WASHINGTON – On Thursday, U.S. Representatives Stephanie Murphy, D-Fla., and Michael Waltz, R-Fla., announced they will introduce bipartisan legislation to require federal officials to alert Congress, state officials, and the public when election systems are hacked. The Achieving Lasting Electoral Reforms on Transparency and Security Act (ALERTS Act) follows reports revealing Russian military intelligence officers gained access to the computer network of two Florida counties in the run-up to the 2016 U.S. election and the FBI’s subsequent refusal to release this information in a timely manner or to confirm the infiltrated counties.
“It is unacceptable that the Russians know which systems were hacked and not the Americans affected,” said Murphy. “When federal officials determine unauthorized users gain access to an elections system, local officials and the public have a right to know so they can respond. These alerts will empower voters to verify their information was not compromised, while also raising awareness about these critical cyber vulnerabilities. As a former national security specialist, strengthening the security of our elections, especially from foreign adversaries, will continue to be one of my top priorities.”
“It’s been a week since our meeting with the FBI and the names of the two infiltrated Florida counties still haven’t been publicly identified,” Waltz said. “The FBI’s notification protocol is inadequate and unacceptable. If we are going to have any success securing our elections, we need to know immediately whether or not an elections system has been compromised — and most importantly, the voters need to know too.”
Under the proposal, federal officials would be required to promptly alert the appropriate state and local officials and Members of Congress if they have credible evidence of an unauthorized intrusion into an election system and a reasonable basis to believe that such intrusion could have resulted in voter information being altered or otherwise affected. The bill would also require state and local officials to alert potentially affected voters of such an intrusion.
The bill does, however, create a narrow exception to public alerts, such as if federal officials determine that notification would compromise intelligence sources or methods or cause harm to an ongoing investigation.
Murphy and Waltz said they will push for the committees of jurisdiction to hold hearings on the bill as soon as possible.
“As we approach the primary and general elections of 2020, time is of the essence. We must move with deliberate speed to shore up the cyber defenses of our elections systems and to prevent another attack on our democracy,” said Murphy and Waltz.
In March 2019, the Mueller Report concluded Russian military intelligence officers sent spearphishing emails to over 120 email accounts used by Florida county elections officials in the months leading up to the 2016 election. This operation “enabled [Russian military intelligence officers] to gain access to the network of at least one Florida county government.”
Earlier this month, Murphy and Waltz, who are both former national security specialists at the Pentagon, requested a classified briefing by the U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) for the Florida congressional delegation on the nature and extent of the Russian government’s efforts to interfere in Florida during the 2016 presidential election. Following the briefing on May 16, Murphy and Waltz confirmed they were told by federal officials that a second county was infiltrated by the Russians, but they were not authorized by the officials to disclose the counties due to its classified nature.