By Wendy Underhill
You may have heard something—or a whole lot—about election security recently: Russians, hackers, cyberthreats, misinformation…every day, a new story. The topic is everchanging, so at any point it’s hard to tell what’s what.
With that in mind, here are a couple of firm statements:
- The FBI, the Department of Homeland Security and the office of the Director of National Intelligence have made election security a priority, and are coordinating their efforts.
- In March 2018 Congress passed the federal omnibus appropriations bill, which included $380 million for states to use to improve their elections systems.
In short, the federal government has begun taking seriously threats to our nation’s electoral systems, whether the threats come from domestic or foreign actors. States have been, and will continue, taking threats to elections seriously too. Security remains primarily a state responsibility.
Most states are reviewing federal offers of assistance, particularly from DHS. And they are figuring out how to use their portion of the $380 million appropriation. May’s issue of NCSL’s election newsletter, The Canvass, addresses what states can do with their shares. The Election Assistance Commission is handling the disbursement of the funds, and in its instructions to states on how to apply, it suggests these categories of expenditures:
- Voting equipment replacement and upgrades.
- Election auditing.
- Voting registration systems and management.
- Cyber vulnerabilities.
- Additional categories to be identified by states.
The awards start at $3 million for small states and top out at $34.5 million for California. In no case will the award be close to the amount needed to replace an election system. Some states may use the funding as a down payment, you might say, on new voting systems, but that’s hardly the only option.
Many states are looking to upgrade their registration systems on the theory that mischief in registration would sow widespread confusion and potentially impede voting, even if it wouldn’t lead to inaccurate vote tallies. Another common option is to reduce cyber vulnerabilities by hiring security staff and sharing their professional expertise down the line all the way to the registrars in the state’s smallest jurisdictions.
The goal, of course, is to run secure elections. But maybe that’s unattainable. Consider this quote from Salman Rushdie that’s being used by cybersecurity experts these days: “There is no such thing as perfect security, only varying levels of insecurity.” States are at least moving up, level by level.
Wendy Underhill is NCSL’s director for elections and redistricting.