Over the past year, many state and local election jurisdictions have taken crucial steps to improve election security, such as replacing paperless voting equipment with paper ballots and disconnecting ballot scanners from networked election night reporting systems. They have also taken steps to enable a recovery from potential cyberattacks or technical failures, such as requiring polling places to keep emergency paper ballots on hand in case of equipment breakdowns.
Now, election officials face the additional challenge of ensuring secure and safe elections in the midst of a pandemic. Since officials cannot know at this moment whether all of their voters will feel safe voting in person in November, they must prepare for the possibility that a significant portion will opt to vote by mail. At the same time, they must maintain in-person voting options, which are necessary for many, including some voters with disabilities and those with poor mail service.
Deploying or scaling up new voting options can increase the risk of technical malfunctions, but officials have no choice in the current environment but to meet the challenge. Voters are already placing increased demands on online registration systems and mail ballot options. At the same time, the risk of cyberattacks from foreign state and nonstate actors alike remains. Many government personnel must work and access election infrastructure remotely now; so too must vendor personnel. These changes to work environments, if not properly managed, could create new targets for those interested in disrupting American elections through cyberattacks.
Effective digital resiliency plans can ensure that operations continue and eligible citizens are able to exercise their right to vote even in the face of cyberattacks or technical malfunctions. This document seeks to assist officials as they revise their cyber resiliency plans in light of Covid19. We highlight areas that warrant heightened attention, such as the resiliency of websites and online registration tools. While we recognize that the pandemic raises a variety of new requirements for election administration, we focus here on resiliency against cyberattacks and technical failures. In addition to assisting election officials with their plans, this document and the accompanying checklist can help advocates and policymakers working to ensure that election offices are prepared to handle these uncertainties.
Making the changes necessary to run credible and secure elections this November will cost money, and we urge Congress to provide states with the resources they need to ensure that local election officials can run safe and secure elections this fall.
The Brennan Center gratefully acknowledges Carter Burden III and Susan Burden, Carnegie Corporation of New York, Change Happens Foundation, Lee Halprin and Abby Rockefeller, The Heller Foundation, the JPB Foundation, Leon Levy Foundation, Craig Newmark Philanthropies, Open Society Foundations, Public Wise, Quadrivium, Wallace Global Fund, Leslie Williams and James Attwood, and Zegar Family Foundation for their support of our election security work.