Human Rights Alert NGO

הארגון הלא ממשלתי עוסק בניטור זכויות האדם בישראל, סדרי המשטר הדמוקרטי ומוסדותיו - בפרט מערכת המשפט ואכיפת החוק. הארגון פעיל במיוחד בחקר תקינותן וישרתן של מערכות מידע ממשלתיות. עיקר פעולתה של העמותה בגילוי, ארכיונאות והפצת מסמכים, דוחות, מאמרים, פרסומים בתקשורת, הופעות בכנסים בתחומים אלה, וכן - בפעולות משפטיות הנדרשות.

Wednesday, January 2, 2019

2019-01-02 Serious concerns regarding integrity of the Israeli Central Election Committee

Serious concerns regarding integrity of the Israeli Central Election Committee
In a surprise move, apparently dictated by his corruption investigations, PM Netanyahu announced a short-notice general election on April 09, 2019. Where are the key threats to integrity of the election? Russian, Ukrainian, and Chinese hackers? Or perhaps an inside-job on IT systems of the Central Election Committee? Following repeat notices, the Shin-Bet is finally initiating security review.
READ MORE: https://human-rights-alert.blogspot.com/2019/01/2019-01-02-justice-hanan-melcer-and.html

Figures. Top - CEO - Attorney Orly Adas, Chairman - Justice Hanan Melcer, and " COO and IT Director" - Lazar Dudovich. Bottom - i n FOIA response - the Committee stated that Dudovich was COO and IT Director, but no record was found of his appointment and his job description...
---
Tel-Aviv, January 02 - as is the case in the US, Israeli authorities, with help by media, sound alarms regarding the threat of interference by Russian, Ukrainian, or Chinese hackers in the 2019 general election. [1] The evidence indicates that major threats to integrity of the 2019 election are found in the Central Election Committee itself and the management of its IT system development, implementation and operation. Following repeat documentation of failures in the Committee's conduct, it has been reported today that the Shin-Bet initiated security review of the Committee's personnel. [2] 
A series of FOIA requests demonstrates continuous efforts by the Committee to undermine transparency of its conduct, reflecting a culture of fabrications and raising serious concerns regarding integrity of its senior officers. [3] 
At the end of 10 months (time limit by law is 30 days, with a possible 30 day extension), and after a pre-litigation notice, sent last week to the Committee's Chair, Supreme Court Justice Hanan Melcer, the Committee has finally responded today on a FOIA request, pertaining to protocols of the Committee's Presidency and Plenum meetings (in which the chairs - justices of the Supreme Court - participate). However, as was the case in previous FOIA responses, the Committee's response fails to provide copies of the authentic records. Instead, the Committee has provided a letter, describing the records... Regardless, the information relative to the agendas of the Committee's meetings, fails to show involvement of the current Chair, Justice Hanan Melcer in material issues, pertaining to validity, integrity and security of the Committee's IT systems.
Similarly, a previous FOIA response denied the existence of any records, which tie the Committee's chairs over the past 7 years to computerization of the Committee.
In contrast, a November 2018 report by columnist Ben Caspit, under the Hebrew title, "Is the Israeli election susceptible to fraud?", announced that Justice Melcer "delved into the depth of the issue" and initiated " a multi-layered security system". In a previous FOIA response, the Committee denied any relationship to such report, or the existence of any records, which documented the initiation of any corrective measures by Justice Melcer...
State Ombudsman's reports and FOIA responses have documented incredible failures in validity, integrity and security of the Committee's IT systems.

  • The Committee initially stated that the Shin-Bet validated and certified its IT systems. However, after the Shin-Bet flatly refuted such claims, the Committee stated that it had no validation and certification records.
  • The Committee stated that it had no certification of compliance with lawfully binding IT security standards.
  • In response, pertaining to authorities and permissions for publishing the election outcome in the Committee's web site - the Committee provided a response that was a false representation - of an automated, no human touch process. After the Committee had been presented with false election outcome data on its web site, the Committee claimed that somebody uploaded the wrong data file...

The Committee's FOIA responses raise serious concerns regarding integrity of the Committee's senior officers, including CEO - Attorney Orly Adas, Legal Counsel - Attorney Dean Livneh, and FOIA Officer - Elad Naveh. According to the Committee's FOIA responses, management of the Committee's IT systems development, implementation and operation is under the authority of Mr Lazar Dudovich - COO and IT Director. However, the Committee failed to produce any record, which documents his lawful appointment and job description...
Performance of the Committee's Chairs - justices of the Supreme Court - fails to generate public trust... au contraire!

Figure. The Committee's initial FOIA response refused to provide any information regarding the Committee's meetings, claiming that over the past 7 years it had held "innumerable meetings". Eventually it turned out that over the past 4 years it has held only 12 meetings (see below) ...
---




Figures.  FOIA response, purporting to provide the agenda pages of the Committee's Presidency and Plenum meetings since the 2015 election (a total of 12).
---


Figures. FOIA response , purporting to provide the agenda pages of the Committee's Presidency and Plenum meetings since the March 2015 election and to January 02, 2019 - a total of 12 meetings. The Committee failed to provide the requested authentic records, instead it provided a letter, which outlined the records.
---
a) Validation and certification by a State employee - FOIA request sought an authentic record, duly signed by a State employee. The Committee failed to provide such record. Instead, the Committee provided false statements - "the systems were validated and certified by the Agency [RE'EM-Shin-Bet - jz]". However, following flat denial by the Shin-Bet, the Committee stated that it did not have the required validation and certification by a State employee.


