[Screenshot image via congress.gov]

Two U.S. Senators are pushing forward on their effort to have Congress follow up on its omnibus election funding with a broader bill – S. 2261, the “Secure Elections Act” – to support state election security efforts. The Hill has more:

Senators are working to again revise legislation designed to help guard digital voting infrastructure from cyberattacks after meeting with state officials.

Sen. James Lankford (R-Okla.) told The Hill that he expects to work out the final details of the bill within “weeks,” after state election officials expressed some remaining concerns with the current version.

Lankford and a slate of bipartisan co-sponsors originally introduced the legislation, called the Secure Elections Act, last December, months after the Department of Homeland Security acknowledged that Russian hackers tried to break into voting systems in 21 states as part of a broader effort to interfere in the 2016 presidential election.

While officials maintain there is no evidence any votes were changed, the revelations have spurred broad concerns about foreign interference in future elections — including cyberattacks that could alter vote totals or undermine confidence in the final result.

Officials and experts have stepped up demands for states to replace paperless voting machines with those that produce a paper backup that can be audited. President Trump and Kirstjen Nielsen, his Homeland Security secretary, have both endorsed the idea.

Congress has already sent $380 million to states to upgrade voting equipment and address security concerns.

The proposal — spearheaded by Sens. Lankford, Amy Klobuchar (D-Minn.) and others — would go further. It would codify into law many of the actions already underway at the Department of Homeland Security, seeking to expedite security clearances to state officials and bolster information sharing between the federal government and the states on cybersecurity threats and breaches.

It would also set up a grant program for states to take steps to secure their voting infrastructures, guided by a federal advisory panel that would develop guidelines and recommendations for states to follow on election cybersecurity.

“The biggest consideration is, 10 years from now, we don’t want people to lose focus and to take their eye off the ball,” Lankford told The Hill on Thursday.

The key sticking point remains some states’ concerns about an expanded federal role in election administration – concerns Senators are trying to address:

State officials have been wary of efforts to address election security at the federal level, given that states — not the federal government — have historically been responsible for administering elections.

Without broad support from state election officials, it will likely prove difficult to pass the legislation.

For that reason, Senators have brought the states to the table to hammer out the legislation. On Monday, Klobuchar and Lankford met with secretaries of state from Indiana, Louisiana, Minnesota and Missouri to discuss the proposal. 

By all accounts, the meeting went smoothly. Lankford described it as “very productive,” adding that the biggest concern was whether the advisory panel created by the bill would be redundant, given other groups already in place at the federal level to advise states.

“There was nothing that was insurmountable,” Lankford said Thursday. “I think we’re getting very, very close.”

Minnesota Secretary of State Steve Simon (D) told The Hill he was encouraged that the lawmakers were open to changing the legislation based on states’ input, describing himself as “supportive of the overall approach.”

“There is a federal interest in making sure there is some type of baseline action by the states,” Simon said.

He also said engagement from Capitol Hill, as well as from Homeland Security, was helping to “persuade secretaries who had concerns about federal overreach that really this is more about federal partnership.”

States initially resisted Homeland Security’s decision to open up election systems to voluntary federal protections at the start of 2017. But several states and localities have since requested help from the department, including remote cyber hygiene scans and more rigorous on-site vulnerability assessments.

There is still a way to go, however, given that some states not only aren’t bought into a solution – or even the existence of a problem:

Still, the secretaries are not signing on to support the legislation — at least not yet. “I’m not ready to support the legislation in its current form,” said Missouri Secretary of State Jay Ashcroft (R). “I probably disagree a little bit with some of the senators on how important the bill is,” he said, adding that he believes the extent of Russia’s efforts have been “exaggerated” by federal officials. 

Ashcroft said that the revised version should do more to increase the flow of information from the federal side to the states, which was a source of concern ahead of the 2016 vote.

In a statement, Louisiana Secretary of State Tom Schedler (R) said he was “encouraged by the dialogue” at the Monday meeting.

He added, “I believe strongly that states, not the federal government, can most effectively secure our elections as we move forward and I’m confident that progress is being made to accomplish our mutual goals.”

A spokesman for Indiana Secretary of State Connie Lawson (R) said she “was pleased to be able to share Indiana’s perspective on election security,” but deferred to the senators on the specifics of the bill.

Lankford says he and other senators have gone through “five or six, maybe seven” revisions of the legislation, soliciting feedback from state officials and other stakeholders in order to improve it. The latest iteration, unveiled in late March, picked up support from Sens. Richard Burr (R-N.C.) and Mark Warner (D-Va.), who together lead the Intelligence Committee investigating Russian interference.

He expects to have a newly revised version within weeks.

There is a consensus that the window to change election administration specifics for this cycle has likely passed – though the urgency to focus on it long term remains:

While the senators hope to pass the legislation before the 2018 midterms, Lankford acknowledged that it would be too late for the legislation to help officials replace voting hardware. The first primary took place last month, and the general election is less than seven months away.

“The biggest issue that is really out there is hardware,” Lankford said. “There’s no way they’re going to get hardware in place by this election. They’re not going to change equipment between the primary and the general.”

Currently, five states rely solely on paperless voting machines, or direct-recording electronic machines, and several others have mixed voting infrastructure that includes them.

But Simon believes that hackers pose a greater threat to centralized voter databases, rather than actual vote tallying machines, which are not connected to the internet and typically surrounded by a great deal of security.

His state, Minnesota, was among the 21 states targeted by Russian hackers. The cyber sleuths probed the state voter registration database for vulnerabilities, but never tried to break in.

“In Minnesota, people are paying much more attention to this issue than they ever did,” Simon said. “I think there’s a fundamental level of confidence [in the security], but a healthy desire to focus on this issue.”

I’ll confess to being somewhat skeptical that this bill gets to the finish line during this Congress, given the need to push it through both houses in what is increasingly looking like a fiercely-fought battle for control of both houses, but it’s nonetheless encouraging to see that state officials and key Senators recognize that the recent omnibus funding is merely a start and not a solution for the cybersecurity challenges facing states. Stay tuned …