Senator Lankford Gives Update on Election Security on Senate Floor

CLICK HERE to watch Lankford’s floor speech. 

WASHINGTON, DC – Senator James Lankford (R-OK) today spoke on the Senate floor to discuss election security concerns in both the 2016 and 2018 US elections, work by states and the federal government to identify and address vulnerabilities, and Lankford’s ongoing concerns and work to protect our future elections while preserving states’ primacy in running them.

Last month, Lankford joined a bipartisan group of Senators to introduce the Voting System Cybersecurity Act of 2019, which would ensure that a cybersecurity expert from the Department of Homeland Security (DHS) is involved in crafting the voluntary voting system guidelines established by the Election Assistance Commission voting system that manufacturers use when creating their products.

Lankford introduced a bipartisan bill in March 2018, the Secure Elections Act, to strengthen election cybersecurity in America. Last year, Lankford testified before the Senate Judiciary Subcommittee on Crime and Terrorism during a hearing entitled “Cyber Threats to Our Nation’s Critical Infrastructure.” During the hearing, he pushed for the US to put in place a policy for responding to cyberattacks. 

Lankford formerly served on the Senate Intelligence Committee and currently serves on the Senate Homeland Security and Governmental Affairs Committee with jurisdiction over DHS.


Mr. President, we are eight months away from the first primary for the 2020 election. There is a false belief that the 2020 election is a year and a half away—it’s eight months away.

Robert Mueller in his May 29 speech made the statement, ‘There were multiple, systematic efforts to interfere in our election, and that allegation deserves the attention of every American.’

Chris Wray, who is the FBI Director, made the statement that, ‘The 2018 election was a dress rehearsal for the big show.’ There are few statements that we can argue about in this body. I find absolutely no one arguing in this body that the Russians tried to interfere in our election in 2016. 

If you go all the way back in history to 2012, the Russians actively engaged in the Ukrainian election. In that election they found multiple ways to be able to interfere and to change the stories on social media. They found multiple ways to be able to interfere in their election internally. That interference in 2012 was their practice round for what they launched on the United States in 2016. And it’s not just us. The Russian Federation has attacked every single NATO country’s election—all of them. They just happened to come to us last. But I have no doubt that it’s not the last time the Russians are going to try to interfere in our elections.

What’s clear from the Mueller report is they walked through it in the first section of it, over and over again, they repeat what they have found and how they went through the process of what the Russians were trying to do. Working with social media entities to try to create fake American accounts to be able to put out fake information online, to try to find as many different places they could to put out stories, to create as much confusion and chaos.

I have had multiple folks back in my state that have said to me, ‘Why would the Russians do this?’ It’s because the Russians cannot match us militarily, economically, culturally. So they use alternative ways of doing warfare, and for them, their favorite type is just stirring chaos. They look for every time Americans or any free democracy argues with each other, and when they find a democracy arguing with each other, they reach in, take both sides, and try to elevate the argument. What I’ve told folks at home is basically: the Russians are like the two kids on the playground that are fighting. There’s always a third kid on the edge of the playground screaming, ‘Fight, fight, fight,’ trying to get as many people to come to the fight as possible. Well, the Russians are the other kid on the playground. They’re not actually one of the kids fighting; they’re just trying to make it louder and bigger.

The Russians have actively engaged in trying to be able to stir up any kind of controversy, and elections are just one place that a democracy has controversy. Anywhere else they find controversy, they stir that just as much. But it’s easier around election times when Americans are making decisions and taking sides on their own. They do that on social media, but we also note from the Senate Intelligence Committee—and their excellent work on a bipartisan process but from the Mueller report as well—of what they were also trying to do to be able to reach into election systems.

21 different states had their election systems probed by the Russians. That means electronically, the Russians went in to be able to check in and see if the door was locked. If they found the door was locked and they couldn’t easily get into the system, they would move on and try to get to another state to see if they could find a way to get to it. The good news in this process is: the Russians were not able to get to a single election as far as affecting any of the votes. Through all of the investigations from every single state, from an intelligence investigation from our intelligence community and their investigations, from the FBI and from their work, and from the Mueller report, there were no votes that were changed. We know that. But we also know the Russians were looking and they were trying to find. And what they did find is access to voter databases. That tells us for the next election they’re looking to see if they can get to that again. 

So the lessons that we need to learn from this is as they do their spearfishing, as they try to be able to reach out to different election systems, to learn a lesson from that. Here’s what I think we can do in the days ahead and what we can have with our basic findings. We need to, as a nation, to be prepared for that, and there are a couple of ways we can do that that we have made very clear proposals to be able to take this on. Getting security clearances to each and every state. So if we discover something on the federal side and anyone in the intelligence community identifies there’s a problem, they can rapidly get to a state and say, ‘Are you aware of?’ That was not present in 2016.

