President Trump’s Helsinki summit with Vladimir Putin, on the heels of 12 Russian intelligence officials indicted for hacking the 2016 election, made it clear that this administration has zero commitment to protect our elections from future Russian attacks.
These events should remind us of an alarming fact we can no longer afford to ignore: our elections are not secure.
As a nation, we underfund and neglect election security. So, much like our aging infrastructure, our election infrastructure is severely outdated and crumbling before our eyes.
Unfortunately, in today’s hyper-partisan environment, even concerns over election security are divided along party lines. Case in point: after his trip to Russia last week, Republican Senator Ron Johnson declared “It’s very difficult to really meddle in our elections. It just is.”
To effectively safeguard our elections, we need to consider yet another conservative taboo: the federal government should have more power in setting election security standards. Our current decentralized, disjointed state-based system is no longer adequate for protecting our elections against foreign interference in the 21st century.
Right now, the federal government plays a very limited role in the oversight of election security. The Election Assistance Commission and Department of Homeland Security offer optional resources and issue non-binding guidelines for best practices, and states are free to come up with their own standards as they please. The results, unsurprisingly, are abysmal.
In 2016, for example, over two-thirds of all counties in the U.S. used voting machines that were over a decade old. Many machine used outdated softwares and ran in absurdly old operating systems such as Windows 2000. Thirteen states still use machines that are completely electronic, which makes them prone to glitches, and with no paper trails, the results cannot be audited.
Many experts have pointed out that our current machines could be hacked in a matter of minutes. Recently, a 14 year-old participant at DefCon breached a voting machine in 90 minutes, and was able to change the vote tally in the machine remotely, from anywhere.
Besides the machines, there are other major vulnerabilities in many states’ election security standards that would make hacking our elections a breeze for the Russians. Our voter registration databases are outdated and prone to infiltration. Many states have no post-election auditing requirements at all, and those that do are often insufficient, severely undermining our ability to identify and correct an attack.
While federalizing election security has long been castigated as an infringement of state rights, politicians are beginning to acknowledge its necessity. Senator Ron Wyden, for instance, recently introduced The Protecting American Votes and Elections Act of 2018, which would require every state to use election machines with paper ballots and mandate risk-limiting post-election audits (the “gold standard” of election auditing).
As Wyden argues: “Americans don’t expect states, much less county officials, to fight America’s wars. The Russians have attacked our election infrastructure and leaving our defenses to states and local entities, in my view, is not an adequate response. Our country needs baseline, mandatory, federal election security standards.”
Rather than providing concrete solutions, this Republican Congress continues to pretend that all of our election security problems can be solved by tiny, poorly designed federal grant programs alone. In this year’s omnibus spending bill, a bipartisan compromise provided a meager, but much-needed $380 million federal grant to states for strengthening election security ahead of the 2018 election. However, the effectiveness of this grant is questionable, given it was earmarked for broad purposes and allocated by a formula that is not competitive or need-based.
Worse still, since states are not required to spend the federal grant allocated to them, some states have not even applied to collect their shares. Several state governments are impeding the use of this grant through a combination of delayed action and inaction. For example, Florida’s Republican-led state legislature has refused to authorize their election officials to use the grant before the 2018 election, even when the state is in desperate need for more election security funding.
While inadequate funding is a serious concern that needs to be addressed — House Democrats estimated that we will need $1.4 billion over the next decade to bring our entire election system in line with best practices — increasing federal grants alone would not be enough to secure elections in every state. The Secure Elections Act, a bill currently with the most broad-based, bipartisan support, will provide much-needed federal funding to make up for the current shortfall, but as with this year’s federal grant, there is no guarantee states would use the funding in a timely and effective fashion — or at all — given state participation will remain voluntary under this bill.
Our representative democracy cannot survive if we fail to preserve the fairness and integrity of our elections. While it’s too late to implement binding federal guidelines to secure the 2018 midterm, we should accept nothing less for the 2020 presidential election, as we can be certain the Russians will hack that election in order to help their preferred candidate, yet again.
Too many states have proven they are unwilling to take election security seriously. It’s time for the federal government to step in.