Smartmatic and hence IP protected. 

Giving full access to the images of the NTC servers as requested by the Supreme Court would infringe their intellectual property rights, the company added.

“Providing third parties access to our source code, and security features including transmission certificates and encryption keys, would render the system insecure -as it is today- for any future use in Kenya or anywhere else in the world,” the letter reads in part.

“In addition to violating our IP rights, this would also jeopardize elections in other countries that are using or have used our systems.”

Smartmatic advised IEBC to instead make available all collected data and logs linked to the Results Transmission System, saying the information should be adequate to thoroughly audit the Results Transmission System.

“Also, all physical tally reports were available online in real-time since election night. All political parties and certified NGO election observers had access to those tallies and were able to audit the results independently. Even citizens all over the world had full access to these tally reports and were able to add the results,” the letter adds.

It also requested the electoral commission to offer supervised and managed access to the Results Transmission Systems located at their headquarters in Anniversary Towers in order to provide additional evidence demonstrating the correctness of the results.

The letter comes in response to a Supreme Court order for the IEBC to grant Azimio presidential candidate Raila Odinga and other petitioners supervised access to its servers.

The court also ordered IEBC to provide copies of its technology system security policy, which included its password policy, password matrix, and system administration password owners.