Senators chart path forward on election security bill

Senators chart path forward on election security bill
© Victoria Sarno Jordan

Senators are working to again revise legislation designed to help guard digital voting infrastructure from cyberattacks after meeting with state officials.

Sen. James LankfordJames Paul LankfordHillicon Valley: FBI fires Strzok after anti-Trump tweets | Trump signs defense bill with cyber war policy | Google under scrutiny over location data | Sinclair's troubles may just be beginning | Tech to ease health data access | Netflix CFO to step down House Intel lawmakers introduce bipartisan election security bill Trump officials look to neutralize cyber threats in supply chain MORE (R-Okla.) told The Hill that he expects to work out the final details of the bill within “weeks,” after state election officials expressed some remaining concerns with the current version.

Lankford and a slate of bipartisan co-sponsors originally introduced the legislation, called the Secure Elections Act, last December, months after the Department of Homeland Security acknowledged that Russian hackers tried to break into voting systems in 21 states as part of a broader effort to interfere in the 2016 presidential election.

While officials maintain there is no evidence any votes were changed, the revelations have spurred broad concerns about foreign interference in future elections — including cyberattacks that could alter vote totals or undermine confidence in the final result.

Officials and experts have stepped up demands for states to replace paperless voting machines with those that produce a paper backup that can be audited. President TrumpDonald John TrumpAl Gore: Trump has had 'less of an impact on environment so far than I feared' Trump claims tapes of him saying the 'n-word' don't exist Trump wanted to require staffers to get permission before writing books: report MORE and Kirstjen NielsenKirstjen Michele NielsenHouston-area Mexican restaurant responds to backlash for serving Sessions, slams family separations Jeff Sessions dines at Mexican restaurant before speech against uncontrolled immigration Celebrities launch 'Dear Ivanka' Instagram campaign MORE, his Homeland Security secretary, have both endorsed the idea.

Congress has already sent $380 million to states to upgrade voting equipment and address security concerns.

The proposal — spearheaded by Sens. Lankford, Amy KlobucharAmy Jean KlobucharHillicon Valley: FBI fires Strzok after anti-Trump tweets | Trump signs defense bill with cyber war policy | Google under scrutiny over location data | Sinclair's troubles may just be beginning | Tech to ease health data access | Netflix CFO to step down House Intel lawmakers introduce bipartisan election security bill Election Countdown: Takeaways from too-close-to-call Ohio special election | Trump endorsements cement power but come with risks | GOP leader's race now rated as 'toss-up' | Record numbers of women nominated | Latino candidates get prominent role in 2020 MORE (D-Minn.) and others — would go further. It would codify into law many of the actions already underway at the Department of Homeland Security, seeking to expedite security clearances to state officials and bolster information sharing between the federal government and the states on cybersecurity threats and breaches.

It would also set up a grant program for states to take steps to secure their voting infrastructures, guided by a federal advisory panel that would develop guidelines and recommendations for states to follow on election cybersecurity.

“The biggest consideration is, 10 years from now, we don’t want people to lose focus and to take their eye off the ball,” Lankford told The Hill on Thursday.

State officials have been wary of efforts to address election security at the federal level, given that states — not the federal government — have historically been responsible for administering elections.

Without broad support from state election officials, it will likely prove difficult to pass the legislation.

For that reason, Senators have brought the states to the table to hammer out the legislation. On Monday, Klobuchar and Lankford met with secretaries of state from Indiana, Louisiana, Minnesota and Missouri to discuss the proposal. 

ADVERTISEMENT

By all accounts, the meeting went smoothly. Lankford described it as “very productive,” adding that the biggest concern was whether the advisory panel created by the bill would be redundant, given other groups already in place at the federal level to advise states.

“There was nothing that was insurmountable,” Lankford said Thursday. “I think we’re getting very, very close.”

Minnesota Secretary of State Steve Simon (D) told The Hill he was encouraged that the lawmakers were open to changing the legislation based on states’ input, describing himself as “supportive of the overall approach.”

“There is a federal interest in making sure there is some type of baseline action by the states,” Simon said.

He also said engagement from Capitol Hill, as well as from Homeland Security, was helping to “persuade secretaries who had concerns about federal overreach that really this is more about federal partnership."

States initially resisted Homeland Security’s decision to open up election systems to voluntary federal protections at the start of 2017. But several states and localities have since requested help from the department, including remote cyber hygiene scans and more rigorous on-site vulnerability assessments.

Still, the secretaries are not signing on to support the legislation — at least not yet. “I’m not ready to support the legislation in its current form,” said Missouri Secretary of State Jay Ashcroft (R). “I probably disagree a little bit with some of the senators on how important the bill is,” he said, adding that he believes the extent of Russia’s efforts have been “exaggerated” by federal officials. 

Ashcroft said that the revised version should do more to increase the flow of information from the federal side to the states, which was a source of concern ahead of the 2016 vote.

In a statement, Louisiana Secretary of State Tom Schedler (R) said he was “encouraged by the dialogue” at the Monday meeting.

He added, “I believe strongly that states, not the federal government, can most effectively secure our elections as we move forward and I'm confident that progress is being made to accomplish our mutual goals.”

A spokesman for Indiana Secretary of State Connie Lawson (R) said she “was pleased to be able to share Indiana’s perspective on election security,” but deferred to the senators on the specifics of the bill.

Lankford says he and other senators have gone through “five or six, maybe seven” revisions of the legislation, soliciting feedback from state officials and other stakeholders in order to improve it. The latest iteration, unveiled in late March, picked up support from Sens. Richard BurrRichard Mauze BurrFlorida questions Senate chairman over claim that Russians have ‘penetrated’ election systems WikiLeaks says Senate panel requested Assange testimony for Russia probe Tougher Russia sanctions face skepticism from Senate Republicans MORE (R-N.C.) and Mark WarnerMark Robert WarnerDustbin 2020: The best Dems who surely won’t get the nomination WikiLeaks says Senate panel requested Assange testimony for Russia probe Democrats find dead man’s signature on petition gathered by GOP volunteers MORE (D-Va.), who together lead the Intelligence Committee investigating Russian interference.

He expects to have a newly revised version within weeks.

While the senators hope to pass the legislation before the 2018 midterms, Lankford acknowledged that it would be too late for the legislation to help officials replace voting hardware. The first primary took place last month, and the general election is less than seven months away.

“The biggest issue that is really out there is hardware,” Lankford said. “There’s no way they’re going to get hardware in place by this election. They’re not going to change equipment between the primary and the general.”

Currently, five states rely solely on paperless voting machines, or direct-recording electronic machines, and several others have mixed voting infrastructure that includes them.

But Simon believes that hackers pose a greater threat to centralized voter databases, rather than actual vote tallying machines, which are not connected to the internet and typically surrounded by a great deal of security.

His state, Minnesota, was among the 21 states targeted by Russian hackers. The cyber sleuths probed the state voter registration database for vulnerabilities, but never tried to break in.

“In Minnesota, people are paying much more attention to this issue than they ever did,” Simon said. “I think there’s a fundamental level of confidence [in the security], but a healthy desire to focus on this issue.”