Just days away from Colombia’s first-round presidential election, incumbent President Gustavo Petro continues to sound the alarm about voter fraud.
On Tuesday, he repeated claims that the National Registrar’s Office is allowing the vote to be manipulated against his party’s candidate, Senator Iván Cepeda.
Petro renewed calls for citizens to supervise the vote count, describing it as the only way to avoid fraud: “Only the physical vigilance of millions of people can overcome the algorithm manipulations that the Registrar’s Office refused to prevent.”
But are the president’s claims of vulnerabilities in the voting system valid?
A decade-long dispute
Petro’s claims stem from a long-running grudge with Thomas Greg & Sons, a multinational security and printing company tasked with issuing Colombian passports and overseeing electoral logistics.
According to Petro, the firm cannot be trusted with the sensitive task of printing, delivering, and processing vote counting forms.
While the president’s claims have widely been dismissed by electoral institutions as reckless, there is some foundation for them.
Following the 2014 legislative elections, the evangelical political party, MIRA, filed a legal petition against the Registrar’s Office, claiming a discrepancy between the ballot pre-count (filled out by citizen juries in a form known as E-14) and the digitized tally of the vote (filled out by officials in the E-24 form).
MIRA claimed to have evidence of manipulation of the software used for “voting, information, transmission, or tabulation of election results,” which was managed by a subsidiary of Thomas Greg & Sons.
After a lengthy four-year legal case, the Council of State (Consejo de Estado), the highest court overseeing the government, issued a ruling in favor of MIRA. It found evidence of destruction of electoral material and inconsistencies between the E-14 and E-24 forms.
Crucially, the Council of State said that it could not confirm that voting software had been sabotaged because it did not have access to the source code of the software during the elections.
Without the original code, it was impossible to know if the system had been tampered with.
The body issued a clear recommendation to prevent repetitions of the dispute in future elections: “Direct the Electoral Organization to acquire the necessary vote-counting software for use within the state—that is, software owned by the organization itself—which allows for full traceability of the vote-counting process from the polling stations through to the official declaration of the election results.”
In other words, it recommended that electoral authorities roll out their own software, rather than relying on third party providers.
But 12 years later, Thomas Greg & Sons remains in charge of the electoral software; according to the Registrar’s Office, purchasing proprietary software and operating the corresponding data centers is not feasible.
While Petro continues to lobby for a fully state-owned system, he has concentrated his efforts on mitigating the risks of a repeat of the 2014 source code issue.
The president has repeatedly demanded that the Registrar’s Office share the source code with the government and the public, which he says would allow them to prevent a repeat of the situation in 2014.
But the Registrar’s Office maintains that there is no need, suggesting that publicizing the code would leave the software more vulnerable to attacks and defending internal audit processes.
Petro rebutted, calling the claim “an immense lie”.
Other types of fraud
As well as warning about software manipulation, the president has also raised the alarm about differences between the pre-count and the official, scrutinized count. Ahead of the March elections, he warned that the pre-count may not accurately reflect the results.
Petro’s concerns stem from the 2022 legislative elections in which over half a million votes for his Historic Pact coalition were excluded in the pre-count and later revealed in the scrutiny.
Rather than software, the culprit for the discrepancy, which in total represented a 5.49% difference, was human error; the Electoral Observation Mission (MOE) had warned the ballot sheets were designed in a way that could lead to Historic Pact votes being neglected.
But the 2022 vote appears to be an outlier, with the MOE reporting just a 0.28% discrepancy between the pre-count and the scrutinized votes in March’s legislative elections.
Petro’s mistrust in the pre-count may be valid in the case of a tight race with razor-thin margins but not so much if there is a clear winner. And, in any case, the scrutiny process should clear up any doubts.
“In Colombian elections, it is judges who determine electoral disputes and not a logistical operator such as Thomas Greg & Sons,” explained Sergio Guzmán, director at Colombia Risk Analysis, a political risk think tank.
Bigger fish to fry
While Petro aims his crusade against Thomas Greg & Sons, a firm which he has clashed with on a range of issues, there are other, more prescient threats to electoral integrity.
“I think that concerns about voters being coerced to vote are legitimate… but I think concerns that somebody will steal the election are overblown,” said Guzmán.
International observers including the United Nations have warned that violence may undermine the elections, particularly in areas under armed group control.
Vote buying is also a well-documented phenomenon in many regions of the country.
While Petro has some basis for his allegations of voter fraud, there is no evidence of software manipulation determining presidential election results in Colombia.
In a razor-thin race, observers would be wise to wait for the scrutinized vote count to declare a winner. But for now, Petro’s warnings about election-rigging appear to be largely overblown.
