Waltz, Murphy Announce Legislation Requiring Public Alerts After Elections Infiltration

May 23, 2019
Press Release

Washington, D.C. -- On Thursday, U.S. Reps. Stephanie Murphy, D-Fla., and Michael Waltz, R-Fla., announced plans to introduce bipartisan legislation requiring federal officials to alert Congress, state officials and the public when election systems are hacked.

The Achieving Lasting Electoral Reforms on Transparency and Security Act (ALERTS Act) follows reports revealing Russian military intelligence officers gained access to the computer network of two Florida counties in the run-up to the 2016 U.S. election and the FBI’s subsequent refusal to release this information in a timely manner or to confirm the infiltrated counties.

“It’s been a week since our meeting with the FBI and the names of the two infiltrated Florida counties still haven’t been publicly identified,” Waltz said. “The FBI’s notification protocol is inadequate and unacceptable. If we are going to have any success securing our elections, we need to know immediately whether or not an elections system has been compromised — and most importantly, the voters need to know too.”

“It is unacceptable that the Russians know which systems were hacked and not the Americans affected,” said Murphy. “When federal officials determine unauthorized users gain access to an elections system, local officials and the public have a right to know so they can respond. These alerts will empower voters to verify their information was not compromised, while also raising awareness about these critical cyber vulnerabilities. As a former national security specialist, strengthening the security of our elections, especially from foreign adversaries, will continue to be one of my top priorities.” 

Under the proposal, federal officials would be required to promptly alert appropriate state and local officials and Members of Congress if there is credible evidence of an unauthorized intrusion into an election system and a reasonable basis to believe such intrusion could have resulted in voter information being altered or otherwise affected. The bill would also require state and local officials to alert potentially affected voters of such an intrusion.

The bill does, however, create a narrow exception to public alerts, such as if federal officials determine that notification would compromise intelligence sources or methods or cause harm to an ongoing investigation.

Murphy and Waltz said they will push for committee hearings on the bill as soon as possible.  

“As we approach the primary and general elections of 2020, time is of the essence," they said. "We must move with deliberate speed to shore up the cyber defenses of our elections systems to prevent another attack on our democracy."

In March 2019, the Mueller Report concluded Russian military intelligence officers sent spearphishing emails to over 120 email accounts used by Florida county elections officials in the months leading up to the 2016 election. This operation “enabled [Russian military intelligence officers] to gain access to the network of at least one Florida county government.”

Earlier this month, Murphy and Waltz, both former national security specialists at the Pentagon, requested a classified briefing by the U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) for the Florida congressional delegation on the nature and extent of the Russian government’s efforts to interfere in Florida during the 2016 presidential election. Following the briefing on May 16, federal officials informed Murphy and Waltz Russians infiltrated a second county but officials did not authorize them to disclose the information on counties’ names due to its classified nature.