Requests for Access to Election Data and Equipment Require Balancing Risks and Public Access

Election officials are increasingly encountering requests for access to sensitive voter data and election equipment. These requests come from a range of sources, including private actors, legislative committees, and law enforcement at all levels of government. They are often framed as efforts to improve election security, identify irregularities, or evaluate compliance with voting laws. Responding to these requests can create significant legal and operational challenges: Improper disclosure risks violating state and federal laws protecting voter privacy and election integrity, while overly restrictive responses may trigger accusations of noncompliance and lack of transparency. Inappropriate handling of these requests can also undermine public trust in election processes. As these inquiries become more frequent and overlapping, election officials face growing pressure to balance timely responses, strict adherence to legal obligations, data security, and public confidence.

The responsibility for maintaining security of election equipment and records has lain primarily with state and local election officials. Typically, state and local law enforcement work with and follow the lead of state and local election officials in any investigations that might require access to equipment and records, and federal investigations into violations of election law are rare, particularly given longstanding rules intended to avoid the appearance of election interference by the federal government. There is no new federal legal authority compelling access to non-public election records or equipment, and any federal, state, or legislative action remains constrained by the U.S Constitution and existing state and federal law.

Election officials may soon face new demands for access to various records and systems, including

• voter registration files, such as names, addresses, dates of birth, party affiliation, and voting history
• documentation of voter list maintenance practices, including logs of additions, removals, and data-matching procedures
• state-held records used to verify eligibility, such as DMV or naturalization data; and
• access to voting machines, ballot scanners, election management systems, or chain-of-custody documentation .

This explainer is intended to help officials and the attorneys they rely on prepare for these kinds of requests, regardless of who is making them, and respond in ways that are legally sound, operationally feasible, and protective of voter privacy and election security.

State and local officials are the custodians of election records and equipment. They operate within a complex legal framework that includes state statutes, federal law, and constitutional boundaries. Responding to requests for access requires careful attention to those rules and to the roles different levels of government play in election administration.

Under the U.S. Constitution, both states and Congress have responsibility for administering elections. While Congress may set rules for federal elections, in practice states manage voter registration, voting systems, and the broader infrastructure of election administration. No federal agency has blanket authority to intervene in or access election systems without legal process or specific statutory authorization. All requests — from any requestor — must respect the constitutional and statutory framework that preserves state and local control.

At the federal level:

• The National Voter Registration Act requires states to maintain accurate and current voter registration lists and to make certain list maintenance records available for public inspection. It does not authorize broad access to full voter databases, and it does not require the release of particularly sensitive information about individuals. Nor does it override state redaction requirements such as rules requiring the redaction of birthdates and social security numbers.
• The Help America Vote Act establishes standards for voting systems and statewide voter registration lists. It does not authorize federal agencies to directly access state systems. Enforcement of the act is generally tied to funding compliance, not to data access or inspections.
• The Department of Justice may access election records during civil rights investigations. When it does so, it typically relies on court-issued subpoenas or impoundment orders. These actions are tied to specific allegations of legal violations and must follow judicial procedures. The DOJ has longstanding policies reminding staff to avoid enforcement activity that could be perceived as interfering with the political process, particularly during sensitive periods close to elections.
• Federal law also imposes record retention obligations. Under 52 U.S.C. Section 20701, election officials must preserve all election records for at least 22 months following a federal election, and election officials or other designees under state law must supervise custody of these materials. This includes ballots, voter registration documents, and electronic records. While the attorney general and their representatives may inspect, reproduce, or copy these records upon written demand stating the basis and purpose, they do not have the right to exclusive custody or control of these materials, under 52 USC Section 20703. Any request for access that would compromise the integrity or custody of these materials should be evaluated carefully. A request that exceeds the authority granted under that section, depending on the information requested, may be prohibited under state or federal law.
• The Privacy Act of 1974 governs how federal agencies collect, store, and share personally identifiable information. While it does not apply to state election officials, it may constrain how federal agencies use sensitive voter data obtained from states, particularly if it includes Social Security numbers or citizenship information. Under the Privacy Act, federal agencies that collect information directly from individuals must, whenever possible, provide public notice before collecting personal information, and implement safeguards for information related to First Amendment protected activities. If state officials were seen as facilitating federal violations of the Privacy Act, it could significantly damage public trust and confidence in election administration. A recent example underscores these concerns: In June 2025, the USDA was sued for allegedly violating the Privacy Act, the Paperwork Reduction Act, and the Administrative Procedure Act by requesting sensitive Supplemental Nutrition Assistance Program recipient data from states and third party vendors without proper safeguards or notice. The plaintiffs’ complaint described the sensitive nature of the data that states collect and keep as part of the program and identified more than one state that had turned over that data.

