[House Hearing, 116 Congress]
[From the U.S. Government Publishing Office]
EXPLORING THE FEASIBILITY AND SECURITY
OF TECHNOLOGY TO CONDUCT REMOTE
VOTING IN THE HOUSE
=======================================================================
HEARING
BEFORE THE
COMMITTEE ON HOUSE
ADMINISTRATION
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTEENTH CONGRESS
SECOND SESSION
__________
JULY 17, 2020
__________
Printed for the use of the Committee on House Administration
[GRAPHC NOT AVAILABLE IN TIFF FORMAT]
Available on the Internet:
http://www.govinfo.gov/committee/house-administration
__________
U.S. GOVERNMENT PUBLISHING OFFICE
41-953 PDF WASHINGTON : 2020
--------------------------------------------------------------------------------------
Committee on House Administration
ZOE LOFGREN, California, Chairperson
JAMIE RASKIN, Maryland RODNEY DAVIS, Illinois,
SUSAN A. DAVIS, California Ranking Member
G. K. BUTTERFIELD, North Carolina MARK WALKER, North Carolina
MARCIA L. FUDGE, Ohio BARRY LOUDERMILK, Georgia
PETE AGUILAR, California
C O N T E N T S
----------
JULY 17, 2020
Page
Exploring the Feasibility and Security of Technology to Conduct
Remote Voting in the House..................................... 1
OPENING STATEMENTS
Chairperson Zoe Lofgren.......................................... 1
Prepared statement of Chairperson Lofgren.................... 10
Hon. Rodney Davis, Ranking Member................................ 14
Prepared statement of Ranking Member Davis................... 17
WITNESSES
Hon. Cheryl L. Johnson, Clerk of the U.S. House of
Representatives................................................ 22
Prepared statement of Hon. Johnson........................... 24
Newt Gingrich, Former Member and Speaker of the House, U.S. House
of Representatives............................................. 27
Prepared statement of Mr. Gingrich........................... 29
William Crowell, Partner, Alsop Louie Partners................... 33
Prepared statement of Mr. Crowell............................ 35
Jon Green, Vice President and Chief Security Technologist, Aruba
Networks....................................................... 39
Prepared statement of Mr. Green.............................. 41
Dr. Ronald L. Rivest, Institute Professor, Massachusetts
Institute of Technology........................................ 45
Prepared statement of Dr. Rivest............................. 47
Dr. Aviel Rubin, Professor and Technical Director, Information
Security Institute, Johns Hopkins University................... 50
Prepared statement of Dr. Rubin.............................. 52
Dr. David Wagner, Professor of Computer Science, University of
California, Berkeley........................................... 54
Prepared statement of Dr. Wagner............................. 56
QUESTIONS FOR THE RECORD
Hon. Cheryl L. Johnson, Clerk of the U.S. House of
Representatives, answers to submitted questions................ 75
Jon Green, Vice President and Chief Security Technologist, Aruba
Networks, answers to submitted questions....................... 79
Dr. Ronald L. Rivest, Institute Professor, Massachusetts
Institute of Technology, answers to submitted questions........ 82
Dr. Aviel Rubin, Professor and Technical Director, Information
Security Institute, Johns Hopkins University, answers to
submitted questions............................................ 84
Dr. David Wagner, Professor of Computer Science, University of
California, Berkeley, answers to submitted questions\1\........ 86
SUBMISSIONS FOR THE RECORD
Electronic Vote Recorder, Patent No. 90,646, Thomas A. Edison.... 4
Letter, Daniel Schuman, Policy Director, Demand Progress and Zach
Graves, Head of Policy, Lincoln Network........................ 87
----------
\1\ Dr. Wagner did not answer submitted questions for the record by the
time of printing.
EXPLORING THE FEASIBILITY AND SECURITY OF TECHNOLOGY TO CONDUCT REMOTE
VOTING IN THE HOUSE
----------
FRIDAY, JULY 17, 2020
House of Representatives,
Committee on House Administration,
Washington, DC.
