Sarbanes Cosponsors and Introduces Election Vendor Security Act


Jul 19, 2018
Contact: Daniel Jacobs
(202) 225-4016

WASHINGTON, D.C. – Democracy Reform Task Force Chair Rep. John Sarbanes (D-Md.) today joined Representatives Steny Hoyer (D-Md.), Elijah E. Cummings (D-Md.), John Delaney (D-Md.), C.A. Dutch Ruppersberger (D-Md.), Anthony Brown (D-Md.), Jamie Raskin (D-Md.), Robert A. Brady (D-Penn.), Zoe Lofgren (D-Calif.) and Grace Meng (D-N.Y.) in introducing the Election Vendor Security Act (EVSA), a bill to strengthen state election systems against foreign cyberattacks.

The bill requires election vendors to be owned and controlled by a citizen or permanent resident of the United States and to disclose whether they are using foreign-made parts in their products and software. It also requires vendors to adhere to cybersecurity best practices, as developed by the Election Assistance Commission (EAC) and Department of Homeland Security (DHS), and would require vendors to report known or suspected cybersecurity threats to state authorities, EAC and DHS within 10 days.

The legislation comes after the Federal Bureau of Investigation informed Maryland officials that a Russian oligarch had invested in one of the state’s voting software vendors in 2015 without the state’s knowledge. Although no evidence of specific wrongdoing has surfaced in Maryland’s elections, the report has raised serious concerns.

“We must use every tool at our disposal to protect state election systems from cyberattacks,” said Congressman Sarbanes, Chair of the Democracy Reform Task Force. “Russia targeted at least 39 state election systems in 2016, and without question, they’re coming for us again in November. This bill will help harden our election infrastructure and better protect us from foreign interference.”