At the state level, access to voter data and equipment is governed by a patchwork of statutes and privacy rules. While public inspection is often permitted for some portions of the voter file, sensitive fields are consistently protected. Many states also provide additional protection for certain voters, such as survivors of domestic violence, law enforcement personnel, judges, and public officials. Access to voting equipment is even more tightly restricted. A few illustrative examples:

• Arizona: Certain voter registration fields, such as full or partial Social Security numbers, driver’s license numbers, and signatures, are designated as confidential and may not be publicly disclosed. Public copies of the voter list must redact this information.
• California: Voter registration data is available for political, scholarly, and journalistic use, but commercial use is prohibited by law. Requesters must submit a signed application affirming the data will be securely stored, used only for authorized purposes, and not redistributed without approval from the Secretary of State.
• Pennsylvania: The state’s election code permits public access to voter registration lists, but voted ballots and voting equipment are not public records. Access to those materials typically requires a court order. In 2021, the Pennsylvania Department of State issued guidance clarifying that third-party access to machines can void the voting machine’s state certification, relying on its authority under 25 P.S. Section 201.13 and related administrative rules.
• Texas: Voter registration data is publicly accessible, but certain fields, including Social Security numbers and protected addresses, are withheld. The attorney general or other law enforcement authorities may seek a court order to impound election records under provisions of the state election code.
• Wisconsin: Voter registration data is publicly accessible, but confidential information, including full dates of birth, is restricted. Requesters must also pay a tiered fee, which can become significant for large-scale data requests.

Legislative Subpoenas: Special Considerations

Election officials may also receive subpoenas from legislative bodies, such as state legislatures or congressional committees, which differ from judicial subpoenas. These are issued as part of oversight inquiries into compliance with election laws or procedures and typically compel testimony or document production.

Legislative subpoenas often have broad scopes, raising concerns about privacy, security, or political motivation. These subpoenas may be accompanied by aggressive public communications efforts from individual legislative offices or committees. Legislative bodies may need to seek a court order to compel enforcement.

Officials receiving legislative subpoenas should immediately consult counsel. They should also consider consulting with a public communications expert, which may be necessary to share information about the situation while maintaining trust in the officials’ work. Attorneys may seek to negotiate the subpoena’s scope, timing, or confidentiality protections, and if necessary, file motions to quash overly broad or intrusive requests.

Not every request for election data or equipment arrives with clear legal authority or a well-defined purpose. Some may fall into legal gray areas or come without sufficient documentation or safeguards. Others may appear routine but carry implications for privacy, security, or public trust, as well as public finances if failure to maintain the security of equipment leads to its decommissioning. Before responding, officials and their counsel should assess the legal basis, evaluate potential risks, and consider operational, reputational, and financial impacts.

One of the most immediate concerns is legal risk. As described above, both federal and state law place clear boundaries on access to voter data and election systems. Requests that exceed those boundaries could result in the unauthorized disclosure of protected information or violations of election security procedures. If the legal authority for a request is unclear or untested, moving forward without proper review may expose officials to liability, litigation, or compliance issues under statutes like the National Voter Registration Act, Help America Vote Act, or state election codes.

