April 23, 2018

 


Dear State Election Officer:


On March 23rd, Congress allocated $380 million to states to upgrade election security. This is a
positive development. In the age of unprecedented hacking risks, researchers have found that
electronic voting infrastructure — including voting machines and registration databases — have
serious vulnerabilities. While there’s no evidence that vote totals were hacked in 2016, there’s
strong evidence that hackers have been testing the waters.


While federal funding can help states address these issues, simply upgrading or replacing
election infrastructure is not sufficient. It is essential that states work with the Department of
Homeland Security or other trusted providers to scan their systems for cyber vulnerabilities, and
follow best practices identified by computer scientists, national security leaders, and bipartisan
experts in elections administration to mitigate hacking risks. On March 20, the Senate Select
Committee on Intelligence released its long-awaited recommendations on election security and
concluded that requiring paper ballots, banning wireless components and implementing
statistically sound audits of election results are essential safeguards. Last year, a group of 100
leading computer scientists and other election administration experts voiced the same conclusion.
Through years of researching voting equipment security in real election administration
environments, the National Institute of Standards and Technology (NIST) has come to similar
conclusions about what it will take to defend elections.


As you begin to make use of the new federal funding, we strongly urge you to follow best
practices identified by these and other leading experts for election security:


(1) Replace paperless voting machines with systems that count a paper ballot — a
physical record of the vote that is out of reach from cyberattacks.


(2) Conduct robust post-election audits in federal elections. Congress explicitly requested
that states “implement a post-election audit system that provides a high-level of
confidence in the accuracy of the final vote tally” as part of its report language
accompanying the Omnibus. Well-designed audits involve election officials checking
only a small random sample of the voters’ choices on paper ballots so that they can
quickly and affordably provide high assurance that the election outcome was accurate.


(3) Upgrade systems to ensure that states’ election websites, statewide registration
systems, and election night reporting systems are defended against threats of intrusion
and manipulation.


(4) Prohibit wireless connectivity in voting machines to limit vulnerabilities to hacking
risks.


(5) Train and educate election officials at all levels on how they need to incorporate
security into their elections practices.


We, the undersigned, believe that these represent sensible and cost-effective solutions to the
rising challenges of election security. We urge you to take steps to safeguard elections using
these proven best practices.


Sincerely,


Adam Brandon
President, FreedomWorks


Duncan Buell
NCR Professor of Computer Science and
Engineering, University of South Carolina


Michael Chertoff
Former Secretary of Homeland Security


Kristen Clarke
President, Lawyers’ Committee for Civil
Rights Under Law


Edgardo Cortes
Former Commissioner of Elections, Virginia


David L. Dill
Donald E. Knuth Professor, Emeritus, in the
School of Engineering, Stanford University


Jamie Fly
Senior Fellow, German Marshall Fund


Karen Hobert Flynn
President, Common Cause


Trey Grayson
Former Secretary of State, Kentucky


Alex Halderman
Professor of Computer Science,
University of Michigan


Joseph Lorenzo Hall
Chief Technologist, Center for Democracy
and Technology


General Michael Hayden (Ret.)
Former Director of the National Security
Agency and Director of Central Intelligence


David Jefferson (Ret.)
Lawrence Livermore National Laboratory


Douglas W. Jones
Department of Computer Science,
University of Iowa


Rick Ledgett
Former Deputy Director of the National
Security Agency


Ambassador Douglas Lute (Ret.)
Former US Ambassador to NATO
Lieutenant General, US Army


Michael Morell
Former Acting Director and Deputy Director
of the Central Intelligence Agency


Lawrence Norden
Deputy Director, Democracy Program,
Brennan Center for Justice at NYU School
of Law


Grover Norquist
President, Americans for Tax Reform


Michael O’Hanlon
Senior Fellow, Brookings Institution


Tammy Patrick
Senior Advisor at Democracy Fund;
Former Member of the Presidential
Commission on Election Administration


Ben Ptashnik
National Election Defense Coalition


Sam Reed*
Former Secretary of State, Washington


Mark Ritchie
Former Secretary of State, Minnesota


Ronald L. Rivest
MIT Institute Professor


Mike Rogers
Former Member of Congress (R-MI);
Chair of the House Intelligence Committee


Laura Rosenberger
Director, Alliance for Securing Democracy


Paul Rosenzweig
Senior Fellow, R Street Institute;
Former Deputy Assistant Secretary of
Homeland Security for Policy


Kori Schake
Former Director for Defense Strategy at the
National Security Council


Marian Schneider
President, Verified Voting Foundation;
Former Deputy Secretary of Elections and
Administration, Pennsylvania Department of
State


Bruce Schneier
Fellow and Lecturer, Harvard Kennedy
School and Berkman-Klein Center for
Internet and Society


James Scott
Co-Founder and Senior Fellow, Institute for
Critical Infrastructure Technology


Lt. Col. Tony Shaffer (Ret.)
Vice President, London Center for Policy
Research


Barbara Simons
IBM Research (Ret.); Board Chair, Verified
Voting Foundation


Rev. DeForest Soaries
Former Chair, Election Assistance
Commission


Admiral James Stavridis (Ret.)
Former NATO supreme Allied Commander


Neera Tanden
President and CEO, Center for American
Progress


Natalie Tennant
Former Secretary of State, West Virginia


Poorvi L. Vora
Professor of Computer Science, The George
Washington University


Dan S. Wallach
Professor of Computer Science, Rice
University


Rob Weissman
President, Public Citizen


Nicole Wong
Former Deputy US Chief Technology
Officer


*Signed after April 23rd
**Affiliations listed for Identification Purposes Only