Should U.S. Elections Have Paper Ballots & Improved Security Against Hacking? (H.R. 2722)

What is H.R. 2722?

(Updated July 14, 2020)

This bill — the Securing America’s Federal Elections (SAFE) Act — contains a package of legislative reforms intended to modernize U.S. election infrastructure and improve its security against hacking. Among its measures, it would mandate the use of voter-verified ballots and authorize $600 million to update outdated election equipment. A detailed breakdown of its various provisions can be found below.

FUNDING FOR ELECTION INFRASTRUCTURE

Paper Ballots: This section of the bill would require voter-verified paper ballots for all elections. This would entail requiring that voting systems use an individual, durable, voter-verified paper ballot of the voter’s vote that would be marked and made available for inspection and verification by the voter before their vote is cast and counted.

Additionally, this bill would require that every paper ballot be suitable for a manual audit and be counted by hand in any recount or audit conducted for a federal election. Additionally, in the case of any inconsistencies or irregularities between electronic vote and paper ballot tallies, this bill would mandate that the paper ballot tally be considered the true and correct record of the vote total.

Should paper ballots be determined to have been compromised, only the paper ballots deemed compromised,  would be considered in calculations of whether or not an election’s result could be changed due to the compromised paper ballots.

Accessibility and Ballot Verification for Disabled Individuals: To ensure that individuals with disabilities are given an equivalent opportunity to vote, this bill would amend the Help America Vote Act of 2002 to include specific language guaranteeing assistance to help such individuals vote in a manner that produces a voter-verified paper ballot.

Study and Report on Accessible Paper Ballot Verification Mechanisms: This section would provide $5 million to the Director of the National Science Foundation (NSF) to make grants to at least three eligible entities to study, test, and develop accessible paper ballot voting, verification, and casting mechanisms and devices and best practices to enhance the accessibility of paper ballot voting and verification mechanisms for: 1) individuals with disabilities, 2) voters whose primary language is not English, and 3) voters with difficulties in literacy. Best practices for the mechanisms themselves and the processes through which the mechanisms are used would be studied.

Durability and Readability Requirements for Ballots: This section would require that all voter-verified paper ballots be marked or printed on “durable paper,” defined as capable of retaining the information marked or printed on them for 22 months. These ballots must also be clearly readable by the voter without assistance (other than eyeglasses or other personal vision-enhancing devices) and by an optical character recognition device or other device equipped for individuals with disabilities.

Paper Ballot Printing Requirements: This section would require that the durable paper ballots it requires be printed in the U.S. on recycled paper manufactured in the U.S., beginning with elections occurring on or after January 1, 2021.

Study and Report on Optimal Ballot Design: The Election Assistance Commission (EAC) would be charged with conducting a study on the best ways to design ballots, including paper and electronic or digital ballots, to minimize confusion and user errors. It would be required to submit its findings to Congress in a report no later than January 1, 2020.

Election Improvement Grants: This section would make grants available to states to:

• Replace voting systems that don’t meet this bill’s requirements;
  
• Carry out voting system requirement improvements in connection with the November 2020 federal election and subsequent federal elections; and
  
• Implement and model best practices for ballot design, ballot instructions and ballot testing.

The minimum dollar amount for each grant to a state must equal $1 multiplied by the average number of voters who cast ballots in each of the last two federal elections.

This bill would also require that, to the greatest extent practicable, states receiving grants to replace voting systems ensure that the new systems are capable of administering ranked choice voting (a voting system in which each voter ranks the candidates for office in order of their preference).

Voting System Security Improvements: Qualified voting system security improvements under this bill would be defined as:

• The acquisition of goods and services from qualified election infrastructure vendors by purchase, lease or other arrangements as appropriate;
  
• Cyber and risk mitigation training;
  
• Security risk and vulnerability assessments of a state’s election infrastructure, as carried out by a cybersecurity services provider under a contract between the state’s chief election official and the provider;
  
• Maintenance of election infrastructure, including addressing risks and vulnerabilities which are identified by security risk and vulnerability assessments, excluding building renovations for facilities that are primarily used for purposes other than election administration;
  
• Providing increased technical support and enhancements for any IT infrastructure that the chief state election official deems to be part of a state’s election infrastructure or that they designate to be critical to the state’s election infrastructure’s operation; and
  
• Enhancing the cybersecurity of voter registration systems.