There are also significant privacy and security implications. Voter registration files often include sensitive personal data, and election systems are protected by strict access and chain-of-custody controls. Granting access to outside entities without proper safeguards increases the risk of accidental public disclosure or misuse by individuals unfamiliar with legal and technical constraints. These lapses can undermine cybersecurity, disrupt procedures, or weaken the structural integrity of election infrastructure. Even the perception that records or systems are being misused can erode public confidence, and security lapses can lead to a need to replace expensive equipment, as previously seen in Maricopa County, Arizona and Fulton County, Pennsylvania.

Fulfilling requests may also impose an operational burden. Preparing large datasets for release, coordinating access to secure equipment, or responding to complex documentation demands can require time and staff capacity that local offices simply do not have. These pressures are especially difficult to manage during the lead up to an election or during post-election reconciliation and certification periods.

How officials respond also affects public trust. Voters expect their personal information to be protected and their elections to be administered in a neutral and professional manner. Providing access to outside actors without a defined legal role in election administration may cause confusion or raise concerns about partisanship or misuse. Even well-intentioned decisions can have lasting consequences for public perception.

Finally, responding to a single unclear or overbroad request can make it harder to say no in the future. Once access is granted without legal clarity or protective conditions, it can be interpreted as routine or precedent-setting, even when it was not.

For all these reasons, election officials should document each request thoroughly, seek legal guidance, and proceed with a clear understanding of applicable laws and risks.

In a climate of heightened scrutiny and unpredictable requests, preparation remains one of the most effective tools available to election officials. Taking steps in advance can reduce confusion and ensure future requests are handled with consistency and clarity.

A practical starting point is reviewing internal protocols for managing access to voter data and election equipment. Many states already define which portions of the voter file are public and which are restricted. Some require requesters to certify that the data will be stored securely, not shared with unauthorized parties, and used only for permitted purposes. Applying these rules consistently helps prevent confusion, reinforces compliance with state law, and ensures that election officials do not inadvertently facilitate violations of federal privacy protections.

Physical access should also be clearly structured. Public areas, restricted zones, and designated observation points should be clearly marked, with procedures in place for managing in-person requests. Measures such as signage in public areas indicating employee-only spaces or appointment policies can help maintain order and protect secure environments.

Officials should also be mindful of federal and state record retention requirements. As noted earlier, election-related materials must be preserved for a set period following a federal election, and requests that involve handling or copying these records should be reviewed in that context. Even when federal officials are permitted to inspect or reproduce these materials, they are not entitled to exclusive custody, and control remains with the state or local custodian of records.

Legal counsel should be brought in early. Attorneys can help assess the legal authority behind a request, advise on limits or redactions, and determine whether court intervention is warranted. In some cases, officials may seek to quash a subpoena on grounds such as overbreadth, improper purpose, or risk to sensitive information. Election officials who receive a grand jury subpoena may petition the court overseeing the proceeding to quash it or to request specific procedures for protecting sensitive records.

Courts have imposed protective conditions in prior cases involving election materials. In United States v. Ponder, the DOJ obtained a court order requiring local officials to hand over ballots and election records during a federal investigation. The court directed U.S. Marshals to collect the materials, store them securely, and allow access only to federal agents, stressing that the seizure was for preservation purposes and not to benefit any party. In In re Wallace, a court ordered limited access to voter registration documents previously held under state court supervision, requiring federal officials to review the materials on-site at the courthouse and only during specified hours. These examples show that courts can impose tailored safeguards to protect election records while still allowing for narrow lawful access. It is important to note that these cases occurred before Congress clarified that federal officials do not have the right to exclusive custody of election records, only to inspect or copy them on-site.

Public communication is also an important part of the response. Requests for access to sensitive data or systems can raise public concern about fairness, transparency, or political influence. Providing clear, timely explanations about legal obligations, procedures, and how election materials are being safeguarded can help build trust and reduce the spread of misinformation.

The current legal and political environment is shifting, and new demands for access may surface with little notice. Election officials should be prepared to respond to these requests in a manner that ensures transparency to the public and protects sensitive voter information, staff, and election operational integrity. Striking the proper balance between these important, but occasionally conflicting, interests is an essential ingredient to building public trust and ensuring safe and secure elections.