In a letter to the U.S. Election Assistance Commission, Free Speech For People, and a coalition of more than 20 computer science, cybersecurity, and election experts warn of the serious security dangers of permitting devices capable of connecting election systems to the Internet in federally certified voting systems. In a companion letter, Free Speech For People challenges the legality of the U.S. Election Assistance Commission’s last minute maneuvers to adopt the changes. 

WASHINGTON, D.C. (Feb. 8, 2021) – A coalition of computer science, cybersecurity, and election integrity experts are trying to avert a ”grave mistake” in the next version of the federal Voluntary Voting System Guidelines (VVSG 2.0). The VVSG 2.0, to be voted on at a public hearing on February 10, 2021, by the U.S. Election Assistance Commission (EAC), was amended behind closed doors to permit the inclusion of hardware capable of connecting voting machines to public networks, including the Internet. In the February 3rd letter, the coalition argues that permitting networking hardware is, “profoundly ill-advised and unacceptably insecure,” will “increase the potential for remote cyber-attacks on voting systems,” and will “corrode public confidence in our election systems and institutions.” 

One day prior, on February 2nd, the national nonprofit nonpartisan organization Free Speech For People sent a letter to the Commission alleging it made “dramatic last-minute changes” to the draft VVSG 2.0 to “rush adoption of severely weakened guidelines” in violation of Section 222 of the Help America Vote Act (HAVA), 52 U.S.C. § 20962. The EAC made the changes in question outside of the prescribed, public-facing process required by HAVA. As the EAC was making changes to the draft VVSG 2.0, it was disclosed that the Commission was holding non-public meetings weekly with voting system vendors to discuss vendors’ concerns regarding the VVSG 2.0 Requirements. 

“The EAC’s attempted end-run around the Help America Vote Act and avoidance of public scrutiny endanger the security of America’s elections and violate federal law,” wrote Ron Fein, Legal Director at Free Speech For People, and Susan Greenhalgh, the organization’s Senior Advisor on Election Security. “This revised proposal will draw widespread condemnation from election and computer security experts and Congress, which the EAC attempted to avoid.” 

The requirements for the VVSG 2.0, as developed by the Technical Guidelines Development Committee (TGDC) in accordance with HAVA, did not permit the inclusion of devices capable of connecting voting systems to networks wirelessly.  

“Perhaps most importantly, in order to foster public trust in our election systems, wireless networking should be strictly prohibited in all voting systems,” the experts wrote, adding that this change “runs counter to our shared goal of increasing public trust in election technology. The full language of the joint letters can be found here and here.