California State Assembly member (D-Palo Alto)
Last month, California became the first state in the country to create an Office of Elections Cybersecurity. In this interview, the author of the bill, Assembly member Marc Berman (D-Palo Alto) discusses whether the integrity of November midterm elections is at risk, the types of misinformation the new office will work to counter, and whether California will move to online voting.
1) Do you think the integrity of the upcoming November elections is at risk? If so, why?
Not in California.
I am confident in the ability of California's county elections officials and Secretary of State Alex Padilla to protect the integrity of this November's elections. California has been ahead of the curve in protecting our elections from cyber threats. For more than a decade, the state has prohibited voting systems from being connected to the Internet or having any sort of wireless capabilities. We also require that all votes either be cast on paper ballots, or have a paper audit trail.
Nonetheless, securing our elections requires constant vigilance. That is why California has made it a priority since the 2016 election to identify methods – and invest significant resources – to further protect our elections.
In March, the Legislature convened a joint hearing on elections cybersecurity.
In recent months, the Governor signed two of my bills that originated from the hearing - AB 1678, which establishes new policies for the secure storage of voter registration information and will combat deceptive information about voting, and AB 3075, which created an Office of Elections Cybersecurity within the Secretary of State’s office.
Additionally, the 2018-19 Budget included $2 million for the new Office of Elections Cybersecurity and $134 million to help fund the replacement of county voting systems, the largest state investment in voting equipment in more than 15 years.
The is no single thing that elections officials can do to permanently secure our elections from those who seek to interfere with our democracy, but for all the reasons I mentioned, California voters can and should continue to have confidence in our electoral process.
2) Last month California became the first state in the country to establish an Office of Elections Cybersecurity, thanks to Assembly Bill No. 3075 that you authored. What factors played in your decision to advocate for this new office?
As Chair of the Assembly Elections and Redistricting Committee, I convened a joint legislative hearing with the Senate Committee on Elections and Constitutional Amendments on the topic of elections cybersecurity in March of this year. We met with colleagues from both committees, as well as cybersecurity experts and federal, state, and local elections officials to discuss continued efforts by foreign operatives to influence U.S. elections, and to examine ways that California can protect its elections from threats. The idea to create an office devoted solely to elections cybersecurity came out of that hearing based in part from testimony by expert witnesses who attested to the importance of information sharing and coordination between government agencies.
3) What are the top three goals that you hope the Office of Elections Cybersecurity will achieve?
The Office of Elections Cybersecurity has two primary missions:
1) Coordinating efforts between the Secretary of State and local elections officials to reduce the likelihood and severity of cyber incidents that could interfere with the security or integrity of elections in the state; and,
2) Monitoring and counteracting false or misleading information regarding the electoral process that is published online or on other platforms that may suppress voter participation or cause confusion and disruption of the orderly and secure administration of elections.
There are a number of things that the Office can do to accomplish those missions. One of the most important things that the office can do is to coordinate information threat sharing between government agencies. This is especially important in light of the fact that California's elections are run by our counties. By taking the lead on sharing threat information and identifying steps for threat mitigation, the Office of Election Cybersecurity will be especially important for helping counties with fewer available resources to protect against cyber threats. Similarly, I expect the Office to play a crucial role in developing best practices for protecting election infrastructure from cyber threats and identifying resources available to state and county elections officials. Finally, I expect that the Office will play a critical role in counteracting false and misleading information about the electoral process that has the potential to confuse and disenfranchise voters.
4) The bill tackles countering misinformation published online about the electoral process that might suppress voter turnout. Can you provide a few examples of misinformation the law will address?
The Office of Elections Cybersecurity will be tasked with monitoring for misleading information regarding the electoral process that may suppress voter participation or otherwise undermine the integrity of our elections. Among the types of misinformation that we have seen in previous elections are social media posts that instruct voters that they can cast their vote by text or online, or that contain erroneous information about the dates, times, or locations where voters can cast a
ballot. We've also seen a lot of misinformation about the requirements to vote—whether voters are required to provide photo identification in order to cast a ballot, for example (there is no such requirement in California).
This year I also authored a bill, AB 1678, that makes it a misdemeanor in California to distribute false information about the time, place, or manner of voting, including the qualifications to vote, if such efforts are done willfully and with the intent to deceive voters. This new law also clearly applies to the distribution of false information on the Internet. Previously, state law made it a misdemeanor to distribute false information about a voter's polling place, but was silent about other types of disinformation. The law also needed to be modernized to account for disinformation spread online and via social media.
5) Looking ahead, do you expect California to move towards online voting? If yes, why? If not, why not?
While online voting would be convenient for many voters, and has the potential to improve voter participation, it would be reckless for the state to move in that direction unless and until we are certain that it can be done securely. One of the lessons of the 2016 Presidential election is that there is no shortage of bad actors who will try to interfere with our nation's elections. Even if we were confident that we could develop a system for online voting that could protect against any such attacks—and I'm not convinced that we can at this point—using such a system still would be unacceptable if voters don't have trust in the outcome of elections that are conducted using the system.
Earlier this month, the National Academies of Sciences, Engineering, and Medicine issued a report on the future of voting in the United States. Among other things, the report concluded that "the risks currently associated with Internet voting are more significant than the benefits" and that "[s]ecure Internet voting will likely not be feasible in the near future." Until there is a consensus within the scientific and technology communities that Internet voting can be done securely, I think that California is best served by continuing its longstanding prohibition against voting systems being connected to the Internet or having any sort of wireless capabilities.