tv Election Assistance Commissioners on Election Security CSPAN July 17, 2018 8:04am-9:59am EDT
captioning performed by vitac >> i'm delighted that we're working on this today and that senator lankford is here -- was here talking about his bill. mr. hicks, this is complicated stuff, decentralized system, all kinds of voting systems and machines and all of that. is it safe to say, though, that the simplest rule should be there should always be a paper backup? >> senator, thank you for that question. it depends on the state. we cannot basically regulate to -- >> i'm not suggesting regulation, i'm suggesting
suggestion -- i mean, it seems to me this is a basic thing, we are not saying that they have to do it, but if you don't have a paper backup it's very hard to determine whether you've got an accurate count. >> paper is interesting because everyone can't use paper. so if you have a disability, you come back from iraq with no hands, it's hard to do that paper piece of it. so i would say that if we can do security with paper, to make sure that it's accessible to those who have disabilities, then i would say that that's 100% right that we should have a paper backup. >> i want to direct a question to mr. romine and mr. masterson. i serve on the intelligence committee and we spend a lot of time with cyber security issues in the intelligence community. one of the most powerful tools we have is the red team and bug bounties. it seems to me -- one of my
concerns is that the states are at varying levels of security and i don't want to say they're overconfident, but they have a level of confidence that may not be justified and my old admonition from president reagan was trust, but verify. how about a provision that either nist or homeland security could red team, which means try to penetrate these systems. it would be nothing like a secretary of state's computer send a signal up that says greetings from washington to get their attention in terms of what they need to do. is that something that you have thought about because it's used in the intelligence community to great effect. everybody can feel like they're really protected until somebody shows them they're not. that's what i'm suggesting. >> speaking just from the nist perspective, however interesting an idea that is it would be
outside the purview of a nist function. we are not really in the operational mode. i think we are experts at the development of guidelines and standards and providing tools to people, but with regard to red teaming, that's not something that would be appropriate for nist to do i don't think. >> senator, thanks for the question. as you are aware dhs offers a variety of free services to state and local officials including on-site assessments like risk and vulnerability assessments which are in-depth penetration tests of the systems and so states are -- and localities are able to use these services as they see fit. in addition we offer -- >> what bothers me is in your statement is the word "offered." the ones who aren't asking for it may be the ones who need it. >> senator, i understand your point. i would also add that our offering aren't the only offerings that states are taking
advantage of. we have seen as we have met with state and local officials that state services, use of the national guard as well as private sector partners are being used in these same ways with the services that we offer. so my experience is that the states are taking this seriously, engaging and certainly testing like penetration testing, red team testing is a value and many states are doing that in some way within their jurisdiction. >> do you have an overall assessment of how secure the american voting system is going into 2018, which is now four months away? >> i have confidence that the process is resilient in that election officials working with us, state resources and localities have the ability to protect based on the research that they have but also the ability to detect and recover which is what we talk about frequently. >> we're talking pretty much about voting machines and that
kind of thing, but i see a real vulnerability in voting lists, lists that are maintained mostly at the state level. it wouldn't take much to disrupt an election to take out everybody's name smith or something that would then -- you wouldn't -- people would show up at the polls and couldn't vote. are the registration lists secure? >> the states have taken numerous steps depending on the state to improve the security and, again, it comes back not just to protection, right, because as you know well these are sophisticated actors, but the plans that are in place to respond and recover. >> that was in my notes, sophisticated actors. >> so that ability to respond and recover and, you know, in federal law with your example of registration lists, that ability to have that provisional ballot for all voters that believe they should be on the list and they aren't, that's an important piece of resilience in the elections process that everyone can receive a ballot regardless of, you know, if they show up
and are told they are not on the list. >> i'm over my time, but provisional ballot provision, are those provisions in every state? >> that's federal law, why he is. >> so that's mandated. >> uh-huh. >> before we go to senator udall i would ask our next panel begin to think about how their five-minute opening statement could be more like three. we do have votes at noon. we will be able to work through part of that after 12:00 time, but we do want to get to you and the rest of us want to ask this panel questions. senator udall, it's your time. >> thank you, chairman blunt. what are your -- mr. masterson, i guess to you and hicks and christy mccormick, what are your agencies doing to further post-election audits in every state? >> so we worked with our government coordinating counsel who created funding considerations so considerations
for the use of the haba funds that congress appropriated, included in those is stressing the importance of post-election auditing and the need to conduct post-election audits. so we're continuing to work with the government coordinating council on those practices. >> ms. mccormick. >> we provided a lot of information to the states on how they could use the haba funds and post-election audits were included in ways they could use that money and we will provide guidance in that regard if the states choose to use their money in that way. >> same. >> same. >> yeah. are states working well with the election assistance commission and the department of homeland security to ensure ample communication and sharing of resources to ensure elections are secure, and what can be done to improve communication with the states? >> we are looking -- we are working a lot better than we did in 2016. with the formation of the
government coordinating council and working with dhs and the fbi, we are functioning a lot better at this point than we were two years ago during that election season. >> great. thank you. chairman blunt, recognizing we want to have another panel here and we have votes i'm going to yield back at this point so you can get going. >> thank you, senator. senator klobuchar. >> thank you very much, mr. chairman. mr. masterson, there have been statements indicating that foreign adversaries do not pose a serious threat to our elections, i'm sure you are aware of that. some people have been saying things, but you also know that all of our security leads in this country under both president obama and now president trump have stated that this firmly has happened and that it's a threat moving forward. i think it was senator coates, former senator coates who is the national intelligence director who has said that, in fact, they are getting bolder.
