Senators chart path forward on election security bill

Senators chart path forward on election security bill
© Victoria Sarno Jordan

Senators are working to again revise legislation designed to help guard digital voting infrastructure from cyberattacks after meeting with state officials.

Sen. James LankfordJames Paul LankfordGOP senators divided over approach to election security Hillicon Valley: Facebook unveils new cryptocurrency | Waters wants company to halt plans | Democrats look to force votes on election security | Advertisers partner with tech giants on 'digital safety' | House GOP unveils cyber agenda Democrats detail new strategy to pressure McConnell on election security bills MORE (R-Okla.) told The Hill that he expects to work out the final details of the bill within “weeks,” after state election officials expressed some remaining concerns with the current version.

Lankford and a slate of bipartisan co-sponsors originally introduced the legislation, called the Secure Elections Act, last December, months after the Department of Homeland Security acknowledged that Russian hackers tried to break into voting systems in 21 states as part of a broader effort to interfere in the 2016 presidential election.

While officials maintain there is no evidence any votes were changed, the revelations have spurred broad concerns about foreign interference in future elections — including cyberattacks that could alter vote totals or undermine confidence in the final result.

Officials and experts have stepped up demands for states to replace paperless voting machines with those that produce a paper backup that can be audited. President TrumpDonald John TrumpFormer Joint Chiefs chairman: 'The last thing in the world we need right now is a war with Iran' Pence: 'We're not convinced' downing of drone was 'authorized at the highest levels' Trump: Bolton would take on the whole world at one time MORE and Kirstjen NielsenKirstjen Michele NielsenElection security bills face GOP buzzsaw Five memorable moments from Sarah Sanders at the White House Trump admin program sends asylum-seekers to await claims in Mexico, despite fears of violence: report MORE, his Homeland Security secretary, have both endorsed the idea.

Congress has already sent $380 million to states to upgrade voting equipment and address security concerns.

The proposal — spearheaded by Sens. Lankford, Amy KlobucharAmy Jean KlobucharDemocrats talk up tax credits to counter Trump law GOP senators divided over approach to election security 2020 Democrats vow to expand abortion access at Planned Parenthood event MORE (D-Minn.) and others — would go further. It would codify into law many of the actions already underway at the Department of Homeland Security, seeking to expedite security clearances to state officials and bolster information sharing between the federal government and the states on cybersecurity threats and breaches.

It would also set up a grant program for states to take steps to secure their voting infrastructures, guided by a federal advisory panel that would develop guidelines and recommendations for states to follow on election cybersecurity.

“The biggest consideration is, 10 years from now, we don’t want people to lose focus and to take their eye off the ball,” Lankford told The Hill on Thursday.

State officials have been wary of efforts to address election security at the federal level, given that states — not the federal government — have historically been responsible for administering elections.

Without broad support from state election officials, it will likely prove difficult to pass the legislation.

For that reason, Senators have brought the states to the table to hammer out the legislation. On Monday, Klobuchar and Lankford met with secretaries of state from Indiana, Louisiana, Minnesota and Missouri to discuss the proposal. 

ADVERTISEMENT

By all accounts, the meeting went smoothly. Lankford described it as “very productive,” adding that the biggest concern was whether the advisory panel created by the bill would be redundant, given other groups already in place at the federal level to advise states.

“There was nothing that was insurmountable,” Lankford said Thursday. “I think we’re getting very, very close.”

Minnesota Secretary of State Steve Simon (D) told The Hill he was encouraged that the lawmakers were open to changing the legislation based on states’ input, describing himself as “supportive of the overall approach.”

“There is a federal interest in making sure there is some type of baseline action by the states,” Simon said.

He also said engagement from Capitol Hill, as well as from Homeland Security, was helping to “persuade secretaries who had concerns about federal overreach that really this is more about federal partnership."

States initially resisted Homeland Security’s decision to open up election systems to voluntary federal protections at the start of 2017. But several states and localities have since requested help from the department, including remote cyber hygiene scans and more rigorous on-site vulnerability assessments.

Still, the secretaries are not signing on to support the legislation — at least not yet. “I’m not ready to support the legislation in its current form,” said Missouri Secretary of State Jay Ashcroft (R). “I probably disagree a little bit with some of the senators on how important the bill is,” he said, adding that he believes the extent of Russia’s efforts have been “exaggerated” by federal officials. 

Ashcroft said that the revised version should do more to increase the flow of information from the federal side to the states, which was a source of concern ahead of the 2016 vote.

In a statement, Louisiana Secretary of State Tom Schedler (R) said he was “encouraged by the dialogue” at the Monday meeting.

He added, “I believe strongly that states, not the federal government, can most effectively secure our elections as we move forward and I'm confident that progress is being made to accomplish our mutual goals.”

A spokesman for Indiana Secretary of State Connie Lawson (R) said she “was pleased to be able to share Indiana’s perspective on election security,” but deferred to the senators on the specifics of the bill.

Lankford says he and other senators have gone through “five or six, maybe seven” revisions of the legislation, soliciting feedback from state officials and other stakeholders in order to improve it. The latest iteration, unveiled in late March, picked up support from Sens. Richard BurrRichard Mauze BurrGOP senators divided over approach to election security GOP frets about Trump's poll numbers Democrats detail new strategy to pressure McConnell on election security bills MORE (R-N.C.) and Mark WarnerMark Robert WarnerGOP senators divided over approach to election security Hillicon Valley: House lawmakers reach deal on robocall bill | Laid-off journalists launch ads targeting tech giants | Apple seeks tariff exemptions | Facebook's Libra invites scrutiny Schiff introduces bill to strengthen law barring campaigns from accepting foreign dirt MORE (D-Va.), who together lead the Intelligence Committee investigating Russian interference.

He expects to have a newly revised version within weeks.

While the senators hope to pass the legislation before the 2018 midterms, Lankford acknowledged that it would be too late for the legislation to help officials replace voting hardware. The first primary took place last month, and the general election is less than seven months away.

“The biggest issue that is really out there is hardware,” Lankford said. “There’s no way they’re going to get hardware in place by this election. They’re not going to change equipment between the primary and the general.”

Currently, five states rely solely on paperless voting machines, or direct-recording electronic machines, and several others have mixed voting infrastructure that includes them.

But Simon believes that hackers pose a greater threat to centralized voter databases, rather than actual vote tallying machines, which are not connected to the internet and typically surrounded by a great deal of security.

His state, Minnesota, was among the 21 states targeted by Russian hackers. The cyber sleuths probed the state voter registration database for vulnerabilities, but never tried to break in.

“In Minnesota, people are paying much more attention to this issue than they ever did,” Simon said. “I think there’s a fundamental level of confidence [in the security], but a healthy desire to focus on this issue.”