States Push for Outstanding Election Security Funds Ahead of Midterms

Secretaries of state want Congress to appropriate $396 million in previously approved funds to update their election infrastructure, after Senate Intelligence Committee lawmakers reiterated Tuesday that states are primarily responsible for running elections.

This isn’t the first time the secretaries have pressed Congress to allot the remainder of Help America Vote Act, or HAVA, funding. But less than eight months out from the midterm elections, the Intelligence Committee released draft recommendations on election security. Among them: the Department of Homeland Security “should expedite security clearances for appropriate state and local officials” and “declassify information more quickly.”

The recommendations also advise states to “rapidly replace” voting systems that connect to Wi-Fi and fail to produce auditable paper trails. But that costs money states lack, Vermont Secretary of State Jim Condos plans to tell the committee Wednesday morning at an open hearing on election security.

“Our existing infrastructure is aging and election officials are increasingly required to modernize and innovate in order to ensure that elections continue to be administered in a secure and efficient manner,” reads the submitted testimony from the National Association of Secretaries of State’s president-elect. “Meeting the ongoing demands for updated equipment and ongoing cybersecurity upgrades requires funding that the states simply do not have within their own budgets.”  

Future funding could come from a voluntary grant program Senate Intelligence recommends Congress establish. But HAVA was already passed in 2002. As of fiscal year 2016, $3.5 billion of HAVA’s authorized $3.65 billion was appropriated, according to the Congressional Research Service.

“Timing is absolutely critical” if states are going to purchase new voting systems, implement additional cybersecurity tools and hire more IT professionals before the November elections, Condos’ testimony reads.

Sen. Richard Burr, a North Carolina Republican and the Senate Intelligence chairman, expressed optimism Congress’ forthcoming omnibus spending bill might address state election security funding. His committee’s recommendations come as part of its larger investigation into Russia’s meddling and disinformation efforts during the 2016 presidential campaign and election.

“It is clear the Russian government was looking for the vulnerabilities in our election system and highlighted some of the key gaps,” Burr said during a Tuesday press conference announcing the recommendations. “The Department of Homeland Security and the FBI alerted states to the threat. The warnings did not provide enough information or go to the right person in every case.”

DHS took nine months to notify 21 states Russia scanned election-related systems they managed and breached one voter registration system, in the case of Illinois, though no 2016 vote tallies were altered.

Five states used only electronic voting machines with no auditable paper trail in that election, while nine used some, and 40 had election equipment more than a decade old with outdated software in some cases.

Virginia had to change out equipment in 23 jurisdictions prior to its 2017 state elections to ensure its election system was fully auditable.

“It took a real scramble,” said Sen. Mark Warner, a Virginia Democrat and Senate Intelligence’s ranking member. “But that scramble was appropriate to try to give Virginians the confidence that our systems were going to be secure in our state elections last year.”

While it was the Russians in 2016, the methods they used are now out there for other adversaries to mimic, Warner added.

NASS is working with DHS Secretary Kirstjen Nielsen to update incident notification procedures and receive security clearances, Condos’ testimony reads. Not a single clearance had been issued eight months after the 2016 election, said Sen. Susan Collins, a Maine Republican.

“While DHS recently sponsored a one-day, classified briefing, it received decidedly mixed reviews from state election officials,” Collins said of February’s intelligence kerfuffle with NASS. “We must assist states in hardening their defenses against foreign adversaries, including passing much-needed legislation providing funding and authorizing appropriate security clearances to top election officials.”

Another Senate Intelligence recommendation involves the General Services Administration providing states with a list of credible private sector vendors for cybersecurity services.

It will likely fall to the Senate Rules Committee to process the Intelligence Committee’s recommendations, Burr said.

Should election security funding be appropriated to states, neither Condos nor the committee members expect it to be a cure-all.

“Most of the states in the United States have auditable election systems. The concern that we have is some states—they’ve chosen not to have auditable elections systems—to help incentivize them,” said Sen. James Lankford, an Oklahoma Republican. “It’s not our desire to be able fully fund the elections within individual states; that is a state responsibility.”