can you confirm that the threat against our election systems is real and the work that state and federal officials are doing to update and secure our elections is warranted? >> senator, thank you for your. as i said in my opening comments elections are a target, they are a real risk to the elections systems and whether or not there are specific threats targeting election infrastructure is irrelevant to the importance of the information that we share with state and local officials to continue to build the resilience and overall cyber security of the process. so our focus remains on helping states identify and mitigate those risks and that work is important. >> okay. commissioner hicks, several of the election officials at our last hearing complemented the eac's efforts to quickly distribute the $380 million for election security funding for march. according to your testimony in just over three months the eac
has received disbursement requests for 97% of the funds from 51 of the 55 states and territories. i've seen some reporting that indicated delays. can you explain these varying accounts very briefly? >> some of the delays have just been associated with legislation. so basically the chief election official having to go back to their legislatures to figure out how to request that money. >> you mean like in my state? >> i didn't want to say it. >> okay. not the fault of our election person. all right. very good. dr. romine, according to requirements in the help america's vote act of 2002 with the current configuration there should be four technical experts on the technical guidelines development committee. how many members of these technical experts are cyber security experts? >> i will have to get back to you on that. i don't know that off the top of my head. >> okay. well, as you may know senator
lankford and i our bill would expand the technical guidelines development committee's mission and membership to provide additional cyber security expertise. with this expansion do you think the new and improved committee would be better equipped to provide best practices and recommendations in election cyber security? >> i think additional expertise in cyber security would be welcome in almost every facet of anything we do. >> okay. and then finally, this is building on what senator cortez masto was requesting about, but the secure election confirms for states to confirm audits to confirm election results. do you believe performing a post-election audit is the best practice to increase confidence in the outcome of federal elections? >> yes. >> do you all agree? okay. very good. may the record reflect they all nodded their heads yes. all right. thank you.
>> thank you, senator. i will ask a couple of questions while senator warner is thinking about what we'd like -- how he would like to close these questions out. there will be a time to submit written questions and there will be written questions. so on the -- commissioner hicks, the $380 million that was allocated to the states through you, how much of that is now out the door? how much of that's on the way to states? >> 97% has been requested. we usually get it out within less than a week being allocated out. so i can get the exact number of the dollar amount during our written -- >> no, that's -- i thought it was mostly gone by now. $154 million was out within the first 30 days or so. >> it's more than 200. >> you're almost totally out now. the idea -- now, states have
to -- there are no required standards they have to meet to qualify for that money currently? >> there are requirements that they have to meet under haba. under the law. >> but things like having an auditable ballot trail would not be one of those requirements? >> correct. >> and you mentioned that in a nonpaper environment there were ways to audit the returns. i'm trying to come up with what one of those ways might be that with certainty would guarantee that what happened on election day was what happened. how would you audit those nonpaper systems? >> they are audited because there are really no nonpaper systems. it's more of a physical paper ballot that people are testifying to. each system has a paper record incorporated into its system which is encrypted and so forth. so that's where the auditability
becomes. >> so they would look at the paper record that was generated by the individual voting device? >> right. the issue becomes whether or not that's a voter verified paper record with the auditability. >> i understand. commissioner mccormick, you said that the canvas might be the audit. the canvas is really where local officials report to state officials what their final county return is, right? >> right. they check all the paper trails from the machines, all the paper receipts, and make sure that the machines match all the numbers. so in a way those are audited numbers before they're certified. election night reporting is not official. >> right. >> so it has to go through a process where they check all of the paper receipts and check all of the voting numbers against those receipts to make sure that they can certify it as official
results. so it is not -- it's not exactly an audit, but it is a form of an audit. >> and in the -- well, i think it's not exactly an audit, but i understand what you're saying. election night returns are always unofficial. >> correct. >> always need to be verified. and on that topic, let me go to one other -- i think in the maryland primary that was just completed, some of the registrations were not downloaded appropriately. i don't know how many provisional ballots were cast because of that. do either of you -- either of you know? >> i don't know the numbers. we could get that from maryland for you. >> i think we are in the process of getting that and one of the things i wonder about there, we have had a lot of concern about what happens if the election day record is not what you would want it to be, which is exactly what happened in maryland. i think my two questions on that would be how much does it show
