Comprehensive Legislation Would Safeguard Future Elections from Cyber-Attacks
Washington, D.C. – In light of the widespread Russian interference in the 2016 election, U.S. Reps. Mark Pocan (D-WI), Keith Ellison (D-MN), and Hank Johnson (D-GA) today introduced the Securing America’s Future Elections (SAFE) Act. This comprehensive legislation would safeguard our elections from future foreign cyber-attacks and interference by permanently classifying the integrity and security of our elections as a key component of critical infrastructure. This important classification would place elections systems in the same category as other critical infrastructure including the power grid, the banking system, and other utilities. The SAFE Act also addresses election standards to protect against cyber-threats, better voting machines that provide paper ballots, and random audits of ballots to thwart interference.
As we continue to uncover the extent of Russia’s aggressive cyber tactics against the 2016 election and potential Russian ties to the Trump Administration, Republicans on the House Administration Committee voted to shut down the Election Administration Committee (EAC), the federal agency created to help states improve their election systems and security. The EAC is the most well-equipped agency to deal with election technology issues, such as software patches, for voting machines from private vendors. Eliminating this crucial agency would create an easily exploitable opportunity to hackers. The SAFE Act would reauthorize the EAC for a period of 10 years and require a random audit of precincts/wards in each state to ensure there are no discrepancies between paper ballots and electronic ballots.
“We must make sure the widespread Russian hacking and interference in the 2016 election never happens again,” said Rep. Mark Pocan. “That’s why we are introducing this comprehensive approach to secure our election process from start to finish. By making our elections a top national security priority, we can ensure cybersecurity standards for voting systems are upgraded and require paper ballots with all electronic voting machines. One thing Democrats and Republicans should agree on is that we should be doing everything in our power to guarantee the sovereignty of our county and the integrity of our elections. This bill will do just that.”
“Few things are as critical as the integrity of our elections, which is why we must protect one of our most sacred institutions from foreign powers and domestic hackers who seek to undermine and influence our democratic process,” said Rep. Keith Ellison. “The SAFE Act makes our elections a top national security priority, creates cybersecurity standards to protect our voting systems, and ensures accountability to voters. The American people must have full confidence that their votes are protected and counted. Russia nor any other country should be able to interfere in our elections ever again, which is why we must pass the SAFE Act.”
“Recent reports documenting an alleged data breach at Georgia's Center For Elections Systems – involving as much as 7.5 million voter records – serve as a stark reminder of the vulnerability of our election infrastructure,” said Rep. Hank Johnson. “As a fundamental tenet of our democracy, our voting systems are a matter of national security and we must make sure they are not compromised or disrupted by outside parties. Expressing Congress’ support to designate our voting systems as critical infrastructure will encourage the Department of Homeland Security and the states to better coordinate, engage, and share resources that will improve the security of our electoral process. The SAFE Act will help ensure the security of our voting systems and preserve public faith in the integrity of our electoral process.”
The SAFE Act would:
1. Permanently classify the security and integrity of our elections as essential to the United States’ national security interests and allow the Department of Homeland Security (DHS) to designate election infrastructure as critical infrastructure. This includes storage facilities, polling places, vote tabulation locations, voter databases, voting machines, and other systems that manage the election process. This important classification would place elections systems in the same category as other critical infrastructure including the power grid, the banking system, and other utilities.
2. Authorize the necessary funding for upgrading cybersecurity standards of voting systems, including the software used to operate such systems, and to ensure the security of the manufacturing processes for such components through collaboration with the National Institute for Standards in Technology (NIST) and the Department of Homeland Security. The bill will also ensure cybersecurity for all voter registration databases.
3. Require NIST and DHS to create basic cybersecurity standards for private companies contracted to work on elections systems in the US.
4. Require all electronic voting machines to have a corresponding paper ballot. The EAC would be required to randomly audit 5% of wards/precincts in each state to ensure that there are no discrepancies between paper ballots and electronic ballots.
5. Reauthorize the EAC (Election Assistance Commission) for a period of 10 years. The EAC is the most well-equipped agency to deal with election technology issues, such as software patches, for voting machines from private vendors. Eliminating this crucial agency would create an easily exploitable opportunity to hackers.
6. Require the DHS to conduct a review of elections systems yearly beginning in 2018.