The Committee met, pursuant to call, at 1:03 p.m., via
Webex, Hon. Zoe Lofgren Chairperson of the Committee presiding.
Present: Representatives Lofgren, Raskin, Davis of
California, Butterfield, Fudge, Aguilar, Davis of Illinois,
Walker, and Loudermilk.
Staff Present: Jamie Fleet, Staff Director; Khalil Abboud,
Deputy Staff Director; Dan Taylor, General Counsel; Brandon
Jacobs, Legislative Clerk; Matthew Schlesinger, Oversight
Counsel; Peter Whippy, Communications Director; David Tucker,
Senior Counsel & Parliamentarian; Jen Daulby, Minority Staff
Director; Tim Monahan, Minority Deputy Staff Director; and Cole
Felder, Minority General Counsel.
The Chairperson. The Committee on House Administration will
come to order, and I have a gavel.
I would now like to call the roll so that we will know that
we have a quorum present. First, I am here.
I will ask, Mr. Davis, are you present?
Mr. Davis, I see you. Say ``here.''
Mr. Davis of Illinois. Yes, I am present. I had to get to
unmute.
The Chairperson. Okay. Mr. Raskin.
[No response.]
The Chairperson. He is not present.
Mr. Walker of North Carolina?
[No response.]
The Chairperson. Not present.
Mrs. Davis of California.
Mrs. Davis of California. Present.
The Chairperson. Mr. Loudermilk of Georgia.
Mr. Loudermilk. Present.
The Chairperson. Mr. Butterfield of North Carolina.
Mr. Butterfield. Present.
The Chairperson. Ms. Fudge of Ohio.
Ms. Fudge. Present.
The Chairperson. Mr. Aguilar of California.
Mr. Aguilar. Present.
The Chairperson. So a quorum being present, I would like to
thank the Members of the Committee and our witnesses----
Mr. Davis of Illinois. Madam Chair.
The Chairperson. Yes.
Mr. Davis of Illinois. Just a quick point of order. I do
know Mark Walker is on. So, for the initial period of
attendance, he is here. He is having difficulty with the video.
So I think the team is working on the video for him.
The Chairperson. Very good. We will note that for the
record.
Mr. Davis of Illinois. Thank you.
The Chairperson. We are holding this hearing in compliance
with the regulations for remote committee proceedings pursuant
to House Resolution 965. Section 5 of House Resolution 965
requires this Committee to ``study the feasibility of using
technology to conduct remote voting in the House,'' and ``to
provide certification to the House upon a determination that
such operable and secure technology exists to commit remote
voting in the House.''
Today's hearing will explore the technological and security
issues surrounding remote voting and will inform our study of
these issues.
As we begin, I want to remind all our members and
participants of a few things that will help us navigate this
platform. We are holding this hearing in compliance with the
regulations for remote committee proceedings pursuant to the
resolution. However, the fundamental nature of the hearing and
our rules are unchanged.
Generally, the Committee will keep microphones muted to
limit background noise. When we meet in person, in our
Committee room, members need to unmute themselves when seeking
recognition or when recognized for their five minutes.
Witnesses will also need to unmute themselves when recognized
for their five minutes or when answering a question.
Members and witnesses, please keep your cameras on at all
times. If you need to step away for a moment during the
proceedings, please leave your cameras on and do not leave the
meeting within the Webex platform.
And at this time, I ask unanimous consent that all members
have five legislative days to revise and extend their remarks
and that any written statements be made part of the record.
And, hearing no objection, that is so ordered.
This is our first virtual full Committee hearing, and it is
fitting that I am joining you from Silicon Valley. In recent
months, the House has made important use of new technology,
including virtual hearings, to continue operations during the
COVID pandemic. These advances are particularly noteworthy
because, as an institution, the House has not always been quick
to adopt technology to its legislative procedures.