down the election day voting process if you have to cast that provisional baltimore, maryland may be one of the examples of most of those ballots cast in recent times and another question that i would have and will -- i'm just letting you know my interest in this is how much that then slowed down the final results, but every state does have, as you have pointed out, a provisional ballot requirement if a voter shows up and -- to make the case that they should be allowed to vote in their name for whatever reason is not on -- that at least applies to all federal elections, is that right? >> yes, that's a requirement under hava. all states have to have provisional results. there have been a number of cases recently where i think los angeles was also a jurisdiction recently that had names left off of their voter registration lists and probably used provisional ballots as well. they do add some time to -- and
can create lines and i think that is one of the concerns with any possible attacks on voter registration systems as well because if there were we would have to rely on provisional ballots to ensure that those voters were registered and eligible to vote in an election. that could cause some delay, but a lot of the voter registrar's across the country have that process down quite well and do a lot of training with their election officials on how to do that. >> senator warner and then senator wicker. >> thank you, mr. chairman. i want to thank you and the ranking member for holding this hearing and the very good work that you've done on this subject matter. as you know, it's something that those of us who have -- share a common position on the intelligence committee have also brought a perspective to, and i appreciate all the panel being here. i really want to get two questions because i know we have a second panel coming up. one, i want to thank the leadership of the committee for
getting that $380 million into the budget to try to help assist election officials around the country. a two-part question. first part is it's hard for any enterprise, even large enterprises to evaluate, i think, the cyber security claims that firms make in terms of how -- what kind of protections they are going to put in place. does the eac give any guidance or kind of best practices as individual states or localities start to evaluate the effectiveness of some of the cyber security protection monitoring that is being offered out in the marketplace? >> we don't give that sort of specific advice, but we have worked with dhs to say that these are some of the things that are free that are available
to you, like output monitors and so forth. individual election officials have to be vigilant in terms of knowing that there are going to be pop ups out there who are just going to be looking for a quick buck, to earn a quick buck, but i believe that the way that the eac has done now in providing resources to the states in terms of things like i.t. management for election officials has helped them. basically giving them other aspects of providing videos to them and so forth allows them to have a little more confidence in the way that the systems are -- >> are there any independent rating entities? again, we have a lot of those cyber security firms located in my state, i applaud all of them, but, boy, sorting through who can actually produce is a tough, tough challenge and i think for election officials in an enterprise that this is not
their specific expertise domain would be a real challenge and as you answer that let me get to the second part of my question since my time is running down. from the intel side and i think we just saw in 2016 the tip of the spear of the ability for social media entities and others to manipulate information. one of the questions i have -- and i think maybe colorado has actually thought about this -- is, you know, as you think about election monitoring are any states actually looking at evaluating how some of the social media platforms may be communicating or miscommunicating to voters within your states and could some of the hava funds be used to acquire that expertise? >> i would say that this is nothing new in terms of the information -- misinformation being put out. it used to be that the
information would be posters, republicans vote on wednesday, democrats vote on thursday. now it's a lot quicker through social media. >> but now you can touch a whole universe or the world at large with the stroke of a keystroke. >> correct. we at the ac we've met with some of the technology groups, those information or social media groups to find out some of the things they're doing to ensure that this doesn't happen again or ways to prevent it. they've given us some assurances of things that they've put in place for this, but i feel that there still -- i don't believe that the hava funds overall can be used towards -- towards that, but i can go back and check with our grants department because it's very broad on what you can use that money for and i would think that if you are looking to improve the process of the election overall, the administration of elections, you should be able to use that money, but i want to make sure of that before i give you a definitive answer.
