House Passes Election Security Bill That Finally Adds Security Researchers To The Mix

from the still-have-to-suffer-through-this-year's-insecure-election-though dept

Everyone agrees elections should be secure. But hardly anyone in the federal government is doing anything useful about it. The shift to electronic voting has succumbed to regulatory capture which isn't doing anything to ensure the best and most secure products are being deployed. On top of that, it's become a partisan issue at times, resulting in legislators scoring political points rather than making voting and voters more secure.

There may be some good news on the way, although it's unlikely to result in a more secure election in 2020. As Maggie Miller reports for The Hill, political differences have been stowed away for the moment to push an election security bill forward.

The House on Wednesday unanimously passed bipartisan legislation intended to boost research into the security of election infrastructure.

The Election Technology Research Act would establish and fund a Center of Excellence in Election Systems at the National Institute of Standards and Technology (NIST) to test the security and accessibility of voting equipment, along with authorizing NIST and the National Science Foundation to carry out research on further securing voting technology.

The bill [PDF] made its debut last year, but hasn't gone anywhere since February 2020. Now, with an election right around the corner, the bill is finally moving again. This is still pretty last minute, though. The Senate still has to deliver its own version. And it appears to be in no hurry to do that. Earlier this year, the Senate majority blocked three election security bills, adding them to the pile of legislation Senate Majority Leader Mitch McConnell doesn't care for.

Even with bipartisan support, one ranking House member thinks the bill just creates more problems.

Rep. Rodney Davis (R-Ill.), the ranking member of the House Administration Committee, expressed reservations about the legislation on the House floor Wednesday, saying that his panel had not held a markup or hearing on the bill and noting concerns about the legislation potentially undermining work by the Election Assistance Commission.

This may be a legitimate concern, but it could just be political posturing. Recent history shows the head of the EAC did more to undermine the EAC's work than any outside election security efforts.

Brian Newby, the executive director of the Election Assistance Commission, has blocked important work on election security, micromanaged employees’ interactions with partners outside the agency and routinely ignored staff questions, according to former election officials, former federal employees and others who regularly work with the agency.

Newby failed to secure the EAC votes needed to serve another term. He exited the EAC last September, leaving behind a legacy of not giving a damn about election security.

The Election Assistance Commission has ceded its leadership role in providing security training, state and local officials say, forcing them to rely on the help of the U.S. Department of Homeland Security, which lacks the same level of experience in the issues confronting the country’s voting systems.

[...]

The election officials assert that the EAC’s executive director, Brian Newby, has blocked the travel of key staffers at the EAC who specialize in cybersecurity, preventing them from attending what training sessions have taken place.

Given this, it's hard to imagine legislation that ropes in the NIST and NSF causing more problems for election security than the Election Assistance Commission has created itself.

Even if this bill lands on the President's desk in time for this year's election, it won't make this one any more secure. The changes won't be implemented immediately and a report on current security measures and processes won't be provided to Congress for another 18 months. But it should make things better going forward, even if it will be off to a slow start. It finally adds actual researchers to the mix, which should hopefully keep this from becoming a political football every 2-4 years.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: congress, election infrastructure, election security, election threat research act, elections, security research