Menendez Introduces Election Security Bill to Protect Our Democracy from Foreign Interference

Menendez Introduces Election Security Bill to Protect Our Democracy from Foreign Interference

Legislation provides federal funding to states working to shore up their voting systems

WASHINGTON, D.C. – U.S. Senator Bob Menendez, the Ranking Member of the Senate Foreign Relations Committee and the architect of Russia sanctions legislation, introduced the Protecting the Right to Independent and Democratic Elections (PRIDE) Act to shore up our voting systems.  Last year, we learned that at least 21 states had their election systems targeted by foreign actors prior to the 2016 elections, which 17 U.S. intelligence agencies and the bipartisan Senate Intelligence Committee found were subject to Russian interference. 

“Russia’s blatant interference in our elections was an attack on our democracy and our nation.  What’s even more troubling are reports that the Russian government is attempting to meddle in the 2018 midterms,” said Sen. Menendez, who was personally sanctioned by Vladimir Putin for his support of Ukraine following Russia’s invasion of Crimea.  “We need to do everything we can to protect the integrity of our elections and the ability of American citizens to choose their leaders and representatives—the very essence of our democracy.  The PRIDE Act helps states take important steps to secure their voting systems, registration rolls and ballots to ensure the will of the people is properly heard.”    

The PRIDE Act establishes an election security grant program under which the Department of Homeland Security (DHS) awards grants to states to carry out one or more the following activities:

• Implementing or improving the use of auditable paper ballots

An auditable paper trail is critical to ensuring that votes can be correctly counted.  If voter machines are hacked, paper records produced by direct-recording electronic (DRE) voting machines provide a record of voter intent.  And paper ballots are necessary in order to conduct post-election audits to confirm election outcomes.

• Conducting post-election risk limiting audits

Risk-limiting audits offer election administrators an effective and efficient way to test the accuracy of an election without breaking the bank.  They allow election officials to catch and correct incorrect election outcomes, and are designed to confirm the outcome of an election, by utilizing an initial sample of ballots, based on the margin of victory, which are interpreted by hand, and may then expand depending on the initial audit results. 

• Implementing cybersecurity standards and best practices

Cyber security is integral to protecting our voting systems, and some states are already taking steps to protect against hackers.  The National Institute for Standards and Technology provides a framework for critical infrastructure to guard against cyber threats.  In addition, special consideration should be given to the Center for Internet Security (CIS) Controls, a non-profit organization that promotes cybersecurity readiness and response by identifying, developing, and validating best practices. 

In January 2018, then-CIA Director Mike Pompeo said that he had “every expectation” that the Russians would continue to attempt to interfere in our elections.  The next month, Dan Coats, the director of National Intelligence, told the Senate Intelligence Committee that the U.S. faced the challenge of shoring up the defense of our electoral systems.

“With state election systems facing constant cyber threats, this legislation would go a long way toward instituting critical safeguards that must be in place to defend against sophisticated cyberattacks,” said Common Cause Director of Voting Integrity Susannah Goodman.  "By providing states with tools to conduct post-election audits and replace paperless voting systems, this legislation would help ensure that all our votes are counted as cast in this new Code Red cybersecurity environment.”

Although New Jersey received a grade of “good” for meeting minimum cybersecurity standards, a February 2018 report from the Center for American Progress that examined and graded election security in all 50 states gave New Jersey a “D”.  New Jersey is one of five states that use exclusively paperless machines with no independently verifiable paper trail.  The report noted that “[u]ntil New Jersey switches to a statewide paper-based voting system and requires post-election audits, its elections will remain vulnerable.”  The state is currently in the process of developing an intrusion detection system that monitors incoming and outgoing traffic for irregularities and the state has enlisted DHS to help assess and identify potential threats to its voter registration system. 

"Elections are some of the most important yet neglected activities our government oversees.  The PRIDE Voting Act would substantially change this picture providing funds to states and local governments, and targeted so these funds work to improve election cybersecurity by requiring funds recipients spend their money on paper records, post-election audits, and cybersecurity controls,” Joseph Lorenzo Hall, chief technologist, Center for Democracy & Technology.

Sen. Menendez voted for the recent omnibus spending bill that included $380 million for state grants to improve election infrastructure, as well as $307 million above what the Trump Administration had requested for the F.B.I. that can be used to combat cyberattacks, election fraud and other crimes.  The funding ensures that each state will receive a minimum $3 million to improve election security with additional funds provided based on the population of each state. 

According to published reports, there was “substantial evidence” developed by the U.S. intelligence community that Russian operatives had compromised the websites and databases of seven states—Alaska, Arizona, California, Florida, Illinois, Texas, and Wisconsin—prior to the 2016 election.

On April 24, 2018 Jeanette Manfra, DHS's assistant secretary for cybersecurity and communications, testified before the Senate Homeland Security and Government Affairs Committee (HSGAC) that Russian hackers “probably” targeted more than 21 states during the 2016 election season. 

In May 2018, the Senate Intelligence Committee released a report confirming those findings, further stating that Russia was preparing to undermine confidence in and discredit the integrity of the U.S. voting processes when its hackers surveilled those 21 states, and that these activity began at least in early 2014.  In a few states, the Committee said Russian hackers were “in a position to, at a minimum, alter or delete voter registration data.” 

###