>> and i will just add that we are encouraging state and local election officials to monitor their social media to make sure that correct information is out there and if they see something that's incorrect to contact the platform and make sure that it's taken down or corrected. >> i would hope that there might be some way -- and i think the social media companies have been slow, they're getting better at responding, but there needs to be some level of ongoing communication and collaboration. i could hope we could work with the committee to see how we might work on that area. thank you, mr. chairman. and it's great to attend a hearing with you and such a distinguished ranking member. >> thank you, senator warner. senator wicker. >> the fact that we have another panel i'll wait. >> thank you. senator cruz. >> thank you, mr. chairman. thank you to each of the witnesses for being here, for your testimony. mr. masterson, in 2017 the department of homeland security declared state election systems
to be critical infrastructure. can you discuss what the practical effects are of this designation and what dhs has done differently since that designation with regard to state election systems? >> yeah, thank you, senator, for the question. the focus of our work in declaring elections as part of critical infrastructure is three-fold. one is ensuring that state and local election officials have access to timely information shared with them such that they can mitigate risks that arise to their systems. so this is largely done through our information sharing and analysis center, of which all 50 states are members. so with he routinely share information out through the information sharing and analysis center to ensure election officials have the information they need, whether general or technical to protect their systems. second is providing services to those state and local officials on a voluntary basis. so we provide on-site risk and vulnerability assessments, remote cyber hygiene scans,
assessments on resilience, readiness in order to help support those state and local officials should they need it. the third is working at the federal level with the intelligence community to ensure that intelligence is shared in a timely and actual manner, one of the lessons i think we all learned from 2016 is to ensure that the system owners and operators, those in charge of elections, are empowered through receiving information and intelligence to protect their systems. so we've been coordinating with the intelligence community across the federal government to ensure that that information is shared. >> in march congress allocated $380 million of new spending to be put towards election security. how is that money being spent and what sort of oversight controls are there to make sure the money is actually being put to good use helping make elections more secure? >> i will defer to my colleagues on the eac. >> yes, we have run that money
through our grants division in the election assistance commission. most of the money is being used for cyber security efforts and for upgrading voting systems, especially the ones that are quite old. we are requesting all of the states, requiring of all of the states to provide a narrative and budget along with their draw down of that money and we will be auditing how that money is used. every state will be audited on their use of the money and whether it was used appropriately. >> how significantly do you all assess the threat of an election being directly hacked in terms of the results at the ballot being altered electronically? >> i would say that, senator, it would be very, very difficult to do that given the disburse character of our election infrastructure, we have 8,000 jurisdictions, none of the machines are connected to each other so each machine would have to be hacked individually and that is one of the greatest
securities that our election system actually has. so it would be extremely difficult to do that. that said, you know, every system is vulnerable and things can happen, but election officials are extremely vigilant, we do logic and accuracy testing on every single machine before it's used in an election, that's open to the public so we can check to see that the machines are actually recording the votes correctly. there's numerous ways to check it afterwards. we discussed earlier some post-election audits. so it would be very hard to do that, however, i can't ever say impossible. >> and am i correct there's obviously been a lot of discussion about 2016, but am i right that there are no indications that there was any actual hacking of election equipment that altered outcomes? >> we do not know of any outcome that was hacked or changed in any way. what happened this 2016 has been characterized by undersecretary
crebs as overstated and it was mostly drive-byes and scans. we actually see thousands and thousands of these types of scans every single day across the nation against every single system. so i would say that we are concerned about security of the system, the entire election system. nothing happened in 2016 and the real untold story is that the election officials did their job and they kept the system safe from any sort of hacking. >> what would you characterize as the most important security reform that state election authorities should put in place to ensure the integrity of the ballot process? >> i would say that we need to ensure that the confidence of the voter remains high, because if we erode that confidence voters are not going to come out and actually cast their ballots. so i think from a to z, basically from voter registration all the way to
election night reporting, all those points are valid and important. >> thank you. >> thank you, senator cruz. thanks to the panel. at some point i know one of my follow-ups will be if you're having these thousands of attempts to get into systems all the time, what do we do and how do we help local and state election officials figure out which of those they need to take seriously and i think we had one group of state officials here last week and one of those state officials said they had 100,000 attempts in -- i believe he said every day to get into their system. if they report 100,000 attempts to you, i don't know what you do about that, but that will come in writing. let's move to our second panel. thank you all for being here. obviously an area of great interest to the country and the panel and we are grateful that you were here. on our second panel mr. scott
leiendecker who is the ceo of knowink, it's a company that provides the ipad registration booklets in more than half the states now, including the district of colombia. mr. peter lichtenheld is the vice president of operations of hart inter civic. and bryan finney is the ceo and founder of democracy live. he is representing the sector coordinating council. so we've moved from the government part of the hearing to the nongovernment part of the hearing and we will see how this goes, but we are glad to have you here and we have your written testimony, it's part of the record. mr. leiendecker, if you want to start by either reading or summarizing what that testimony has told us before we get a chance to ask you a couple of questions that would be fine. >> sure.
