Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.
“Many elections across the nation do not have auditable elections. They are done completely electronically,” Sen. James LankfordJames Paul LankfordRubio blocks quick votes on stalemated defense bill Constant threats to government funding fail the American public GOP Senate candidate says Fauci is 'mass murderer,' should be jailed rather than 'hero' Rittenhouse MORE (R-Okla.) told the panel of witnesses at a hearing on election security preparedness convened by the Senate Rules and Administration Committee.
Thomas Hicks, the head of the EAC, indicated that states decide whether they want to have auditable elections.
The EAC, established in 2002, is a bipartisan commission tasked with developing guidance to meet requirements like maintaining the national mail voter registration form, “adopting voluntary voting system guidelines, and serving as a national clearinghouse of information on election administration," according to its website.
Sen. Angus KingAngus KingAmazon, Facebook, other large firms would pay more under proposed minimum tax, Warren's office says Senators look to defense bill to move cybersecurity measures Energy information chief blames market for high fuel prices MORE (I-Maine) pressed Hicks on whether there should always be a paper backup to determine accurate counts.
"It depends on the state,” Hicks said. "If we can do security with paper, to make sure it is accessible to those who have disabilities, then I would say that is 100 percent right that we should have a paper backup."
Hicks said states are not required to have an auditable ballot trail, despite requirements under the Help America Vote Act (HAVA) that they must abide by in order to receive federal money.
The hearing comes amid heightened security concerns that malicious actors may seek to interfere in the November midterm elections, following the U.S. intelligence community's assessment that Russia meddled in the 2016 presidential election.
Election officials at the state level are responsible for picking cybersecurity protection monitoring services, Hicks said, adding that it falls on states to determine whether a company is reputable.
"We don't give that sort of specific advice," Hicks said. "Individual election officials have to be vigilant in terms of knowing that there are going to be pop-ups out there looking to make a quick buck."