September 17, 2019

Wyden Remarks at “In Defense of American Democracy” on Election Security and Vote-By-Mail

As Prepared for Delivery

Thank you so much to the Shanker Institute for inviting me to speak today. You have a real all-star squad of civic activists and public servants here, between Secretary Clinton, Leah Greenberg of Indivisible, Randi Weingarten, Attorney General Holder.

That’s what my dad would call running with the right crowd. The topic is perhaps the most urgent, timely topic facing our country – Defending American Democracy.

I’m going to start by telling you a little bit about how I spent my summer vacation. I represented one percent of the United States Senate at a white-hat hacker convention in Las Vegas known as DEFCON. These hackers are the good guys, often working with governments, companies or just freelancing and a decent chunk of them are students and even teenagers. They tried to hack the equipment that runs our country and specifically our elections to determine vulnerabilities and get that information to those who can fix the problem.

I went to Las Vegas because I wanted to see just how easy it was to hack e-pollbooks, voting machines and other key parts of election infrastructure. I talked with young people, far younger than my children, who are security researchers and cybersecurity experts. They demonstrated how simple it was for hackers to compromise these election machines to alter votes, disrupt ballot printers and meddle with registration systems. Teenagers in the DEFCON Voting Village showed me how they could hack the machine made by the company that Bob Mueller singled out in his report as being hacked by Russia. There was an e-pollbook hacked so completely by young people were playing video games like Doom on it.

Oh, how I wish Mitch McConnell could have been there to see young people defeating the security of these machines with ease.

Depending on hackable machines is the election security equivalent of protecting our nuclear codes with a child safety lock.

 So I’m here to deliver a warning – Our democracy faces dire threats in 2020. Far too many of our election systems have the security of Swiss cheese, and yet Mitch McConnell and Donald Trump have done virtually nothing to shore up our defenses against foreign hacking.

Make no mistake, the threats to our democracy are growing by the day. As I said, foreign hackers are poised and ready to make the election interference in 2016 look like small potatoes. At the same time, a tide of voter suppression continues to crash over our country. States are accelerating the barriers to voting for people of color and working Americans and seniors.

These twin attacks on the legitimacy of our government present one of the most serious threats to the underpinnings of the American experiment that I have seen in my time in Congress.

The foundation of American democracy is the notion that a government and elected officials reflect the will of the people they represent. And the way we do that, obviously, is by having elections.

If an election isn’t free and fair, then the whole system falls apart. If it’s harder for some people to vote than others, or if foreign hackers can exploit security weaknesses to interfere with voting machines, then the system falls apart. If people don’t have faith that the government was chosen fairly, then the system falls apart.

I can’t sit back and let that happen on my watch.

Today I wanted to offer two concrete, practical ways to defend American democracy: Giving every American the option to vote at home and ensuring that every election across the United States is secure against foreign hacking.

Taking those two steps will go a long way toward guaranteeing our peoples’ constitutional right to vote, and they’re the best way to ensure that Americans -- not foreign hackers -- choose our elected officials.

Let me address how to knock down some of these ridiculous roadblocks to voting.

Every four years on Election Day, you see reports across the country of long lines, malfunctioning machines, voters turned away because of problems with their registration and all the other ridiculous obstacles citizens face to cast their ballots.

In too many states, politicians have the attitude that working Americans, people of color, young people and those with disabilities should have to go to absurd lengths just to exercise their constitutional right to vote.

Just last week, a new report found that a handful of states closed nearly 1,700 polling places since 2014. Texas, Arizona and Georgia led the pack, according to the study by the Leadership Conference on Civil and Human Rights.

Fewer polling places means fewer people vote. And when fewer Americans vote, the special interests and big businesses win. Everybody else loses.

Voting rights in this country have become a hodge-podge of restrictions and burdens that creating more costs for voters and states.

In my home state of Oregon, we have a solution, and it’s called vote-by-mail or vote-at-home, with automatic voter registration. I have a bill to bring Oregon’s system nationwide.

Here’s how it works: Each time a voter uses the DMV, their new information will automatically update the voter rolls. Accurate registration is a breeze. And you can always opt-out.

Voters get their ballots in the mail two or three weeks ahead of Election Day, which leaves plenty of time to fix any problems with registration or ballots that do crop up.

States can keep their current polling practices if they wish, but states that choose a full vote-at-home system will see their election costs significantly drop and turnout rise.

Oregon, Washington and Colorado already vote at home for all elections, and Hawaii will move to vote at home in 2020.

We’re lucky in Oregon to have vote-by-mail, and I’m working hard to bring it to the rest of the nation.

There’s another reason that voting by mail makes a lot of sense – paper ballots, marked by hand, are hugely more secure than voting with hackable electronic voting machines.

That is critical, because hackers are coming in 2020. And the U.S. is not even close to prepared to stop them.