A young inventor once observed that what he called ``the
enormous waste of time in Congress,'' spent taking roll call
votes. So that 21-year-old invented an electronic system that
would permit instantly and accurately recording Members' votes
``thus avoiding loss of valuable time consumed in counting and
registering the votes and names,'' and saving time for more
important, substantive legislative business.
But when he presented his idea to Congress, he was told it
would impair the ability of the minority to influence
legislation. So that Electrographic Vote Recorder and Register
described in the first of more than 1,000 patents that Thomas
Edison was issued was essentially ignored by Congress.
I would ask unanimous consent to enter Mr. Edison's patent
No. 9646 into the record.
And, without objection, so ordered.
[The information follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. It would take another 20 years for anyone
to introduce the first bill to permit a form of electronic
voting. By the time the House took its first electronic vote in
1973, more than a century had passed since Edison first
suggested the idea. It also took more than 40 years from the
time Members of the House first appeared on live television to
the time when cameras were allowed to broadcast live
proceedings on the House floor.
It is not unusual for any institution steeped in history
and precedent to resist change. That was the case for the House
when it came to advances like electronic voting and televising
our proceedings, both of which we take for granted today.
But we can't afford that attitude today in the face of the
COVID crisis. That is why the House recently passed a
resolution to ensure that we can continue to govern during the
coronavirus pandemic. The resolution authorized new ways to
conduct our legislative business.
For example, the House authorized remote committee
proceedings like this one. The House also authorized remote
directed proxy voting on the floor. And the House directed
further study of a third possible tool: remote voting. That
review is the purpose of today's hearing.
In some respects, these are new tools for governing, but
they are within our authority to implement, and they are not
intended to replace our regular order. To the contrary, they
represent prudent and responsible steps to ensure that the
House can continue to lead during this crisis. As the
resolution makes clear, they are intended to be used only
during extraordinary circumstances. There can be no doubt that
these are extraordinary times.
Our Nation and the world continue to grapple with the
devastating spread of a historic pandemic, and the spread of
the disease in the United States is worsening. Today, more than
3.5 million Americans have been confirmed to have COVID. That
is a greater number than the population of 21 individual
States.
More Americans have died in the last few months from COVID
than were killed in all military conflicts U.S. has fought
since World War II combined. Plus, because of the continuing
problems with access to testing, we don't know for sure how
many Americans have actually contracted the virus, but the
experts believe the actual figure could be as high as 20
million.
We are still learning about how highly contagious this
deadly virus is and how it is spread, what steps can be taken
to mitigate its further spread. New reports have suggested that
the immunity gained by those who recover from COVID could be
short lived.
As bad as things already are, cases are continuing to rise
in more than 40 States. This week, the Director of the Centers
for Disease Control and Prevention, Dr. Redfield, said he
believes that ``The fall and winter of 2020 and 2021 are going
to be probably one of the most difficult times that we have
experienced in American public health.''
This crisis demands legislative action and oversight and
the continued work of the Congress, and it also means that we
have a responsibility to the institution and the American
people to explore additional ways to be able to continue work
in the face of the pandemic.
Consider the alternative: In a number of States outbreaks
among State legislators have impacted the ability to conduct
State business. In Mississippi this week, more than 40
legislators and staff, including at least 30 members, have
tested positive for the disease. The Speaker of the House and
the Lieutenant Governor, who presides over the Senate, are both
positive. That has left the State government in limbo with
significant pending business unfinished. In several other
States, tragically, legislators have died.
Here in Congress, nearly 60 Members have publicly disclosed
that they tested positive, self-quarantined, or had otherwise
come in contact with someone who was positive. At one point at
the same time, at least 22 Members of the House had either
tested positive, were presumed positive, or were in self-
quarantine because of someone who they had been exposed to who
was positive.