thank you, senator blunt. ranking member klobuchar and members of the committee. thank you for today's opportunity to be here. i'm grateful for your willingness to engage and take into consideration the vendor's perspective. what i was here to talk about is specifically about my experience in the past as a former election director. i think that's a unique perspective that i can bring, you know, to the table. i wanted to talk about, you know, the different things that we, you know, do to ultimately secure our products, which is an electronic -- electronic poll roster. that basically uses the ipad, you know, that ultimately helps with the security side, you know, and leverages the security of the ios operating system. to kind of sum up very quickly, in order to continue innovating and providing strong security
initiatives, we hope that the federal government will consider us a partner. we hope that today's hearing is just the beginning of a new consideration with the committee and the federal government will have with election vendors, together with the local election vendors like the ones in missouri and minnesota that are on the front lines in today's election and throughout the election process, we want to offer this committee and others in federal government our assistance to help shape that public policy and ensure the integrity of our most secure process. thank you. >> thank you. i will keep my comments short, as i know we're running short on time. my name is peter lichtenheld, chairman blunt and ranking member klobuchar thanks for having us here. committee members, thank you. i'm the vice president of operations with hart inter civic, we are a voting system provider based in austin, texas, we serve about 27 million voters across the united states of america and we are part of the solution on election security
working with dhs, the eac and other bodies as members of the sector coordinating council. i want to clarify that voting systems are not just commodities, but solutions and that we are partners with our customers. we are constantly working with customers. we don't just sell them something and then expect them to run it on their own, we are constantly sharing best practices with customers, doing webinars, giving papers to customers and helping them run secure elections. i also want to go off my written record for a minute and talk about senators wyden's comments and address those specifically. because hart inter civic is an important voting system provider in the united states. we have been open. we don't stone wall. we did answer the letter that senator wyden sent to voting system providers and our core values at heart are about can r
candor, which i'm using right now, and about integrity, which we feel is very important and really one of our basic tenets is that we are election geeks. we love elections and we feel like we are helping america vote. thank you. >> mr. finney. >> mr. chairman, ranking member klobuchar and members of the committee, i'm here as a ceo of democracy live, delivering electronic balloting to members of our military, overseas voters and the 35 million blind and disabled voters in the united states. that includes the military and overseas voters, mr. chairman, in your state, a statewide basis and senator warner in your state. i've recently had the honor of being nominated and selected as a founding member of the homeland security elections sector executive committee.
this dhs sector committee represents a broad and vie verse coalition of 2 dozen companies and nonprofits deploying voting solutions to might the needs of the eligible voters and thousands of hard working election administrators across the united states. in addition, our members are working collaboratively with the u.s. elections assistance commission as well as state and local elections offices to ensure secure, stable and scaleable voting systems. the sec representing the greater elections and voting systems provider in the united states absolutely support the increased focus and attention on the security of our nations election systems. as we know, foreign attempts to probe government voter information platforms during the presidential campaign were clearly aimed at undermining faith in america's democratic institutions. while the consensus among the intelligence community remains clear that no vote tales were
altered in any way and there is no hard proven evidence that any private sector provider was compromised, the existence of foreign threats means that we need to continue to be extremely diligent and in protecting our nation's critical voting infrastructure and in instilling confidence in our u.s. electoral systems. the sec members are prepared to meet the threats and challenges that exist. however, with less than two dozen providers serving the needs of over 6,000 elections localities representing over 200 million voters, expectations must be aligned. first, existing levels of government investment must correspond and increase to meet the growing threats to the entire electoral system. as the inversers, innovators, providers and partners to what is truly the engine of our democracy it is critical we are engaged at the start of any strategic planning, testing, educating or other security initiatives relating to voting systems. as this committee considers how to better secure our nation's elections infrastructure i would
encourage your members to remember that the voting and tabulation systems although they get the lion's share of the attention is only the end point of a long process with potentially hundreds of voter touch points before that voter even casts a ballot. these touch points must be -- must also be secured. they include items like voter registration, poll books, election night reporting, mail balloting which is the fastest growing method of voting and information about who and what is appearing on your ballot. finally laws and certifications exist that can and should be strengthened to better secure our voting and tabulations systems, but if the information systems are corrupted or manipulated then all the work and resources we put into hardening our voting systems may in the end be negated. in this era of voter bots and social misinformation more and more voters are turning to their local elections officials for accurate objective information. as it was information systems that were manipulated in the recent presidential election and not tabulation systems, i would
encourage congress to materially support elections officials to offer secure, objective and accessible voter information that voters can trust. thank you. >> thank you. mr. leiendecker, how many -- you provide the ipad poll book in how many states? >> currently we have poll pad, which is the ipad-based solution. we are in 25 states, 600 jurisdictions nationwide. >> and in canada? >> canada just recently acquired our solution. we actually, just so you know, and i think this is some good information, we went through the ministry of defense, they did an audit on our solution. the results were just released yesterday and there was zero vulnerabilities in our source code, which was nice to see. >> could we get a copy of that audit?
