About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (November 12, 2019)

handle is hein.crs/govbbrv0001 and id is 1 raw text is: - M t .......... November 12, 2019 Election Security: States' Spending of FY2018 HAVA Payments State and local systems have been targeted as part of efforts to interfere with U.S. elections, according to the U.S. Intelligence Community. Congress has responded to such threats, in part, with funding. The Consolidated Appropriations Act, 2018 (P.L. 115-141) included $380 million for payments to the 50 states, the District of Columbia, American Samoa, Guam, Puerto Rico, and the U.S. Virgin Islands (referred to herein as states) under the Help America Vote Act of 2002 (HAVA; 52 U.S.C. §§20901-21145). This In Focus provides an overview of states' spending of the FY2018 HAVA payments. It starts by summarizing how states have proposed and reported using the funds and then introduces some issues related to the timing of state spending and reporting. Information about states' spending of the FY2018 HAVA funds may be relevant both to Members who are interested in oversight of the FY2018 payments and to Members who are considering further funding for similar purposes. It might help inform decisions about whether to provide such funding, for example, and, if so, whether to specify conditions for its use. Proposed Spending The FY2018 payments were appropriated under provisions of HAVA that authorize funding for general improvements to the administration of federal elections (52 U.S.C. §§20901, 20903-20904). The explanatory statement accompanying the FY2018 appropriations bill highlighted five specific election security-related uses of the funds. States were asked to submit plans for the FY2018 HAVA funding to the agency charged with administering the payments, the U.S. Election Assistance Commission (EAC). The following subsections provide examples- drawn from the states' plans-of proposed spending on (1) the specific election security measures highlighted by the explanatory statement for the FY2018 spending bill, (2) other election security measures, and (3) non-security- specific activities. Congressional clients may contact CRS for state-specific information about spending proposals. Some of the election security measures highlighted by the FY2018 explanatory statement focus on risks to vote capture and counting processes. Electronic devices, which are used by many jurisdictions to capture votes and most jurisdictions to count them, are potentially susceptible to hacking and errors. Mistakes may also be made when hand- counting ballots. One proposed way to help check-and reassure voters- that votes have been captured and counted accurately is to ensure that there are voter-verifiable paper records of the votes cast and to audit the paper records. That proposal, versions of which have appeared in bills such as S. 2593 in the 115th Congress and H.R. 2722 in the 116th Congress, is reflected in the first two measures on the explanatory statement list: replacing paperless voting systems and implementing post-election audits. Vote capture and counting processes are part of larger election systems that also include components such as voter registration databases and election office email accounts. Foreign actors reportedly exploited human and technological vulnerabilities in some of the other parts of those systems in the 2016 election cycle. According to a July 2019 report from the Senate Select Committee on Intelligence (SSCI), for example, Russian actors used spear phishing attacks to access county systems in one state and a technique known as SQL injection to extract data from the state voter registration database in another. The remaining three specific election security measures on the explanatory statement list-updating election-related computer systems to address cyber vulnerabilities, providing election officials with cybersecurity training, and instituting election cybersecurity best practices-focus on risks to election systems presented by human and technological vulnerabilities. Training election officials to recognize and report spear phishing may help reduce the likelihood that they will click on malicious links or attachments, for example, and validating user inputs to online voter registration websites may help thwart some SQL injection attempts. Much of the planned spending of FY2018 HAVA funds is on the highlighted measures from the explanatory statement list. Proposed spending includes transitioning to voting systems that produce a voter-verifiable paper audit trail (VVPAT) and advancing or enhancing the implementation of post-election audits. Some states reported planning to use funds to research best practices for post-election audits, for example, or to conduct audits or audit pilot programs. States have also proposed spending on updating their election systems to address cyber vulnerabilities, providing election officials with cybersecurity training, and implementing election cybersecurity best practices. Many of the states' plans include training-related spending, such as hiring an election security trainer, tailoring trainings to counties' security needs, or running tabletop exercises that simulate real-world security incidents. Other planned uses of funds include conducting penetration tests of the state election management system, performing forensic audits of gm 10B ILI

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most