Senate backs $250M in election security grants

The Senate Appropriations Committee added $250 million in election security funding to a key spending bill with a bipartisan amendment at a Sept. 19 markup session.

While the lead sponsors of the amendment were the chair and ranking member of the committee, the green light for the measure came from Senate Majority Leader Mitch McConnell (R-Ky.).

Senate Minority Leader Chuck Schumer (D-N.Y.) was quick to declare victory on the Senate floor.

"It is not all the money we requested, and it doesn't include a single solitary reform that virtually everyone knows we need, but it's a start," Schumer said after the bill advanced committee. "Leader McConnell kept saying we don't need the money. I made umpteen speeches here at this chair, and the Republican leader denied the need. But now, thank God, he has seen the light."

Sen. Patrick Leahy (D-Vt.), the ranking member of the Appropriations Committee, said at the committee meeting that the $250 million in grant funding will allow states to upgrade election infrastructure, buy new technology and improve cybersecurity.

The House of Representatives passed $600 million for election security grants in its appropriations bill.

Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, told reporters at a conference that the new funding represents "a great start."

Krebs said paperless direct recording electronic voting machines are the leading weakness that should be addressed by state officials with the new grants. He also called for a regular funding stream that "states can set their budgeting clocks by" to, rather than "inconsistent mass injections of cash."

Krebs explained that with regular funding, "you can hire people against it, you can execute long term IT service contracts" that would long-term benefits. He also pitched the idea of a joint "innovation lab" among states to conduct pilots around risk limiting audits and other measures.

"Continuing the efforts on cybersecurity, protecting the voter registration systems and …  refreshing the technology with new voting systems. Those are the three pillars, the three most important concepts and priorities," Palmer told FCW on the sidelines of a Sept. 19 cybersecurity conference.

In particular, voter registration systems, which U.S. officials have said were targeted, probed and in some cases penetrated in all 50 states by Russian hackers in 2016, are "probably the most outward facing network that may be vulnerable," he said.

Sen. James Lankford (R-Okla.) a co-sponsor of the Secure Elections Act that promotes information sharing between the intelligence community and states, didn’t oppose the amendment but cautioned members that strong oversight is necessary to make sure dollars are being spent wisely.

At the markup, Lankford noted that of the $380 million appropriated in 2018 for election security only $128 million has been spent, according to data from days ago.  "I've yet to see a time that any state – including my state – has turned away federal dollars, especially when it has a 5% match from the state," he said.

Sen. Chris Coons (D-Del.) suggested that Lankford may be quibbling about money that has been spent versus money that has been obligated to projects and contracts, adding that a $3 million grant to his state helped replace an aging election system.

"Given documented, repeated efforts by Russian military intelligence to interfere with our elections," Coons said, "we would have great consequences" in 2020 if nothing is done to prepare now.

EAC is at work on revising voting system standards that haven't been truly updated for security in more than a decade – a factor potentially complicating quick action by states. Any machines purchased this year or next would be tied to standards that could be soon be outdated.

"Obviously we're going to continue our work to set the new standards and the manufacturers … they’re looking at [Voluntary Voting System Guidelines] 2.0 and they're going to start building to that as soon as we can finish that process,” Palmer told FCW. "In the end I'm not sure EAC can do that. That would have to be something that Congress does … it’s taken them this long just to get to a pot of money."

Chris Wlaschin, vice president of systems security at ES&S, the largest voting machine manufacturer in the country, told FCW that he agreed the investments should be about more than just replacing old voting machines.

"Our position has been that state and local election officials need recurring, programmatic investment in election security -- not just machines -- coming from a manufacturer it shouldn’t be all about buying voting machines," Wlaschin told FCW. "It should be about training staff, it should be about hiring cybersecurity professionals to protect county networks."

However, Wlaschin said he did not agree with the view that states should hold off on purchasing new voting machines until EAC completes the new standards, saying there's no reliable timeline or guarantee they’ll be done any time soon.

"My understanding of where the VVSG 2.0 is in development, it could be years before that happens, and we don't want states to wait and upgrade, we want to upgrade to the most modern equipment that we’re deploying right now, Windows 10 and all the protections that comes with. And then as VVSG 2.0 takes shape, we'll work with the EAC to include improvements where necessary," Wlaschin said.

Also on the election security front, Sen. Chris Van Hollen (D-Md.) previewed plans for a proposal on the Senate floor, in partnership with Sen. Marco Rubio (R-Fla.), formally instructing senators negotiating the final National Defense Authorization Act to include a provision in that bill detailing the consequences to foreign powers for interfering in U.S. elections. The two senators sent a letter to the chairs and ranking members of the defense committee in July urging the inclusion of their legislation in the NDAA.

In his floor remarks, Schumer called for McConnell to advance other bipartisan election security legislation that's waiting in the wings, including Lankford's Secure Elections Act, the Van Hollen-Rubio bill and the Defending American Security from Kremlin Aggression Act, which would, among other things, introduce new sanctions on Russian institutions that are linked to efforts to interfere in democratic processes outside the United States.  

"We're getting the money through appropriations, but we need legislation to refine where the dollars go," Schumer said.

Adam Mazmanian contributed reporting to this article.