The Brennan Center for Justice found only 24 states will both have voting systems that create a paper trail and require audits of the 2020 election results.
Heading into the 2020 elections, fewer than half of states will require two key steps that cybersecurity experts have endorsed as a means to secure elections, according to a new report.
All but eight states will utilize voting systems that create a paper trail of results from the upcoming presidential election, but only 24 states also require post-election audits of those paper records in order to certify results, according to a report released Tuesday by the Brennan Center for Justice.
“Paper-based systems provide better security because they create a paper record that voters can review before casting their ballot,” said the Brennan Center report. “However, these paper records will be of little security value unless they are used to check and confirm electronic tallies.”
Since U.S. intelligence officials confirmed the extent of Russian interference in the 2016 elections, an increasing number of states have phased out paperless voting machines. In 2016, 14 states used paperless voting machines as the primary equipment in at least some counties. That number currently stands at 11 states and three more—Georgia, South Carolina, and Pennsylvania—are expected to replace equipment by the 2020 election, according to the report.
The Brennan Center estimates that approximately 16 million voters will cast ballots on paperless equipment when they head to the polling booths on election day. The eight states that will still utilize paperless voting systems are Indiana, Kansas, Kentucky, Louisiana, New Jersey, Mississippi, Texas, and Tennessee.
The report by the U.S. Senate Select Committee on Intelligence on Russian interference in the 2016 election, found that “paper ballots and optical scanners are the least vulnerable to cyber attack” and recommended that any states looking to replace voting machines should at least have a voter-verified paper trail.
Federal officials previously acknowledged that Russian hackers targeted 21 state election systems ahead of the 2016 election.
If foreign adversaries target targeted in future elections, cybersecurity experts believe post-election audits can help detect intrusions and provide assurance that individuals votes were correctly tabulated.
Twenty-two states and Washington, D.C. currently require post-election audits, according to the Brennan Center. By the time of the 2020 election, however, Georgia and Pennsylvania will both have fully auditable paper-based systems in place, the report said.
Despite the $380 million that Congress approved for improving state election security in 2018, experts said states and local election offices will require much more financial support from the federal government to create reliably secure election systems that can withstand attempts at interference from foreign governments.
One security procedure that states are increasingly turning to are risk-limiting audits, which can provide data to support that the outcome of an election is correct.
Colorado and Rhode Island adopted the practice since 2017 and Nevada is set to require risk-limiting audits beginning in 2022. The report notes that at least 12 states are now experimenting with the practice.