Sec. 3908. Grants for obtaining compliant paper ballot voting systems and carrying out voting system security improvements
2,248 words·~10 min read·
/bill/118/hr/11/ih/section-3908A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Subtitle D of title II of the Help America Vote Act of 2002 ( 52 U.S.C. 21001 et seq. ), as amended by section 1302(c), is amended by adding at the end the following new part: The Commission shall make a grant to each eligible State— to replace a voting system— which does not meet the requirements which are first imposed on the State pursuant to the amendments made by the Voter Confidence and Increased Accessibility Act of 2023 with a voting system which— does meet such requirements; and in the case of a grandfathered voting system (as defined in paragraph (2)), is in compliance with the most recent voluntary voting system guidelines; or which does meet such requirements but which is not in compliance with the most recent voluntary voting system guidelines with another system which does meet such requirements and is in compliance with such guidelines; to carry out voting system security improvements described in section 298A with respect to the regularly scheduled general election for Federal office held in November 2024 and each succeeding election for Federal office; to implement and model best practices for ballot design, ballot instructions, and the testing of ballots; and to purchase or acquire accessible voting systems that meet the requirements of paragraph
(2)and paragraph (3)(A)(i) of section 301(a) by the means described in paragraph (3)(B) of such section. In this subsection, the term grandfathered voting system means a voting system that is used by a jurisdiction described in subparagraph (B)(ii) or (C)(ii) of section 301(d)(2). The amount of payment made to an eligible State under this section shall be the minimum payment amount described in paragraph
(2)plus the voting age population proportion amount described in paragraph (3). The minimum payment amount described in this paragraph is— in the case of any of the several States or the District of Columbia, one-half of 1 percent of the aggregate amount made available for payments under this section; and in the case of the Commonwealth of Puerto Rico, Guam, American Samoa, the United States Virgin Islands, or the Commonwealth of the Northern Mariana Islands, one-tenth of 1 percent of such aggregate amount. The voting age population proportion amount described in this paragraph is the product of— the aggregate amount made available for payments under this section minus the total of all of the minimum payment amounts determined under paragraph (2); and the voting age population proportion for the State (as defined in paragraph (4)). The term voting age population proportion means, with respect to a State, the amount equal to the quotient of— the voting age population of the State (as reported in the most recent decennial census); and the total voting age population of all States (as reported in the most recent decennial census). An eligible State shall use not less than 10 percent of funds received by the State under this section to purchase accessible voting systems described in subsection (a)(1)(D). A voting system security improvement described in this section is any of the following: The acquisition of goods and services from qualified election infrastructure vendors by purchase, lease, or such other arrangements as may be appropriate. Cyber and risk mitigation training. A security risk and vulnerability assessment of the State’s election infrastructure (as defined in section 3908(b) of the Voter Confidence and Increased Accessibility Act of 2023 ) which is carried out by a provider of cybersecurity services under a contract entered into between the chief State election official and the provider. The maintenance of infrastructure used for elections, including addressing risks and vulnerabilities which are identified under either of the security risk and vulnerability assessments described in paragraph (3), except that none of the funds provided under this part may be used to renovate or replace a building or facility which is not a primary provider of information technology services for the administration of elections, and which is used primarily for purposes other than the administration of elections for public office. Providing increased technical support for any information technology infrastructure that the chief State election official deems to be part of the State’s election infrastructure (as so defined) or designates as critical to the operation of the State’s election infrastructure (as so defined). Enhancing the cybersecurity and operations of the information technology infrastructure described in paragraph (4). Enhancing the cybersecurity of voter registration systems. For purposes of this part, a qualified election infrastructure vendor is any person who provides, supports, or maintains, or who seeks to provide, support, or maintain, election infrastructure (as defined in section 3908(b) of the Voter Confidence and Increased Accessibility Act of 2023 ) on behalf of a State, unit of local government, or election agency (as defined in section 3908(b) of such Act) who meets the criteria described in section 3908(b) of such Act. A State is eligible to receive a grant under this part if the State submits to the Commission, at such time and in such form as the Commission may require, an application containing— a description of how the State will use the grant to carry out the activities authorized under this part; a certification and assurance that, not later than 5 years after receiving the grant, the State will carry out voting system security improvements, as described in section 298A; and such other information and assurances as the Commission may require. Not later than 90 days after the end of each fiscal year, the Commission shall submit a report to the Committees on Homeland Security, House Administration, and the Judiciary of the House of Representatives and the Committees on Homeland Security and Governmental Affairs, the Judiciary, and Rules and Administration of the Senate, on the activities carried out with the funds provided under this part. There are authorized to be appropriated for grants under this part— $2,400,000,000 for fiscal year 2024; and $175,000,000 for each of the fiscal years 2026, 2028, 2030, and 2032. Any amounts appropriated pursuant to the authorization of this section shall remain available until expended. . The table of contents of such Act, as amended by section 1402(c), is amended by adding at the end of the items relating to subtitle D of title II the following: Part 8—Grants for Obtaining Compliant Paper Ballot Voting Systems and Carrying Out Voting System Security Improvements Sec. 298. Grants for obtaining compliant paper ballot voting systems and carrying out voting system security improvements. Sec. 298A. Voting system security improvements described. Sec. 298B. Eligibility of States. Sec. 298C. Reports to Congress. Sec. 298D. Authorization of appropriations. The Secretary, in consultation with the Chair, shall establish and publish criteria for qualified election infrastructure vendors for purposes of section 298A of the Help America Vote Act of 2002 (as added by this Act). The criteria established under paragraph
