Photo by Element5 Digital on Unsplash

Engage and take action!

If you have an evidence-based idea you’d like to convey to lawmakers, or a question they should ask witnesses during this hearing, kindly send them to sciencepolicy@fas.org. We will anonymize your submission and make sure the Committee on House Administration sees it.

Help protect American elections

US elections are under attack. Russia, Iran, North Korea, China, and others are looking at infiltrating American voting systems. The 2016 election saw efforts to break into computerized election infrastructure, in addition to the more widely known foreign influence campaigns that leveraged social media and targeted both the 2016 and 2018 elections.

During its hearing, the Committee on House Administration wants to engage with witnesses on issues like safeguarding voting machines, protecting voter registration records, improving cybersecurity practices, and ensuring that every American’s vote counts. We need your help to develop questions for use in the hearing and to provide objective information to Members of Congress.

This website gives you an opportunity to tell Congress what issues should be discussed during this critical hearing, and to access nonpartisan resources to learn about the issues. You can submit questions that lawmakers should ask witnesses (sample questions below), personal stories on your experiences related to election security, or your general thoughts on how Congress can ensure that our elections remain democratic.

Hearing details

Election security 2020: Perspectives from voting system vendors and experts

What: Committee on House Administration hearing

Who: The witnesses who will testify during this hearing are:

  • Mr. Matt Blaze, Professor of Law, Georgetown University Law Center, Washington, DC
  • Mr. Tom Burt, President and CEO, Election Systems & Software, Omaha, NE
  • Dr. Juan Gilbert, Andrew Banks Family Preeminence Endowed Professor & Chair, University of Florida, Gainesville, FL
  • Ms. Liz Howard, Counsel, Brennan Center for Justice, Washington, DC
  • Ms. Julie Mathis, President and CEO, Hart InterCivic, Austin, TX
  • Mr. John Poulos, President and CEO, Dominion Voting Systems, Denver, CO
  • Rev. Dr. T. Anthony Spearman, President, North Carolina NAACP & Member of the Guilford County, NC Board of Elections

When: Thursday, January 9, 2020 at 10:00am ET

Where: 1310 Longworth House Office Building, Washington, DC 20515 / Webcast

Nonpartisan analysis and research

Sample questions for lawmakers to ask witnesses. Please share yours for lawmakers.

There are two main types of voting systems: electronic and paper-based. Direct recording electronic voting systems tally votes as selections are made via touch screen, but there is no paper trail, and no opportunity for auditing.

Should all voting systems be required to have a voter-verifiable paper ballot, and how much would it cost – independent of other security funding needs – to make this a reality in states with electronic-only voting systems?

Small election jurisdictions trying to independently secure their IT systems could benefit by consolidating resources and ensuring that trained experts are directing efforts around cybersecurity and safeguarding IT infrastructure.

What are the ways to find these opportunities for cybersecurity coordination within the states, and how can Congress assist to bolster cybersecurity awareness and best practices?

Tensions can run high on election night, and most stakeholders want to learn the results as soon as possible; however, vote counting is often incomplete until days later.

With regard to voting systems, how can Congress aid in increasing confidence in the reporting of election results, especially on election night?

The Russians were able to probe at least 21 states’ voter registration databases in 2016. At least two counties in Florida were breached by foreign actors gaining administrative access through a commercial vendor. While there is no evidence that this changed voter records nor that any vote choices were compromised, the registration databases and third-party vendor community remain weak points in the process heading into 2020.

What can Congress do to assist state and local election administrators to protect the voter registration process and the back-end voter registration databases?

States have been required to maintain statewide voter registration databases since 2002, but the federal law mandating them allowed states to devise their own systems.

So-called top-down systems are maintained by the state, while bottom-up systems are maintained by local jurisdictions.

Are top-down and bottom-up state databases equally secure? Please talk about the pros and cons of each.

Large federal investments are being made to safeguard US elections. It is important that we can measure the impact of these taxpayer dollars.

How will Congress and the public have confidence that this allocation of resources is being used well? What does success look like when it comes to this spending?

The US Election Assistance Commission, established in 2002, “was designed to provide federal coordination and assistance – financial and otherwise – to” our election system.

The Congressional budget compromise increases the EAC’s operating budget from $9.2 million in FY2019 to $15.2 million in FY2020.

What specific role should the Election Assistance Commission play in 2020 with respect to election security?

American democracy relies on fair and open elections where every voter’s ballot counts.

From your perspective, how are election security and public confidence in the legitimacy of election results related?