We need to have points of contact between Department of Homeland Security and every Secretary of State in each state, so they can also maintain rapid security, not only just normal communication, but in a classified level as well. We need to have DHS have engagement with every state as they choose voluntarily and to engage with every single state and to say, ‘Would you like an additional layer of cyber protection?’ And if they choose to take that on as a state, which I can’t imagine a state would not, to be able to add an additional layer on top of their existing cyber protection.

But we also need to encourage states to be attentive to any vulnerabilities that they have in their election system. Now this is not something that we can do from the federal level. In the federal level, we don’t go choose states and counties and precincts how they do their election. That is a uniquely state responsibility. We have a different election system in Oklahoma than what they do in Louisiana and Texas and Kansas. Though they’re border states right around us, you would think we would all share and do it exactly the same. We don’t. And that is actually a strength to our system. The Russians can’t try to get into one system, hack into that, and get into the entire election system because states do it different across the country. But we do need to be attentive if any state has a vulnerable system. And right now the greatest challenge that we have are states that actually do a paperless voting system, where there is no way to be able to verify the accuracy of those votes.

If all the votes are done electronically, and some are done—for states that don’t do it like mine, we don’t do it that way, but some states do. In fact there are five states that do it that way—you’re basically walking up to an iPad, pushing different buttons, and then walking away. Now that all looks very clean. There is no threat like there was in 2016 hanging chads because you can see it there. The problem is: if there was a problem with that software, there would be no way to be able to verify that vote. In my state, you mark on a paper ballot, and you run it through an optical scan. At the end of Election Day, they count up all the things in the optical scan, the paper ballots are secured away. If there is a question about that machine and its count, we can go back and verify it. In other states they have a system that’s very similar to an iPad where you can kind of push your way through the buttons on it, do it all electronically, look at it, and when you decide this is exactly how I voted, push the final button, and it prints a paper receipt basically that is kept there. And then you can verify how you voted on the paper that’s stored in the machine and also look at it electronically. It’s very clean, very easy.

There are other places that they only use paper on it and count it all by hand because they’re rural areas. Any of those systems work. There’s no reason for the federal government to tell each state how to do their local elections, but we do need to encourage those states to have a system that they can go back and audit and verify. We don’t need to have anything at the end of Election Day that makes Americans doubt the strength of our democracy, nor the capability of our democracy to hold an election.

So here’s the basic recommendations that are coming from the Senate Intelligence Committee and I would concur on. States should continue to run elections. We do not need to federalize elections. We do not need to require federal certification for election machines. There’s no reason to play ‘mother may I’ with someone in Washington, DC, on how it works. States need to run their elections. But the federal government should always be there to assist states, to say, ‘If you have a question, if you want a second opinion, we can offer that.’

DHS should continue to create clear channels of communication between the federal government and appropriate officials at the state and local levels. Again, in 2016 when Jeh Johnson contacted state officials and said, ‘There is a problem with the election that’s coming,’ state election officials pushed him away and said, ‘We don’t know who you are, and we don’t know why you are calling us.’ We can’t ever have that again.

DHS should expedite security clearances for appropriate state and local officials. The intelligence community should work to declassify information quickly. The last time the warnings came out about Russian engagement in our election, it took over a year for states to learn it was Russians trying to reach in their system. That can never happen again. We should create on a national level voluntary guidelines on cybersecurity, best practices for public awareness campaigns, promote election security awareness, work through the US Election Assistance Commission, the National Association of Secretaries of State, the National Association of State Election Directors. All of them have a role and we should have active communication among each other and among DHS. And states should rapidly replace outdated, vulnerable election systems.

Now, I’ve had some folks say to me, ‘Well you know what? Those five states that don’t have auditable systems, they’re going to need federal assistance because it is going to be expensive.’ And that seems like a great argument unless you look at the 45 other states that have figured out how to do it without federal assistance. This argument that it’s going to take a billion dollars to be able to help those last five state do what the other 45 states have found a way to do without federal assistance just doesn’t wash with me. Those five states can do the same thing that the other five states have done and be able to have auditable, efficient election systems. We don’t want Russia, Iran, North Korea, or any domestic interference for that matter to come tamper with our elections in 2020. We need to be able to prove the accuracy of our elections, and it shouldn’t be a challenge to us in the days ahead.

We are eight months away from these elections. We need to complete what we have started. I do need to mention one thing. I am exceptionally proud of DHS and the work they did in 2018. There were no grand stories about election problems in 2018 because DHS officials worked tirelessly to be able to help states and to be able to walk alongside them. State Secretaries of states and local volunteers all around the country worked exceptionally hard to pay attention to the election issues. We cannot stop our focus on that. We need to be aware that the Russians don’t just do it once. They do it over and over again, as every one of our European allies can tell us. They’ll keep coming with misinformation, and they’ll keep coming to try to destabilize. We can be clear as well to be able to push back on this in the days ahead. 

Now, I have a bill called the Secure Elections Act that we worked on for a couple years that answers all of these questions. And I look forward to its passage. But in the meantime, I’m grateful DHS is paying attention to this, and I encourage them to continue to not only consider these recommendations but to continue to apply them.