>> as soon as i get a copy of it i can provide that for you, why he. >> good. and i think senator klobuchar would want to know this. you are now transitioning is number of minnesota counties, is that right? >> a number of minnesota counties. we've been working with secretary simon in hanipin county, they've been using our product for about two years now, close to two years and i think the primary elections coming up in august 15th or 16th, i believe, we will be full -- >> 14th. >> 14th. >> not that i would know that. >> i will be there and a number of us will also be there, but we have about 50 counties that will be moving towards that solution. >> and how many voters do you think were included in the registration material you were managing in the last election cycle in 2016? >> 2016 -- >> this is just an estimate.
>> it would be several million. >> where i'm really going here is this question of how many people try to get into these systems and what do you do to determine the vulnerability of the systems that your company works with? >> there's a number of things that we do. from our knowledge nobody tried to tamper with our product. one of the nice things about using the ipad is the baked in security that is already offered and that's one of the things that, you know, i really liked about the solution whenever i was a former director in st. louis looking at the different solutions available to me. the baked in security is a big thing. so i don't have to be a security expert, i'm leveraging, you know, what is the apple ipad, which is secured by -- you know, nist has all the bells and whistles that nist offers, all of that, so we leverage security from, you know, security experts. we are not trying to be security
experts, you know, at our organization, although we do have individuals that are security experts on staff. that's a big part of it is leveraging the right type of hardware and software. the other things that we do is obviously encrypt everything. you know, from on the ipad to anything that is in transit is encrypted. so that's a big part of what we try to do to make sure that we're responsible and thoughtful throughout the process with regards to security. >> and does anybody in your organization try to find the weaknesses in any system that you're trying to manage? >> absolutely. you know, after we get done, you know, testing the applications such as the one in minnesota that we just got finished with a few months ago, it goes through a number of tests, whether it's internal, that's the first, you know, course where we go through and do our own testing, and then ultimately we send it through penetration tests. and that's a big thing that we've been doing since day one. this wasn't something that, you know, we just decided to do because, you know, the russians
decided to try to meddle in our elections process, you know, this past election. this is something that we did from day one to make sure that we were being responsible to our clients. our clients are provided that information, you know, once those penetration tests are done, especially before, you know, major elections, but we've actually started to do more penetration tests throughout the year just because we know that it's important, it's something that's on everybody's mind, so we want to be responsible and thoughtful for the -- >> so if somebody was monitoring people trying to get into their voter registration system, part of that could be a legitimate effort on your part to see if it was possible to get in. >> we don't deal directly with the voter registration system. we are just kind of the -- i would say the poll book, the paper poll book -- >> so what would your penetration effort be? >> the only concern that i could see is there are jurisdictions
that could like to connect these devices in like a vote center scenario where the information can move from one area to the other, to one polling location to the other to make sure that that individual is checked off of the -- off the of the list. now, the application is local and it's up to the jurisdiction to choose if they could do want to do that, but that would be the only way, but again, all of that data is encrypted. >> thank you. senator klobuchar. >> senator cortez masto. >> thank you. i know we have a deadline so i will be quick. i was talking with the secretary of state's office in the state of nevada and one of the things they brought to my attention is we talked a little bit about the risk limiting audits, but i also understand that the risk limiting audits and other sophisticated post election audits require a voting system produce a cast record which is an identifier for that ballot and many of the new voting
systems have this capability but lots of states are still using the older system that don't produce a cast vote record and the new hava funds are not enough for all the states to purchase all of the newer voting systems. so is there anything that you as vendors are doing to support expansion and upgrades in risk limiting audits and other sophisticated post election audit processes. >> yes, i will answer that one. so we do have a new voting system at hart. we started developing that voting system in 2015. it's new from the ground up so it takes advantage of all new security features and the first person we hired to help us build that was a security officer. we have customers who have risk limiting audits required in their states whereas optional in their states. we do encourage that every state have some sort of audit and that a lot of thought be put into risk limiting audits. >> okay.