That is in addition to the scores of other institutional
leg branch staff who contracted COVID, including personnel from
the Capitol Police, the Architect of the Capitol, the GPO, and
others.
I am mindful that many people are putting themselves at
risk by working on the front lines every day, from doctors and
nurses, to police officers, firefighters, and paramedics, to
transit workers and truck drivers, among others.
As the daughter of a truck driver and a school cafeteria
cook, I deeply appreciate everything people in many critical
lines of work are doing to support their communities and the
country, even at risk to their own health. However, we in
Congress have an option that most of these vital frontline
workers do not have: we can do our work remotely in a safe,
secure, online format.
We have already taken a number of significant steps to do
that. In just two months, the House has held 29 votes, which
included remote directed proxy votes. These votes have produced
legislation signed into law by the President. House committees
have held more than 86 committee hearings and markups.
These events have included more than 185 hours of
testimony, questions, statements, and debate. Of those
committee events, 78 were hearings, and of those hearings, 49
were fully remote, 29 were hybrid, during which some Members
were in Washington while others participated remotely.
More than 226 individuals have provided testimony as
witnesses in remote or hybrid hearings. In addition, in April,
the Speaker directed the creation of an all-electronic--hopper
to permit the virtual submission of all floor documents,
including bills, resolutions, cosponsors, and extension of
remarks, via a dedicated and secure email system. Since the
policy took effect, 1,307 measures have been filed
electronically while just 51 were filed using the old process.
And in my capacity as chairperson of the Joint Committee on
Printing, I directed the GPO to accept for publication in the
Congressional Record extensions of remarks submitted with the
Member's electronic signature. Under this new, more convenient
system, Members have filed 897 extensions of remarks by email.
All of these are remarkable changes in the history of the
institution. We have acted swiftly to use technology because
when we maximize our remote work, we minimize needless exposure
of everyone who works on Capitol Hill, and that includes the
Capitol Police, the cleaning staff, other institutional staff,
the press, legislative staff, and Members.
Virtual and hybrid committee events have been, by and
large, very successful. Although there have been some
relatively small number of technical issues, in considering
these, it is important to keep in mind that expanding use of
virtual or remote congressional activity where appropriate
ensures that we can continue to act in a manner that is safe
for the legislative branch workforce while also preserving
precious testing equipment and supplies for frontline workers
who don't have jobs that can be performed remotely.
The highest levels of all three branches of our Federal
Government have recognized the need to adapt our work in the
21st century and that we can do so in a safe, secure, and
transparent way.
In addition to the changes we have made in the House, the
Senate has held numerous virtual hearings. The Supreme Court,
which long resisted modest attempts to increase transparency
and public access to its proceedings, has heard oral arguments
by conference call.
These important cases involve critical congressional
oversight prerogatives, and for its part, the executive branch
has recognized the legitimacy of these proceedings by
participating in virtual or remote proceedings, both Chambers
of Congress, and the Supreme Court.
Now, as I mentioned, I represent Silicon Valley, which has
become synonymous around the world for technology and the
spirit of innovation. We in Congress must adopt the
entrepreneurial spirit and openness to new technology that made
my community a global leader and apply it to the procedural and
logistical challenges we face in our legislative operations, as
well as to strategy to respond to and overcome the coronavirus.
Remote voting could be another powerful tool to permit the
House to continue its work. The Committee on Rules has already
had significant discussions about the constitutional basis and
foundation for using technology to bolster legislative
operations during the pandemic. So that is not the focus of
this Committee hearing today.
Our purpose is to assess the specific issue of the
feasibility of using technology to conduct remote voting in the
House.
With that in mind, I look forward to hearing from our
esteemed panel of witnesses.
I would now like to recognize our Ranking Member, Rodney
Davis, for his opening statement.
[The statement of the Chairperson follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
Mr. Davis of Illinois. Thank you, Madam Chairperson.
This is a great opportunity for us to--let me get my audio
stuff taken care of here. I apologize.
