The Section of State and Local Government Law served as primary sponsor for a timely program at the Paris Sessions entitled “Cybersecurity Best Practices in Elections.” Nine other ABA entities served as co-sponsors. The program took place on June 8, 2018, at the Paris Le Grand InterContinental Hotel and was one of the best attended during the entire session.
September 15, 2018 Section News
Cybersecurity Best Practices in Elections: ABA Paris Sessions, June 8, 2018
The panel was moderated by Arizona State University Professor Myles Lynk and featured five experts in the fields of election law, cybersecurity, and key aspects of the electoral process. Panelists included John Hardin Young, Lucy Thomson, Steve Zack, Sven Kohlmeier, and Shalva Tskhakaia. Ben Griffith was Program Chair.
Speakers discussed and identified the best practices/standards that need to exist to prevent interference from state actors and others to ensure a fair and free democratic electoral process. Those standards are now just being developed by the experts. Traditionally, most election management bodies were more concerned with fraudulent voting (e.g., vote buying, carousel voting, fraudulent IDs) and intimidation of voters at the polls; Armenia, Nigeria, and the Philippines are good examples. The Russian interference in the U.S. 2016 elections, and in Europe and elsewhere, showed the vulnerably of electoral systems to cyberattacks. To address this issue, speakers discussed standards to be deployed to “harden” our electoral systems. While these are technical, a discussion of the best practices needed to provide effective cybersecurity to the electoral process was a necessary and integral part of the presentations. Speakers also addressed the vulnerability of democratic elections to cyberattacks, both in the United States and around the world, as well as the standards and protocols necessary to defeat such attacks.
The panel also addressed the current status of whether and how the means and measures to ensure fair elections are being implemented by national and local governments and election authorities in the United States and around the world, and the barriers to implementation. One of the key inquiries is whether the threat is still not being taken seriously enough, or whether the issue is money or the lack thereof, and whether there is an unwillingness of federal, state, and local governments in the United States, and presumably in democracies around the world, to allocate the funds necessary to “harden” our electoral processes against cyberattacks. Further, the panel members from Germany and the Republic of Georgia addressed whether and how on an international level national governments need to facilitate greater cross-border cooperation and more exchanges of information and technology in order to address this threat. Finally, the U.S. panelists addressed whether and how we in the United States need to overcome jurisdictional boundaries between local election districts and state governments that are responsible for conducting elections. The panel was able to share its views on the governmental laws, policies, or practices that need to be adopted or changed in order to implement these necessary steps.
A significant number of relevant and timely questions came from a standing-room-only audience, and it appears that those in attendance benefited from the panel’s description of the cybersecurity problems and discussion of the technical steps that need to be taken in order to successfully address those problems.
Respectfully submitted, Benjamin E. Griffith, Program Chair