(1)shall include each of the following requirements: The vendor shall— be owned and controlled by a citizen or permanent resident of the United States or a member of the Five Eyes intelligence-sharing alliance; and in the case of any election infrastructure which is a voting machine, ensure that such voting machine is assembled in the United States. The vendor shall disclose to the Secretary and the Chair, and to the chief State election official of any State to which the vendor provides any goods and services with funds provided under part 8 of subtitle D of title II of the Help America Vote Act of 2002 (as added by this Act), of any sourcing outside the United States for parts of the election infrastructure. The vendor shall disclose to the Secretary and the Chair, and to the chief State election official of any State to which the vendor provides any goods and services with funds provided under such part 8, the identification of any entity or individual with a more than 5 percent ownership interest in the vendor. The vendor agrees to ensure that the election infrastructure will be developed and maintained in a manner that is consistent with the cybersecurity best practices issued by the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. The vendor agrees to maintain its information technology infrastructure in a manner that is consistent with the cybersecurity best practices issued by the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. The vendor agrees to ensure that the election infrastructure will be developed and maintained in a manner that is consistent with the supply chain best practices issued by the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. The vendor agrees to ensure that it has personnel policies and practices in place that are consistent with personnel best practices, including cybersecurity training and background checks, issued by the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. The vendor agrees to ensure that the election infrastructure will be developed and maintained in a manner that is consistent with data integrity best practices, including requirements for encrypted transfers and validation, testing and checking printed materials for accuracy, and disclosure of quality control incidents, issued by the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security. The vendor agrees to meet the requirements of paragraph
(3)with respect to any known or suspected cybersecurity incidents involving any of the goods and services provided by the vendor pursuant to a grant under part 8 of subtitle D of title II of the Help America Vote Act of 2002 (as added by this Act). The vendor agrees to permit independent security testing by the Election Assistance Commission (in accordance with section 231(a) of the Help America Vote Act of 2002 ( 52 U.S.C. 20971 )) and by the Secretary of the goods and services provided by the vendor pursuant to a grant under part 8 of subtitle D of title II of the Help America Vote Act of 2002 (as added by this Act). A vendor meets the requirements of this paragraph if, upon becoming aware of the possibility that an election cybersecurity incident has occurred involving any of the goods and services provided by the vendor pursuant to a grant under part 8 of subtitle D of title II of the Help America Vote Act of 2002 (as added by this Act)— the vendor promptly assesses whether or not such an incident occurred, and submits a notification meeting the requirements of subparagraph
(B)to the Secretary and the Chair of the assessment as soon as practicable (but in no case later than 3 days after the vendor first becomes aware of the possibility that the incident occurred); if the incident involves goods or services provided to an election agency, the vendor submits a notification meeting the requirements of subparagraph
(B)to the agency as soon as practicable (but in no case later than 3 days after the vendor first becomes aware of the possibility that the incident occurred), and cooperates with the agency in providing any other necessary notifications relating to the incident; and the vendor provides all necessary updates to any notification submitted under clause
(i)or clause (ii). Each notification submitted under clause
(i)or clause
(ii)of subparagraph
(A)shall contain the following information with respect to any election cybersecurity incident covered by the notification: The date, time, and time zone when the election cybersecurity incident began, if known. The date, time, and time zone when the election cybersecurity incident was detected. The date, time, and duration of the election cybersecurity incident. The circumstances of the election cybersecurity incident, including the specific election infrastructure systems believed to have been accessed and information acquired, if any. Any planned and implemented technical measures to respond to and recover from the incident. In the case of any notification which is an update to a prior notification, any additional material information relating to the incident, including technical data, as it becomes available. Not later than 1 year after the date of enactment of this Act, the Director of the Cybersecurity and Infrastructure Security Agency shall, in consultation with the Election Infrastructure Sector Coordinating Council, develop criteria for incidents which are required to be reported in accordance with subparagraph (A). In this subsection: The term Chair means the Chair of the Election Assistance Commission. The term chief State election official means, with respect to a State, the individual designated by the State under section 10 of the National Voter Registration Act of 1993 ( 52 U.S.C. 20509 ) to be responsible for coordination of the State’s responsibilities under such Act. The term election agency means any component of a State, or any component of a unit of local government in a State, which is responsible for the administration of elections for Federal office in the State. The term election infrastructure means storage facilities, polling places, and centralized vote tabulation locations used to support the administration of elections for public office, as well as related information and communications technology, including voter registration databases, voting machines, electronic mail and other communications systems (including electronic mail and other systems of vendors who have entered into contracts with election agencies to support the administration of elections, manage the election process, and report and display election results), and other systems used to manage the election process and to report and display election results on behalf of an election agency. The term Secretary means the Secretary of Homeland Security. The term State has the meaning given such term in section 901 of the Help America Vote Act of 2002 ( 52 U.S.C. 21141 ).
Connectionstraces to 4
Citation graph
cites case law
Sec. 3908
Grants for obtaining compliant paper ballot voting systems and carrying out voting system security improvements
Cites 4Cited by 0 across 0 sources