Last month, Congress appropriated $425 million for states and counties to secure elections and improve administration. State fund-matching programs will bring this total to over half a billion dollars nationally.

This is a substantial amount of money. How should this funding be used by state and local governments to improve election security in the run-up to the 2020 election? What should the priorities be, where would the money be best spent, and why?

It is up to local and state government buyers to select voting machine vendors. According to a study from the University of Pennsylvania Wharton Public Policy Initiative, the top three election vendors control more than 90% of the voting machine market.

From your perspective, what are the implications of this finding for election security?

Election vendors provide services at every level of our critical US election infrastructure. These companies provide everything from voting machines to electronic voter check-in and verification devices, voter registration databases, and more.

A report from the Brennan Center for Justice at New York University Law highlights how election vendors receive little or no federal review or oversight, and asserts that this is a vulnerability to US election security.

In your view, should Congress consider implementing oversight of election vendors? Why or why not, and if so, what would effective oversight look like?

The Pentagon’s Cyber Command is working toward the goal of eliminating foreign interference in the US electoral process. “Cybercom is continuing its close relationship with the National Security Agency and working to build partnerships with other nations, other US agencies, and American industry.”

From your perspective, how effective were the US military’s cyberoperations in protecting the 2018 midterm elections, and what improvements in methods or coordination with other groups should be made to be even more effective in 2020?

Since 2002, international election observers from the Organization for Security and Cooperation in Europe have visited the US seven times to monitor our voting system. These representatives from foreign nongovernmental or intergovernmental organizations monitor elections during the pre-election period, on election day, and during the post-election period.

One of the OSCE’s main concerns is the security of US election technologies. A priority recommendation in their post-2018 US midterms report is that “federal and state governments should provide sufficient and sustainable funding mechanisms to replace aging voting equipment and to improve cybersecurity.”

Please explain whether you agree with the OSCE’s recommendation, what you believe appropriate funding mechanisms would be, and, more generally, how the US should capitalize on the efforts of international election observers.

Mr. Blaze, in your November 19, 2019 prepared testimony before the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, you offered three specific recommendations to reduce the security risks facing U.S. elections: 1) phase out paperless voting machines with precinct-counted optical scan ballots; 2) conduct statistically rigorous risk-limiting audits after every election in every jurisdiction; and 3) provide state and local voting officials access to significant additional resources to help them protect their systems from increasingly sophisticated adversaries.

Currently, it appears that paperless voting machines will still be used in jurisdictions in at least a handful of states for 2020, that risk-limiting audits will only take place in a small number of states, and that some jurisdictions may not receive significant additional resources to help with securing their 2020 elections.

Considering all of this, what are the most important things vendors and election officials can do between now and 2020 to reduce their security risks?

Ms. Howard, your organization has argued for replacing all paperless voting systems before the 2020 election. While some progress has been made, it appears increasingly likely that this goal will not be achieved.

At this juncture, what should jurisdictions using aging paperless voting systems in 2020 do to mitigate their systems’ risks?

Follow-up: At this juncture, what actions can Congress take to help vendors and election officials ensure that our 2020 elections are free, fair, secure and accurate?

Dr. Gilbert, as you know, Northampton County, Pennsylvania’s November 5, 2019 Election Day was marred by glitch-prone voting equipment, complaints of long lines, and frustrated poll workers and voters. Faulty elections results erroneously showed a Republican judicial candidate winning by a nearly statistically impossible margin, forcing county election officials to count the paper backup ballots generated by the same voting machines that had failed digitally on election night.

According to the vendor, Election Systems & Software (ES&S), there are almost 6,300 of these ExpressVote XL voting machines in use throughout the United States. After conducting its own internal investigation of the issues experienced during the November 5, 2019 election, ES&S said the problems experienced in Northampton County were due primarily to human errors committed by its employees.

As the inventor of the Prime III Voting Machine, which the ExpressVote XL mimics in a number of ways, do you think any further actions ought to be taken in Northampton County or elsewhere to ensure that there aren’t additional elections administered like this one?

Follow-up: In the past, you have stated that ballot marking devices like the Prime III Voting Machine you invented, or the ExpressVote XL, are preferable to hand-marked paper ballot voting systems.  Do you still believe this? And if so, why?

Dr. Spearman, in an October 27, 2019 op-ed for the Greensboro News & Record, you wrote that “the Guilford County elections board took a step in the right direction when it chose to use a hand-marked paper ballot system. This is the most secure way of voting and provides the best record of voter intent.”