any other comments? >> as an executive member of the executive committee at the homeland security coordinating council i would say that the emerging technologies almost all of them will provide some form of either a voter verified paper trail or a cast ballot record. >> okay. okay. thank you. and then just one final thing. you heard the previous discussion on voluntary -- the certifications, certifying the machines that it's purely voluntary. my understanding after talking with some of the folks in the state of nevada, the reason why is because some of them don't go through that process is because it's cumbersome that i'm told. is that why -- >> that's correct. i'm glad you brought that up. i took a note of your question about that. so different voting system providers have different approaches to that so i can only speak for my company. so at hart intercivic what we do is we always go through the eac because it's a trusted method of
interesting your system tested by independent testing lab and then having a stamp of approval from the federal government before you go to the states. not all states require an eac certification, but most states require at least a voting system testing lab and that lab for most states has to be approved by the eac. so what we figure is why not go through the other step of having it eac approved and everyone, then, has a feeling of confidence in that. you know, a lot of this is about voter confidence. we want voters to be confident that their votes count and that they have faith in the franchise. >> no, but is there -- i appreciate that and i agree with you but is there a reason why some are not going through that process and should we be looking at that to -- is it cumbersome, is it slow, is it too expensive. >> yes, yes and yes. >> should we make sure everybody goes through that process? >> i can't speak for other companies. it is cumbersome, it is sometimes slow and it is
expensive and we don't always agree with the interpretations of the written vvsg. >> okay. >> senator, again, i would just caution that the voting machines themselves are only one element of the entire electoral process. you can harden the machines, you can have the cast ballot -- you can have the audit, have the voter verified paper trail, but, again, if the way that we are either registering to vote, if we are knowing how to vote because of maybe corrupted sample ballots, right, or other information from social media is manipulated then at the end of the process no matter how secure that tabulation system was if the information was manipulated going to the voter that perhaps is even a larger concern. >> okay. thank you. thank you, mr. chair. thank you, ranking member. >> senator klobuchar. >> very good. from your testimony i know you are all taking this threat seriously and i was pleased senator shaheen and i wrote a
letter asking if any of the top three voting machine companies have been asked to share the source code or other sensitive details with russian entities. i was pleased to receive a prompt response that that had not happened. but i just need to know very clearly on the record whether you all acknowledge that your company and companies like yours may be a target for foreign adversaries seeking to disrupt our elections. this doesn't mean that you have been or that they've gotten through, but you could be a target. >> we are very aware of that and we are very diligent about defending against that. >> okay. >> yes, that is accurate. >> we take that very seriously. we believe that part of our job is to protect the engine of our democracy, which are the voting systems and the voter information. >> so we've heard that election officials are often limited in their ability to fully assess their cyber security vulnerabilities because of vendor contracts. do your contracts restrict election officials from
conducting third-party vulnerability assessments? >> with our system, no. it allows them to do with it and we would work -- we would work with them to do so. >> okay. >> our contracts don't prevent a customer from doing that. we would like customers to let us no he if they're doing that. >> that would be nice, yes. okay. >> we, in fact, embrace that. we encourage that. >> okay. do you think it's responsible to sell paperless election systems in 2018 given what we know? anyone want to take that? >> to sell paperless voting systems? >> yes, with no paper backup? >> my experience just as a former election director, i don't see a reason not to. i think it's responsible to have a paper, you know, attachment to it. i understand some of the concerns, you know, that like -- that chairman hicks had brought
up, but i think that there's things in place, you know, with the help america vote act that secure that, but i don't see why there wouldn't be. >> we at hart we support what local choice and if local choice is for paperless voting system, then we do provide that and it's based on state certification guidelines. there are -- i want to make clear -- there are cast vote records on electronic voting systems and electronic voting systems can be audited. there are redundant copies of the cast vote record and they can be compared against each other for audits. >> i would be -- i would caution congress to always think about paper as the pan say see say. in part because of the 35 million blind and disabled voters, perhaps they cannot see the ballot, they have a reading challenge, literacy issues,
physical impairments coming back from iraq and afghanistan. they are blind. the state of washington as an example, state of california have developed and are deploying accessible audio capabilities for even things even things like my home state of washington, where it's 100% paper. that's wonderful for most of us here today. we can see the ballot. but if you can't see the ballot because you're blind or visually impaired what can you do about that? we have to leave room for innovations and accessibility. >> thank you. how do you communicate with your customers about security concerns? your contracts generally contain language that clearly established responsibilities for notification of cybersecurity incidents or vulnerabilities. >> how we communicate is typically before elections you know, we work with the jurisdiction as i spoke earlier, we've done penetration tests, we help them better understand what we've done. we also give them talking points
to, if there's concerns and things like that. that they can provide you know, to outside sources like media and things like that. so we're, we've been doing this for some time. this has been done you know not just in response to the past election, but this has been something that we've been doing almost since day one with our jurisdictions. >> last august we heard about how 1.8 million in chicago voter records and potentially sensitive information was being exposed. "l.a. times" reporting on the incident explained that the data were exposed by the city's poll book vendor. which had placed on an amazon web server, a back-up file containing information on every voter in the city. mr. linedecker, does your company store voter registration data in amazon cloud services? >> we do store data in amazon's dove cloud which has the phipps
protection and everything like that. the incident that happened in chicago was, a mistake by that vendor, it was not us. but from my knowledge -- >> because of the portion of the cloud they put it on? >> it wasn't due to the portion of the cloud, they did not apply a password and they left it wide open, to my knowledge. that was what i consider a stupid mistake. >> that's very blunt. we appreciate that. thank you. >> i think senator warner has returned. >> did you say that was very blunt? >> i said it was, yes. >> blunt, that was my little segue. >> this will be a good thing. senator warner? >> very efficient committee and i was wished all committees worked this efficiently. i'm first of all. i want to make a generalized comment. i'm very concerned that there's
a lot of chest-thumping about how well we did in 2016. and i think we should be very cautious. in terms of some of the claims that have been made and the ongoing threat, ongoing threat that's been confirmed by every member of the trump intelligence community that russia and/or others will be back in terms of trying to penetrate our systems. first. second, i was a business guy longer than i've been in politics, i believe in competition. but it worries me when you've got three vendors to control over 90% of the market. for a voting systems. and i have to take exception following some of the comments that senator widen maked.
