How Supreme Court handled question of poll servers

It is a question the Supreme Court has had to grapple with in all the four presidential election petitions they have handled since 2013 with various findings following scrutiny by the court's registrar and appointed experts.

Three of the petitions were filed by the former prime minister while the civil society organisations filed another one to challenge Uhuru's re-election after the apex court nullified his first win in the 2017 polls and ordered a fresh contest.

Outside the Supreme Court, Mr Odinga and his Azimio la Umoja team have reignited the dispute over the IEBC servers, with calls for the opening, audit and scrutiny to determine who won the 2022 presidential election.

In 2017, Raila and his then National Super Alliance (Nasa) coalition, asked the Supreme Court to order a scrutiny of the servers on account that the declaration of the presidential results was made in breach of the Constitution, the Elections (Technology) Regulations, 2017 and the Elections Act.

They argued that the electronic transmission system of results from polling stations to the constituency tallying centres, and then to the national tallying centres had been tampered with and could only be verified through access and scrutiny of the servers.

They asked the apex court to order for scrutiny of IEBC electronic network systems that included all servers used during the elections, the number of servers, location of servers, firewalls, IP addresses, operating systems, and software running applications.

They also applied for scrutiny of the IEBC Election Technology System Security Policy, IEBC Election Technology System Redundancy Plan and log-ins into the servers.

As a result of the application, the Supreme Court ordered the opening and scrutiny of IEBC servers and appointed ICT experts, Prof Elijah Omwenga, Prof Joseph Sevilla and Janet Kadenyi, to lead the audit.

The experts, in their conclusion supplied to Supreme Court judges, stated that IEBC only agreed to provide read-only live access to the servers and in some instances, they provided partial read-only access with no copy capability, access to system or database logs.

They also indicated that they had discovered some discrepancies after auditing the servers even after the commission failed to give them information on internal firewall configuration.

The experts noted that the commission could not deliver certified copies of certificates of penetration tests conducted on the IEBC election technology system prior to and during the election.

Then Chief Justice David Maraga, his deputy Philomena Mwilu, judges Smokin Wanjala and Isaac Lenaola, in their decision to nullify the presidential election, relied on the report, ruling that IEBC disregarded their order to open the servers and only gave limited access.

It was that audit of IEBC servers, ICT systems and Forms 34A, 34B and 34C which formed part of the evidence relied upon by the judges to detect irregularities and non-conformity with the law during voting, transmission, tallying and declaration of final results.

Uhuru's election

Raila made the same request when he challenged President Uhuru's election in 2013 but the Supreme Court, then led by former Chief Justice Willy Mutunga, only ordered a re-tallying of the presidential votes in 22 contested polling stations.

Apart from the re-tallying of votes, the judges ordered fresh scrutiny of all Form 34 used by the electoral commission in the presidential votes in all the 33,000 polling centres and all Forms 36 which at the time were used to enter presidential results at the constituency level.

The judges found that the scrutiny did not disclose any significant discrepancies to warrant nullifying the election and upheld Uhuru's victory. A similar prayer for scrutiny of IEBC was made by Raila during the last year's presidential petition where Justice Martha Koome-led bench ordered for scrutiny of the servers.

However, the verdict returned by the court-appointed experts caused a disagreement between the parties with the petitioners claiming the servers were not opened.

The judges, in their findings, ruled that they were satisfied that the technology deployed by IEBC met the standards of integrity, verifiability, security, and transparency to guarantee accurate and verifiable results.