Since Tuesday, the debate about the IEBC database, that is, the system on which all the reported election results sit, has been in the public domain.
Ever since National Super Alliance (Nasa) presidential flag-bearer Raila Odinga produced a print-out of tens of pages containing the database information, many questions have been raised.
To many, the tech lingo has been flying over their heads. The ins and outs of databases can be tech-heavy for the less tech-savvy readers.
In computer science, a database is a collection of information that is organised so that it can be easily accessed, managed and updated.
Information is organised into rows, columns and tables, and in a fashion to make it easier to find relevant information.
A good example is the address book on your phone. It contains the names of your contacts, their phone numbers, perhaps some information on what they do. That is a database.
Back to IEBC, let’s now look at the movement of data from polling stations to the national level.
Presidential results at a polling station are summarised on form 34A by a Polling Officer. All forms 34As are delivered to the Returning Officer at the constituency.
The Returning Officer ensures that the information in all those forms is summarised into for 34B.
Information in form 34B (that is, the constituency tally) is entered into a computer system and electronically transmitted to the IEBC database.
The IEBC database has built-in formulas to collate the data from constituencies and post collated results on public portals for all to see.
Results arriving at the IEBC database cannot be changed without leaving a paper trail. Should that happen, the system should alert senior IEBC officials of the change or attempted change.
The system records all events that happen to the database automatically in an event log.
An event log is a basic “log book” that is analysed and monitored by anyone with the right to access it. It can capture different types of information.
For example, it can capture all logon sessions to a network, along with account lockouts, failed password attempts and access to data.
By reviewing the information contained in the log, a System Administrator (a computer expert with permission to access the computer system) or a user troubleshooting the system can identify the cause of a problem. In sum, an event log contains a trail of who accesses the system, what they do and at what time.
This is the document that Mr Odinga made reference to in his Wednesday press conference.
It is also important to note that an event log can also be copied onto a word processor like Ms Word, edited and shared via e-mail or as a printed copy.
The log requires careful interpretation by a qualified database administrator.
In interpreting the log, one would need to have the original dataset to confirm if the log refers to the data on which the log is based.
Why? Because the log, when copied onto a word processor, can be edited and therefore mislead.
It has been argued that someone attempted to access the IEBC system using credentials of the murdered electoral commission IT expert.
If this allegation is true, then IEBC would be highly irresponsible. This allegation has since been refuted.
In managing computer systems, especially critical and highly sensitive systems like the IEBC, system access credentials such as the passwords, should be securely locked in a safe and only accessible by few authorised people.
Should a staff with such credentials leave an organisation, the credentials are revoked immediately.
I believe that is what IEBC must have done immediately after Chris Msando’s disappearance.
The IEBC system’s event log holds answers to nearly all transactions on the system, whether attempted and failed or successful. It’s an auditable document. It also contains critical lessons that IEBC should learn from to improve the system for future elections.
The writer is an informatics specialist. [email protected] @samwambugu2