Figures. Top - the Committee's FOIA response falsely stated that "the Agency [Re'em- Shin-Bet- jz] validated and certified the Committee's IT systems". Bottom - the Shin-Bet flatly denied such claims, "Shin-Bet is not the guiding authority for the Committee, and therefore it is not the certifying agency for its IT systems either".
--- 
b) Authorities and permissions - in response on FOIA request regarding persons, who hold authorities and permissions to post election outcomes in the Committee's web site - the Committee initially provided a false response, attempting to generate false representation that it was a fully automated, no human touch process, "...the results are published in a mechanized manner"... However, following presentation to the Committee of false election outcome data, which had been posted in the Committee's web site, the Committee stated that someone uploaded the wrong data file...


Figures. Top - the Committee's FOIA response refused to name the persons, who held authorities and permissions to publish the election outcome on the Committee's web site. The Committee created a false representation of a fully automated process. Bottom - example of false election outcome data, which were published on the Committee's site. After such data were presented, the Committee claimed that someone uploaded the wrong data file.
--- 
c) Compliance with lawfully binding security standards - in response on FOIA request, the Committee stated that it had no certification of compliance with IT security standards, required by Israeli law.
d) Corrective measures - following repeat publication in wide distribution regarding critical failures in the Committees validity, integrity and security, journalist Ben Caspit published in November 2018 a report, titled, "Cyber attacks increasingly penetrating Israel's politics" [the Hebrew title was "Is the Israeli election susceptible to fraud?"]. The report announced that the Committee Chair - Justice Hanan Melcer, " has already delved into the depths of the issue" and initiated "the establishment of a multi-layer cyber protection system". In response on another FOIA request, the Committee denied any relationship to Caspit's report, and also denied the existence of any records, which documented the initiation of any corrective measures.

Figures.  November 2018 report by renowned Israeli columnist Ben Caspit.
---
Mr Caspit has failed to respond on repeat requests for comments on this matter.

LINKS
[1] 2018-11-07 Cyber attacks increasingly penetrating Israel’s politics | Al-Monitor
https://www.al-monitor.com/pulse/originals/2018/11/israel-benjamin-netanyahu-cyber-attack-twitter-elections.html
[2] 2019-01-02  - For the first time ever - Shin-Bet is running security background checks on the Central Election Committee | Kan - Israeli public news TV
https://twitter.com/kann_news/status/1080529230943920129
[3] 2016-06-14 ISRAEL: Computer fraud in the Central Election Commission? Where is the Shin-Bet? | OpEdNews.com
https://www.opednews.com/articles/ISRAEL-Computer-fraud-in-by-Joseph-Zernik-Election-Fraud_Israel_Netanyahu_Shin-Bet-160614-259.html
2017-01-18 Computer fraud in the 2015 election in Israel? Shin-Bet Head Nadav Argaman is asked to clarify | OpEdNews.com
https://www.opednews.com/articles/Computer-fraud-in-the-2015-by-Joseph-Zernik-Election-Fraud_Shin-bet-170118-124.html
2017-02-16 Shin-Bet implicates the Central Election Committee in serious computer fraud | OpEdNews.com
https://www.opednews.com/articles/Shin-Bet-implicates-the-Ce-by-Joseph-Zernik-Election-Fraud-170216-822.html

Latest FOIA request, filed today - for protocol of the Committee's Presidency meeting, discussing the 2015 State Ombudsman's report


January 02, 2019

Attorney Elad Naveh, FOIA Officer
Central Election Committee
Jerusalem
By email:
By fax: ‫‪02-5669855

RE: FOIA request – copy of the authentic, signed November 01, 2015 Protocol of the Committee’s Presidency meeting

Dear Attorney Naveh :
Please accept instant Freedom of Information Request.  Please confirm receipt by return email, including a duly designated FOIA request number.
I. Requester
Name: Joseph Zernik, Human Rights Alert – NGO (AR 80654598)
ID:
Address: PO Box 33407, Tel Aviv, Israel
Fax:  077-3179186
II. Requested Information
Instant request is for a copy of the authentic, signed November 01, 2015 Protocol of the Committee’s Presidency meeting.  In case the Protocol contains information, which the Committee is lawfully permitted to deny its provision, I herein request that you duly redact it on the face of a copy of the authentic record..
III. Payment:
Instant request is exempt from payment of fees: a) Since the request is filed by a registered non-profit organization, which acts for advancing a public cause, b) Since the requested document is requested for the purpose of an academic study.
In case the FOIA Officer determines otherwise, pertaining to the payment of fees, or any other payment, I herein request that you notice me without delay.
Truly,
_______________
Joseph Zernik, PhD
Human Rights Alert – NGO (AR 80654598)

No comments:

Post a Comment