Senators release new election cybersecurity bill

Senators release new election cybersecurity bill

Sens. Martin HeinrichMartin Trevor HeinrichAvalanche of Democratic senators say Franken should resign Senators introduce bipartisan gun background check bill Dem senator: 'Super close' on bipartisan deal on guns MORE (D-N.M.) and Susan CollinsSusan Margaret CollinsOvernight Health Care: 3.6M signed up for ObamaCare in first month | Ryan pledges 'entitlement reform' next year | Dems push for more money to fight opioids Study: ObamaCare bills backed by Collins would lower premiums Right scrambles GOP budget strategy MORE (R-Maine) introduced a multifaceted election cybersecurity bill Tuesday, including a bug bounty program for systems manufacturers and a grant program for states to upgrade technology. 

"While the Intelligence Committee’s investigation is still ongoing, one thing is clear: The Russians were very active in trying to influence the 2016 election and will continue their efforts to undermine public confidence in democracies," said Collins in a statement celebrating the bill.

ADVERTISEMENT
"The fact that the Russians probed the election-related systems of 21 states is truly disturbing, and it must serve as a call to action to assist states in hardening their defenses against foreign adversaries that seek to compromise the integrity of our election process."

On a federal level, the Securing America's Voting Equipment (SAVE) Act would codify former Department of Homeland Security Secretary Jeh Johnson's declaration that elections are critical infrastructure. That would create a wealth of new, optional resources for states to use to harden election systems. 

It would ensure that states had officials with a security clearance to obtain classified threat intelligence from the director of national intelligence and authorize the director to share that intelligence. 

The bill would also provide direct assistance to the states through a grant program to upgrade election infrastructure that has been demonstrated to be unsecure.

SAVE would also establish a reward program in partnership with election system vendors known as a bug bounty program, to incentivize private researchers to root out security flaws in those systems. This could be useful, as hackers found mechanisms to breach every voting machine brought for testing at the DEF CON security conference this year. The conference lasted under a week. 

Election infrastructure is broader than merely voting machines. That infrastructure also includes electronic poll books and servers housing voter rolls. 

While there is no evidence that voting machines used in the 2016 election were hacked by any power, foreign or domestic, the intelligence community believes voter rolls and other state systems were targeted by Russia. 

States have often shunned federal assistance with elections, citing fears that it is the first step towards nationalizing what is constitutionally a state responsibility.