Chairperson, thank you for holding today's hearing. I
appreciate hearing from the Majority about the different
provisions that the House has passed already to deal with the
coronavirus. We came together for four very important bills
that dealt with saving our economy, making sure that we allowed
small businesses to survive and sustain themselves during this
pandemic.
But the provisions that were put in place, as was mentioned
by the Chairperson, were not done by the House as a whole; they
were done by the Majority. Remote voting is being discussed
because it is a provision that was recommended by the Majority
in the House only. There are many of us who have concerns with
the provisions that are in place for proxy voting and for
remote and hybrid hearings.
And I appreciate, though, today that we are going to
discuss the feasibility of remote voting because, regardless of
our concerns, we have to make sure that we debate the merits of
any provisions, even if they are pushed through by only the
Majority. I think this is an important conversation. I hope the
transparent process continues before the Majority decides to
move forward with implementation.
I would like to welcome all of our witnesses, especially
former Speaker Gingrich. I believe the Speaker offers a unique
perspective, and I do appreciate his willingness to
participate. I hope with the long opening statements, Mr.
Speaker, that this is not a delay game since you are across the
Atlantic Ocean and on a different time schedule, but stick with
us. I think America needs to hear what you are going to say on
this issue.
But before we discuss the possibility of remote voting, I
think it is important to lay out where we are now, how we got
to this point, and the process that has driven the operational
decision making of this institution during the COVID-19
pandemic.
When this coronavirus began spreading across our country
and the rest of the world, we knew it was only a matter of time
until we would be impacted in the people's House. In March,
there was a bipartisan effort to quickly transition thousands
of staff to telework. That was an enormous lift and only made
possible through the tireless work of the Chief Administrative
Officer, which I must add, didn't exist until Speaker Gingrich
was Speaker of the House, and then also the Sergeant at Arms
offices.
And I would like to thank Chairperson Lofgren for working
in a very bipartisan way to make that happen. Then the
conversation turned to additional procedural changes that would
be required for the House to continue to operate. These efforts
did not incorporate bipartisan input.
On March 23rd, Democrats released a report concluding
remote voting in any form would almost certainly cause
unintended consequences if not done with adequate forethought
and discussion, and change cannot be implemented overnight and
likely cannot be accomplished in time to address the current
crisis.
Well, despite this and without any public hearings or
bipartisan support, the majority passed H. Res. 965 on May
15th, which authorized proxy voting, remote committee
proceedings, and authorized remote voting pending a
certification from Chairperson Lofgren.
Since the implementation of H. Res. 965, 572 proxy votes
have been cast on the House floor, dozens of virtual hearings
and markups, and a lawsuit filed in Federal court on the
grounds that proxy voting is unconstitutional.
During today's hearing, we will hear lots of discussion on
IT capabilities that can support remote voting, the types of
requirements that a system should have to safeguard against
threats, and examples of entities already using remote voting.
Four months before this hearing, when it became apparent
the direction of the Democratic majority and where they were
heading, I directed my team to formally engage with the GAO to
better understand remote voting technologies. This engagement
has been productive, and I am confident that there is a
technology that exists to support remote voting.
I also have confidence in the Clerk and her staff's ability
to execute if directed.
What I am concerned about is that the House seems to be in
a very reactionary posture with sweeping changes being made
with little consideration around longer-term impacts.
We have already seen numerous hearings and markups
disrupted by technical difficulties, resulting in the nature of
those proceedings changing; fewer standalone amendments being
made in order for floor consideration; increased usage of en
bloc amendment packages at committee hearings and on the floor;
and dozens of examples of Members from both parties not
following the prescribed regulations with no consequences. No
one can say with a straight face that these trends are a good
thing or that the quality of the deliberative process that is
the hallmark of the House hasn't been sacrificed.
