Lawmakers Grapple with Improving Election Security While Respecting States’ Rights

An election security bill the U.S. House of Representatives is expected to consider this week is stirring concerns among Republicans about the prospect of federal overreach into election processes run by the states. 

A requirement in the Securing America’s Federal Elections (SAFE) Act for states to print paper ballots on U.S.-made recycled paper was one example panned by a state election official and GOP lawmakers at a congressional hearing Tuesday. 

“I’m not exactly sure what the security purpose of that is,” Paul Ziriax, secretary of the Oklahoma State Election Board, told the House Science, Space and Technology Committee. “With our current voting system, it cannot use recycled paper because of the sensitivity of the scanners.”

Requiring the state to use recycled paper would “run the risk of causing false readings,” he said.

The SAFE Act, which House aides said is likely to be considered Thursday, would mandate the use of paper ballots for states and provide $600 million to assist state and local election officials in upgrading outdated voting equipment.

Democrats are pushing to pass election security legislation ahead of the 2020 elections that addresses voting system vulnerabilities, amid lingering concern over foreign targeting of election infrastructure. But Republicans have thus far thwarted efforts, with Senate Majority Leader Mitch McConnell reportedly ready to block any election security bills in the Senate.

Republicans on the House committee relied on Ziriax, their lone witness at Tuesday’s hearing, to highlight their concerns that the SAFE Act would force a one-size-fits-all approach on state and local election officials. 

Experts told lawmakers that aging technology and a lack of technical expertise on the part of election workers leaves voting technology vulnerable to exploitation by foreign actors. They also stressed the need for reliance on verifiable paper ballots and auditing technologies that can help detect when election systems have been compromised.

More than 8,000 jurisdictions run elections in the United States. While security experts widely recommend election officials use verifiable paper ballots as a means to monitor systems for defects and verify results, five states do not require paper ballots.

During Tuesday’s committee hearing, U.S. Rep. Ralph Norman, a South Carolina Republican, called several provisions in the bill, including the recycled paper mandate, “federal overreach that really encroach upon the function of state and local election administrators.”

Ziriax, the Oklahoma official, said his state uses paper ballots and a uniform approach to election security across the state that makes the voting system more secure. While he said the federal government can help states by providing advice on election security and sustained funding for security upgrades, he thinks states should be left to decide what procedures work best for them.  

“Mandatory standards and certification procedures should not be forced on the states,” Ziriax said.

Other voting system experts who testified before the committee doubled down on the importance of using voting systems that can be verified and audited.

“Electronic voting systems that do not produce a human-readable paper ballot of record are of particular concern as the absence of a paper record raises security and vulnerability issues,” Neal Kelley, Orange County, California’s registrar of voters, told the lawmakers.  

President Trump has endorsed the idea of paper back-ups for voting systems, but his administration has not acted to make this a requirement.

During a background briefing with reporters Monday, a senior intelligence official said Russia, China and Iran continue to engage in foreign influence campaigns to affect the U.S. political environment and that unknown actors periodically “attempt suspicious and malicious activity” against internet-connected election infrastructure.

There is no indication however, that foreign adversaries have “disrupted or corrupted elements of election infrastructure such as voting machines or vote tally systems that are preparing for the 2020 general elections,” the official said. 

Congress appropriated $380 million to states in 2018 to fund upgrades to election systems. The White House issued a statement of administrative policy on Monday that voiced opposition to efforts to dedicate additional funding until after the money was spent.  

Despite the lack of consensus on election security legislation, several federal resources aimed at providing guidance on election security are slated to be released in coming months.

The Department of Commerce’s National Institute of Standards and Technology plans to release a draft version of its election cybersecurity playbook in the fall.

NIST compiled guidance on best practices for private sector cybersecurity in 2017. The election component due out later this year will add to those efforts, said NIST Director Charles Romine at Tuesday’s hearing. Throughout the summer, NIST plans to hold a series of workshops to identify election vulnerabilities, techniques to identify attacks, and methods to respond.

Meant to be a “one-stop cybersecurity playbook,” Romine said the guidance can be used by secretaries of state, and other state and local election officials “to identify and prioritize opportunities to improve their cybersecurity posture.”

NIST has also been working with the Election Assistance Commission to revise Voluntary Voting System Guidelines, a set of requirements by which voting systems can be tested to assess security, accuracy and functionality. The comment period on the guidelines ended last month, and officials are now working to release a final version.