Cybersecurity experts have been shouting about this issue from the mountaintops for decades. But it might not shock you to hear that if you go back 20 years, a lot of members of Congress tended to doze off when the topic of tech policy came up. The message didn’t sink in.

That blindness to election security, in my view, laid the groundwork for what happened in 2016. And not just the DNC hacks and the email leaks. It’s a list of attacks by foreign actors and vulnerabilities here at home that’s enough to give you a heart attack.

There were voting machines from ES&S, the biggest voting machine company in the country, which for years came with preinstalled remote access software. With that kind of vulnerability, the United States might as well put unlocked ballot boxes on street corners in Moscow.

There’s the fact that Russia hacked an election vendor called VR Systems in the summer of 2016. VR systems machines in North Carolina malfunctioned on Election Day that year, and one polling place had such extensive problems it had to shut down for hours. It took two and a half years to get the Department of Homeland Security to begin investigating what happened.

More recently, an AP investigation found that the vast majority of 10,000 election jurisdictions nationwide are using Windows 7, which is going to reach “end of life” in a few months. All those systems will be vulnerable to hacking.

ES&S and Hart, two of the biggest vendors, use that vulnerable software for all of their voting systems. So that means election officials across right now are buying election systems that will be out of date and vulnerable to hacking the moment they open the box.

Five states still exclusively use hackable, paperless voting machines, and nine other states still use paperless machines in some counties.

That’s why it’s probably not a big surprise to anybody in this room that Russia targeted election systems in all 50 states in 2016.

In 2017, I started to work on legislation that would become the PAVE Act. My bill was the first bill ever introduced in Congress to mandate the two key priorities that experts most universally recommended – paper ballots and routine, post-election, risk-limiting audits.

I expanded and refined that bill this spring, to mandate federal cybersecurity standards for election systems and to address specific vulnerabilities that cybersecurity experts discovered in voting machines.

Then in June, the House passed a major election security bill, called the SAFE Act, which included significant portions of my bill.

As many of you know, the SAFE Act and every other bill on this issue has been blocked in the Senate by Russia’s number one ally in compromising American election security, Mitch McConnell.

A reasonable person would ask why McConnell is burying election security in the legislative graveyard. There are a few potential answers.

First, Russia attacked the 2016 election, and the 2016 election turned out pretty well for Republicans. They took unified control of government, passed a lot of legislation and confirmed a lot of judges to lifetime seats on the federal bench.

So why change anything about a system that let Republicans consolidate power? If Russian interference leads to more Republicans being elected, Mitch McConnell seems OK with that.

That is a price McConnell and Trump are willing to accept – a deal with the devil – to keep a firm grip on power.

One of the ways Republicans have held onto power is by engaging in voter suppression. It often seems that for them, stopping Democrats from voting is priority number one.

And one of the ways they accomplish that is by making it difficult to vote. They shutter polling places in left-leaning communities. They eliminate same-day registration. They shorten polling hours. And they find ways to make the lines at polling places really, really long.

This, of course, relates to voting machines. Hand marked ballots are easier and quicker for most people to use than a touchscreen. People get in and out of their polling places faster. Lines get shorter.

For example, those images you see on TV of people standing for hours in lines, waiting to vote – that doesn’t happen in Oregon where people vote at home.

Long lines keep people from voting, and historically, low-turnout elections favor Republicans.

There’s also the same old song you hear sung in Washington anytime a Republican wants to block an important legislative priority: Election security is not an issue for Congress, it’s an issue for the states.

It’s the very same language that Republicans used to oppose the Voting Rights Act and other key civil rights legislation.

In this context, when Republicans argue for states’ rights, they’re arguing for the right of states to suppress the vote.

Finally, part of the reason that Mitch McConnell and the Republicans have blocked election security legislation is because the voting machine lobby has flexed its muscles.

The bottom line is, it’s long past time to wrest the power away from the voting machine industry. They have proven they will not protect our democracy, which means they’re doing more for Russia than they’re doing for American voters.

It’s past time to ramp up the pressure on Mitch McConnell so that he can’t escape this issue any longer.

It’s going to take a sustained outcry from the public to force him to move legislation on election security.

The press and voters, and a lot of Congress, have finally taken notice of just how weak our election security situation is. But Mitch McConnell and Donald Trump won’t act until they don’t have any other choice.

So I’m asking you to keep the pressure on Congress until it actually fixes the problem. Make sure that politicians don’t get away with passing a band-aid bill that sounds good but still leaves our elections vulnerable to foreign hackers. Any bill that gives hundreds of millions of dollars to states without requiring that states use paper ballots, conduct audits and follow basic cybersecurity standards, is a nonstarter in my book.

America needs a Paul Revere brigade to fan out across the country and make the case for the SAFE Act and vote-by-mail.

The health of our democracy literally depends on it.