The Secure Elections Act may be back on the table once again. The bipartisan bill was introduced “to protect the administration of Federal elections against cybersecurity Threats.” In large part, the bill was intended to combat concerns that Russia and other state and private actors could exploit vulnerabilities in backend election systems, including voter registration databases, ballot creation systems, election voting services, voting machine configuration systems, absentee processing and reporting and tabulation software. The bill’s sponsors hope to pass a version of the bill in time to implement protections for November’s midterm elections, but were not able to cobble together sufficient votes in August to advance through the Senate Rules Committee and advance to the Senate floor.
The key tenets of the Secure Elections Act are to:
- Streamline cybersecurity information-sharing between Federal intelligence agencies and state election agencies, through the Department of Homeland Security;
- Provide cyber threat indicators and recommended defensive measures to state election agencies;
- Provide support for state election cybersecurity infrastructure;
- Establish expedited processes for providing necessary security clearances to state elections officials;
- Require states to audit the results of their elections, and encourage them to use paper ballots instead of digital machines;
- Require states to have a cyber response and communication plan in place as a precondition to receiving Federal grants to support election security and election technology modernization.
While there has been bipartisan support for the bill, concerns over the bill have also been raised on both sides of the aisle. The White House and some Republic lawmakers raised concerns about giving the federal government too much authority in state election administration. Some state officials, such as Vermont Secretary of State Jim Condos, a Democrat who heads the National Association of Secretaries of State, were concerned about the unfunded requirement that states conduct post-election audits. Finally, policy experts voiced disapproval with a change to the bill. Previous versions of the legislation required states to audit elections results using paper ballots. That requirement was excluded in later versions. A number of organizations protested the change, maintaining that paper-based audits are “the only practical defense that can reliably detect and correct cyberattacks against voting machines.”
While it is unclear how these competing concerns will play out, Senator James Lankford, the bill’s chief Republican sponsor, has stated that “we’re now fighting over nouns and verbs and prepositions to try to figure exactly how things are working, to make sure it lines up with everyone.”