Qualified Election Vendors: This bill would define “qualified election infrastructure vendor” as a person who provides, supports or maintains election infrastructure.

Such vendors must: 1) be owned and controlled by a U.S. citizen or permanent resident; 2) disclose the sourcing of any foreign parts for the election infrastructure; 3) agree to ensure that the election infrastructure will be developed and maintained in a manner consistent with the cybersecurity best practices issued by the Technical Guidelines Development Committee; 4) agree to maintain their IT infrastructure in a manner consistent with the cybersecurity best practices issued by the Technical Guidelines Development Committee; 5) agree to report any known or suspected cybersecurity incidents involving its goods and services; and 6) agree to permit independent security testing by the EAC and Secretary of Homeland Security.

Vendors would be required to report election cybersecurity incidents promptly, including the date, time, time zone, circumstances, response and system updates planned pursuant to the incident.

Grants for Obtaining Compliant Paper Ballot Voting Systems and Improving Voting System Security: This section would amend the Help America Vote Act of 2002 to add the Secretary of Homeland Security to the EAC’s Board of Advisors and add a Dept. of Homeland Security (DHS) representative to the Technical Guidelines Development Committee. It would also add securing election systems against cyber and other attacks to the list of goals for the EAC’s periodic studies of election administration issues.

This bill would also permit states to use their requirements payments to make voting system security improvements, including: 1) cyber and risk mitigation training, 2) providing increased technical support and cybersecurity enhancements for any IT infrastructure that the chief state election official determines to be part of the state’s election infrastructure or critical to the state’s election infrastructure’s operation; and 3) enhancing the security of voter registration databases.

Grants for Risk-Limiting Audits of Election Results: This section would allow the EAC to make grants to states to conduct risk-limiting audits with respect to federal elections, beginning with the November 2020 federal election. To carry out this section of the bill, the EAC would be given $20 million for FY 2019, to remain available until expended.

The Government Accountability Office (GAO) would be charged with assessing an analysis of the extent to which risk-limiting audits improve the administration of elections. Its analysis would be conducted by the Comptroller General of the United States, and would be due no later than six months after the first election for federal office is held after grants are first awarded to states for risk-limiting audits.

CYBERSECURITY & ELECTION ADMINISTRATION IMPROVEMENTS

Cybersecurity Testing of Existing Voting Systems: This section would require that existing voting systems be tested for compliance with its new guidelines. Such testing would be required no later than nine months before each regularly scheduled general election for federal office and would be carried out by accredited laboratories. Should the EAC determine, on the basis of testing, that any voting system hardware or software doesn’t meet the most recent guidelines, it would decertify it.

The Technical Guidelines Development Committee would be responsible for issuing election cybersecurity guidelines, including standards and best practices for procuring, maintaining, testing, operating, and updating election systems to prevent and deter cybersecurity incidents, no later than six months after this bill’s enactment.

Election Software Manufacturer Requirement: Use of Software and Hardware for Which Information is Disclosed by Manufacturer: This section would amend the Help America Vote Act of 2002 to require that states only use election software and hardware for which manufacturer information and source codes are disclosed.

Treatment of Electronic Poll Books as Part of Voting Systems: This section would amend the Help America Vote Act to include electronic poll books as part of voting systems.

Pre-Election Reports on Voting System Usage: This section would require states’ chief election officials to submit a report to the EAC detailing the state’s voting system usage plan no fewer than 120 days before a regularly scheduled general election for federal office. This requirement would start with the November 2020 election for federal office and apply to all federal general elections thereafter.