i have to take exception to your opening comments, i can tell you commonwealth of virginia after the 2016 elections did an extraordinarily thorough review. i pushed that review. i pushed to make sure we would have that paper audit trail. because we had statewide elections in 2017. and during that time 2017 elections, many of our local voting systems were -- reluctant to turn over their machines to the state when they were that close to the election. you're one of our vendors, yet your company refuse the to go along with the commonwealth of virginia. so the comment that you're transparent and you're willing to work with all of these systems was not the case in the commonwealth of virginia and on a going-forward basis i'd like to get a commitment with you that you'll work not only with virginia, but with other states who are going through such review, and that we're also
going to be willing to look at a second half of this problem. which is eventor locking. meaning one of the things we know about i.t. systems are, once you sign that contract, you've got ongoing maintenance contract that oftentimes means it's even if a state wants to choose a different server, they're not able to do that. so i'd like to get a commitment from you that you're one, willing to work with the commonwealth of virginia on a going-forward basis and two, you and mr. finney, what you're doing, your systems are doing about moving towards intraoperability and third how we make sure in terms of third-party servicing contracts that your existing contracts don't preclude that so you can't get a fresh eye my fear is by precluding third-party servicing you've got that lock-in where a system then does not have the ability to even bring in a third party. researcher or other.
to look at your systems. >> yes, i'll answer all those questions. or comments, first of all yes i make that commitment to the commonwealth of virginia toot we only had a few customers in virginia and all of them were looking at going to our new system. so the point was moot as far as the old system. they all were moving on. >> sorry, i just got to tell you -- the commonwealth of virginia requested you to turn over machines and you did not. that is the record. >> okay. secondly do we -- keep box customers into a service with us? no, we don't. we, other vendors can provide service to our machines and we actually make our equipment self-serviceable. by our customers. so we don't need to go out and touch the equipment for example for our customers, we've tried to make it very much more open going forward. >> so third party could come in and be the ongoing servicer.
>> yes, we have customers what do that. intraoperability, that's a thing of the future. wooer not currently working on that, that will depend on certification and n.i.s.t. and all that good stuff. >> mr. finney, you want to add anything to that. >> in terms of the three vendors sitting here today, we represent three different components of the entire electoral system. you have electronic poll book. you have a tabulation system, we happen to provide balloting that overseas and military and voter information tools. so the modularity from which you speak is critical to the ongoing innovation within the elections industry. so not one vendor can, own the entire electoral apparatus for one jurisdiction. i think we do believe that you know, let 1,000 flowers blossom by innovation modularity, making sure that the three of us can work seamlessly together so if mr. lichtenheld's system works
with an electronic poll book or provides the data so we can provide information to overseas or military voters or blind or disabled voters that we're all working together and i think it helps to secure and harden the overall electoral system. >> the chairman has given me discretion, i know he's got to go vote. i've got to go back and vote again. i believe when we've got such concentration, on in these systems on the back end, and the vukts that i believe exist and still exist, i think we need to at least think about with this level of concentration, the ability to have potentially at least independent cybersecurity researchers, have some access to give us that good housekeeping seal of approval on some of these systems. i'm afraid if not the vulnerability and the kind of some of the self-accolades that have been given by some of the panel may come back and bite us.
>> willing to work with you, senator and see if we could monitor this more closely. the record would be open for one week. i would ask you to respond quickly if you get questions in writing and the committee is adjourned. live to capitol hill as federal reserve chair jerome powell testifies before the