How Secure Are America’s Voting Systems?

August 30, 2016

New reports show the FBI determined foreign hackers gained access to voter information in Illinois and Arizona. The news comes after Russia’s reported hack of DNC computers last month.

Today, the Brennan Center for Justice at NYU School of Law released a new fact sheet explaining what the risks to America’s voting system security really are — and what states, localities, and voters can do to prevent successful attacks against the integrity of our elections.

“Between the FBI report and Russia’s reported hack of the DNC emails last month, it’s clear we must take seriously the possibility that foreign groups and other bad actors may want to intrude on American elections,” said Lawrence Norden, deputy director of the Brennan Center’s Democracy Program. “But there is good news. Officials have made important advances over the last few years to secure voting technology, which makes it highly unlikely a cyberattack could have a widespread impact on the results of a national election. Between now and November, there are several steps officials can take to ensure America’s elections are properly protected.”

In the 2016 presidential election, 42 states will use voting machines that are more than a decade old. In 14 states, at least some polling places will use machines with no voter verified paper trail as their primary equipment for casting ballots.

The fact sheet details the improvements that have already been made in some jurisdictions to protect the integrity of our elections, including replacing paperless voting machines with systems that scan paper ballots filled out by voters, or produce some other kind of paper trail.

Despite these advances, additional steps can be taken to increase reliability, security, and safety of personal information. 

Protecting the Integrity of Voter Registration Databases

  • As long as states and local jurisdictions keep backups, including paper copies, of their registration lists, no manipulation of state computer registration databases should prevent legitimate voters from casting a ballot, or having their votes counted.
  • Voter registration databases should be programmed to run frequent, automated scans of registration activity to monitor for and alert election officials to potential fraudulent or abnormal activity.
  • Databases should not contain any personal information other than what’s required to register.

Solutions for Voting Machine Security

  • Election officials should ensure the physical security of voting equipment and paper records at all stages of the process.
  • Officials should conduct pre-election testing on every voting machine and have emergency paper ballots on hand where electronic equipment is used.
  • Post-election audits should be conducted to identify any anomalies between paper records and electronic results.
  • Federal and state government should fund new secure systems.
  • A post-election audit should be required by law in all 50 states.

For more information or to connect with a Brennan Center expert, contact Rebecca Autrey at rebecca.autrey@nyu.edu or 646-292-8316.