MISCELLANEOUS

• An Election Security Grants Advisory Committee would be established to assist the EAC with granting states grants for election security purposes. This committee would be responsible for reviewing states’ applications and providing recommendations on approval to the EAC. There would be 15 members of the committee, all appointed by the Executive Director of the EAC. They would be required to have experience and expertise in election security and would not be paid for their service on the committee.

• The Help America Vote Act of 2002 would be amended to require that states only use U.S.-manufactured voting machines beginning with the regularly scheduled general election for federal office in November 2022. 

Argument in favor

There’s a real risk that Russia, and perhaps others, will attempt to influence the upcoming 2020 elections using similar tactics to those displayed in 2016. Updating state election infrastructure to protect against hacking and implementing paper ballots for better election auditability will help ensure that future elections are protected against foreign meddling.

Argument opposed

This bill’s partisan nature — along with Sen. McConnell’s opposition to it and House Democrats’ other electoral reforms — means it’s unlikely to become law. Rather than wasting its time on legislation that won’t become law, Congress should spend its time coming to a bipartisan agreement on election security ahead of the 2020 federal elections.

Impact

Elections; voting systems; states; EAC; voting system vendors; state elections officials; federal elections; Help America Vote Act of 2002; paper ballots; and election security.

Cost of H.R. 2722

A CBO cost estimate is unavailable.

Additional Info

In-Depth: Rep. Zoe Lofgren (D-CA) introduced this bill to improve American elections’ security. In a statement, she said, “Ultimately, the SAFE Act will improve the resilience of American election[s] — a goal I know that we all share.”

This bill is strongly opposed by Republicans, who argue that it’s designed to allow the federal government to “take over” elections from states. Rep. Rodney Davis (R-IL), ranking member on the House Administration Committee, draws a parallel between this bill and H.R. 1, the For the People Act, which the House passed along party lines in March 2019. Republicans also strongly objected to H.R. 1, which included sweeping voting reform and security measures in its provisions. Characterizing this bill as a “hyper-partisan” response “that stands no chance of being signed into law,” Davis argues that “Congress’ role is to assist states to strengthen their election security, not create a federal takeover of their election systems.” As an alternative to this bill, Davis offered the Election Security Assistance Act, to provide resources for states to upgrade their voting systems without requiring paper ballots (as this bill does).

Rep. Davis also accused House Speaker Nancy Pelosi (D-CA) of scuttling talks on putting together a bipartisan election security bill. In a statement to The Hill, Rep. Davis said:

“There are a lot of things… that we can agree on, but then all of a sudden leadership from Speaker Pelosi’s office and the Democrat leadership team basically said stop negotiating with Republicans, and that is not what the American people want.”

A committee spokesperson for Rep. Lofgren disputes Rep. Davis’ claim. According to Rep. Lofgren’s spokesperson, Republicans and Democrats were unable to come to an agreement on this bill’s language due to disagreements over what it mandates for elections.

While this bill is likely to pass the House, it’s unlikely to advance in the Senate, where Senate Majority Leader Sen. Mitch McConnell (R-KY) has refused to bring Democrats’ partisan election security legislation to the floor for a vote. As a signal of his opposition to such measures, Sen. McConnell calls H.R. 1 the “Democratic Politician Protection Act.” Sen. McConnell has said he’s willing to address election security concerns, but not at the price of increasing federal oversight. In June 2019, he said, “I’m open to considering legislation, but it has to be directed in a way that doesn’t undermine state and local control of elections.”

In response, Senate Minority Leader Sen. Chuck Schumer (D-NY) has accused Sen. McConnell of effectively encouraging foreign election interference in 2020 through his inaction. In mid-June 2019, Sen. Schumer said, “It is Congress’s solemn obligation to protect our elections. And any leader who doesn’t do that is abdicating their responsibilities to our grand democracy.”