Can you tell us why you think a hand-marked paper ballot system is the most secure way of voting and provides the best record of voter intent?

Mr. Burt, in your June 2019 op-ed for Roll Call, you called on Congress to pass a more robust testing program for voting systems and outlined Election Systems & Software’s decision to “no longer sell paperless voting machines as the primary voting device in a jurisdiction.”

What would a more robust testing program look like? What specific steps is your company taking to strengthen election security in the lead up to the 2020 elections? And how can Congress and the federal government support these steps?

Follow-up: Ms. Mathis, Mr. Poulos, please explain how your views converge with or differ from those of Mr. Burt, and what your companies are doing to strengthen election security in the lead up to the 2020 elections.

Voting systems are currently subject to some functional requirements under a voluntary federal testing and certification regime, but other critical components of electronic infrastructure are not, like electronic pollbooks – devices used to check-in and verify voters.

Ms. Mathis, Mr. Burt, Mr. Poulos: Do you support federal scrutiny of critical components of election infrastructure other than voting systems? Why or why not, and if so, which components?

Mr. Poulos, Ms. Mathis, Mr. Burt: For the record, what mandatory federal standards currently govern how vendors themselves can design and maintain their voting systems?

Follow-up: Do you support additional federal regulation for how vendors can design and maintain their voting systems? If no, why not? If yes, what additional regulation(s) would you propose?

Mr. Burt, Mr. Poulos, Ms. Mathis: At least two counties’ election systems were breached by hackers in 2016. The threat is real.

How, when and to whom do you disclose security breaches to?

Follow-up: How do you manage supply chain risks to election security?

Follow-up: How do you disclose foreign ownership interests and/or control of your organization?

Your evidence-based question could be here!

Questions denoted by * are adapted from a Bipartisan Policy Center piece by Matthew Weil and Katie Grover. Questions denoted by ^ were contributed directly by Matthew Weil. Questions denoted by ** were contributed directly by the Alliance for Securing Democracy’s David Levine. All other questions were crafted based on additional input from the CSPI community, and more sample questions will be added as objective contributions are received from the expert community. Email your submissions to us at sciencepolicy@fas.org! Last updated Tuesday 1/7/20.

Quick reads

Securing the vote: Protecting American democracy – National Academies of Sciences, Engineering, and Medicine Report Summary

Campaign and election security policy – Congressional Research Service In Focus

Election security for the 2018 midterm elections – CRS Insight

Voter registration system policy issues – CRS In Focus

Designation of election systems as critical infrastructure – CRS In Focus

Federal funding for securing election systems – CRS In Focus

States’ spending of FY2018 Help America Vote Act payments – CRS In Focus

Cybersecurity and election infrastructure – CRS In Focus

US Election Assistance Commission overview – CRS In Focus

Deep dives

Federal role in US campaigns and elections – CRS Report

Securing the vote: Protecting American democracy – NASEM Report

Voting equipment use and replacement – Government Accountability Office Report

The US Election Assistance Commission – CRS Report

New realities of voting by mail – Bipartisan Policy Center Report

Resources

Nonprofit hubs

Election security – American Association for the Advancement of Science Collection

Voting system integrity – Brennan Center for Justice Collection

Legislative branch

Russian efforts against election infrastructure – US Senate Select Committee on Intelligence Report

Executive branch

Russian interference in the 2016 presidential election – US Department of Justice Special Counsel Report

Securing the election process – US Election Assistance Commission Resource Page

Protected voices – Federal Bureau of Investigation Resource Page

Press clips

What you need to know about US election security and voting machines – NPR piece

The scramble to secure America’s voting machines – Politico tracker

States are on front lines of 2020 election-security efforts – Associated Press piece

Report on election security gains attention, and a sharp rebuke – ProPublica piece

The market for voting machines is broken. This company has thrived in it. – ProPublica piece

There’s a lot to like in Congress’s new election security measures. But there’s a big omission. – Washington Post Editorial Board piece

Spending deal allots millions for election security, but Democrats say it isn’t enough – Wall Street Journal piece

Bipartisan bills

Election Technology Research Act of 2019, H.R.4990

Voting System Cybersecurity Act of 2019, S.1454

Protect our Elections Act, H.R.4777S.825

Defending Elections from Threats by Establishing Redlines Act of 2019, S.1060

Engage and take action!

Contribute your nonpartisan, objective statements and questions. We will collate your submissions and post them here – anonymously – as part of this resource for policymakers. Submit to sciencepolicy@fas.org!