The Center for American Progress (CAP) supports efforts to improve election security. In February 2018, a number of the organization’s staff members co-wrote an overview of election security in all 50 states:

“To understand risks to our election systems and plan for the future, it is necessary to identify existing vulnerabilities in election infrastructure so we can properly assess where resources should be allocated and establish preventative measures and strategies. Only through understanding the terrain can the nation rise to the challenge of preventing voting machine malfunction and defending America’s elections from adversarial attempts to undermine our election infrastructure.”

Writing in The Hill, author and “Full Measure” host Sheryl Attkisson argues that Russia’s influence in the 2016 election — and the need to take drastic measures to ensure Russia doesn’t meddle again in 2020’s election — is irrefutable:

“There’s at least one conclusion on which there’s largely bipartisan agreement: Russia interfered with the 2016 presidential election. No vote tallies were changed, according to Obama administration intel analyses, but the interference was serious enough that many insist drastic steps must be taken to avoid a repeat in 2020.”

This bill has passed the House Administration Committee by a 6-3 party-line vote without any cosponsors.

Of Note: Federal law enforcement and intelligence agencies have concluded that Russian state-sponsored hackers interfered in the 2016 U.S. presidential election by attacking Democratic Party computer systems and various elements of the U.S. election infrastructure, including state elections officials and voting technology vendors. On September 22, 2017, it was reported that the Dept. of Homeland Security (DHS) had notified 21 states that they were targeted by hackers during the 2016 election. Those states were: Alabama, Alaska, Colorado, Connecticut, Delaware, Florida, Illinois, Maryland, Minnesota, Ohio, Oklahoma, Oregon, North Dakota, Pennsylvania, Virginia, Washington, Arizona, California, Iowa, Texas, and Wisconsin. The last four states denied that their election systems were hacked.

During the 2016 presidential campaign, Russia interfered with the election in numerous ways, including: hacking into the Democratic National Committee (DNC), phishing Clinton campaign chairman John Podesta’s email to obtain Clinton campaign emails, attacking the DNC’s computer network, publishing cell phone numbers and personal email addresses for Nancy Pelosi and other DNC members, publishing tens of thousands of Clinton campaign and DNC emails, and influencing voters via social media.

In his report, Special Counsel Robert Mueller concluded that the Russian government attempted to use state-sponsored hackers and other operatives in a “sweeping and systematic fashion” in its attempt to influence the election in favor of then-candidate Donald Trump. His report “spelled out” a “sophisticated, Kremlin-led operation to sow division in the U.S. and upend the [2016] election by using cyberattacks and social media as weapons” and confirmed the U.S. intelligence community’s conclusion that there’d been a “significant escalation by the Russians to interfere in U.S. domestic politics” ahead of the 2016 election.

For its part, the Russian government has denied meddling in the 2016 race. After the Mueller report’s release, Kremlin spokesman Dmitry Peskov stressed Moscow’s rejection of its accusations and said there was “no evidence substantiated by any facts” of Russian interference in the election. Peskov added that Russia’s “principled position” on election interference is “well known: our country has not interfered in the domestic affairs of other countries, including the United States."

In May 2019, Florida Governor Ron DeSantis (R) said in a news conference that Russian hackers had breached the voting systems in two counties in 2016. However, Gov. DeSantis said, no data was tampered with and no vote tallies were affected. Gov. DeSantis found this information out after meeting with the FBI due to a sentence in the Mueller report, which said, “We understand the FBI believes that this operation enabled [Russian military intelligence] to gain access to the network of at least one Florida county government" during the 2016 election.

Several members of the Trump administration have warned that the 2020 race is also at risk of being attacked by foreign actors. FBI Director Christopher Wray and Director of National Intelligence Dan Coats have both indicated Moscow is expected to attempt to interfere again in 2020.

Media:

• The Hill
  
• The Washington Times
  
• CNN (Context)
  
• The Hill (Context)
  
• Countable - Mueller Report (Context)
  
• Center for American Progress (CAP) (Context)
  
• MarketWatch (Context)