Over the last six months, we have seen essential workers
across our Nation step up, make sacrifices, and take on risk,
all in the name of our collective well-being. I know the
grocery store clerks, the truck drivers, farmers, healthcare
workers, like my wife, and first responders in my district
expect their elected leaders to have the same willingness and
patriotic duty to make sacrifices just as they do every shift.
Americans look to their elected leaders to set an example,
and they don't appreciate Congress skipping out on their duties
to attend events across their States that seem more desirable
than the difficult task of governing during a pandemic.
As our country continues to be impacted by the coronavirus,
the example I want to set is that we stand side by side with
the essential workers of this country, and I don't believe that
can be done solely behind a computer screen and over emails.
We have debated scenarios like this before, and Members who
are unable to travel can submit statements to the Congressional
Record. And we have a rule that this Majority adopted at the
beginning of this Congress that allows for a quorum to be
adjusted in an emergency.
I will end with a quote from the U.K.'s House of Commons
leader, Jacob Rees-Mogg, who recently announced they will be
scaling back their virtual Parliament. He said: Rather than
suffering the depredations of the muted, hybrid Parliament, we
are once again talking to each other in ways impossible when we
were scattered to the four winds. Rather than wading through
the treacle of the hybrid proceedings, we are once again fleet
afoot and dancing a legislative quickstep.
And, Madam Chair, I am glad you didn't ask me to dance
here, but thank you, and I yield back.
[The statement of Mr. Davis of Illinois follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. The gentleman yields back.
Without objection, other Members of the Committee may have
their opening statements included in the record.
I would now like to introduce each member of our panel.
Each of our witnesses will be recognized for five minutes, and
I will remind our witnesses that their entire written
statements will be made part of the record.
Also, please note that there should be a timer on your
screen. Please be sure that you can see the timer and are
mindful of the five-minute limit. I don't have a heavy gavel,
but we do hope to keep within the five minutes.
Let me introduce our witnesses. First, we have Cheryl
Johnson, who is the 36th individual to serve as Clerk of the
United States House of Representatives. As Clerk, Ms. Johnson
has a variety of legislative, ceremonial, administrative, and
preservation responsibilities. These responsibilities include
but are not limited to certifying passage of House bills and
resolutions, maintaining the electronic voting system, and
retaining a permanent set of the books and documents generated
by the House.
Before being sworn in as Clerk in February of 2019, Ms.
Johnson worked for nearly 20 years in the House and 10 years at
the Smithsonian Institution.
Next, we have Representative Newt Gingrich. Mr. Gingrich
served as Speaker of the House in the 104th and the 105th
Congresses. He was first elected to the House in 1978 and
represented Georgia's Sixth District from 1979 until 1999.
Mr. Gingrich has served as a member of the Defense Policy
Board and was a candidate for the Republican Presidential
nomination during the 2012 election. He has also written 36
books. He serves as a distinguished visiting scholar and
professor at the National Defense University.
I would note that he is joining us from Rome today, and
welcome. I know it is about 7:30 p.m. your time. So we
appreciate this. And I just--as a personal note, I would note
that my very first day as a Member of Congress was the day that
you became Speaker of the House. So welcome. It is good to see
you again.
Bill Crowell is an expert in information technology,
security, and intelligence systems. He is the former Deputy
Director of the National Security Agency and was appointed to
this position after serving as Deputy Director of Operations.
After his service at the NSA, Mr. Crowell moved to the
private sector and served as CEO of Cylink Corporation, a
public e-business security solution company, and Chairman of
BroadWare Technologies, a video surveillance software company.
He also served as Chairman of the Director of National
Intelligence Senior Advisory Group from 2007 to 2014 and
currently sits on the Department of Homeland Security Science
and Technology Advisory Board.
Jon Green is a vice president and the chief technologist
for cybersecurity and government solutions at Aruba Networks, a
Hewlett Packard Enterprise Company. In this role, he is
responsible for providing technology guidance and leadership
for all security solutions, including authentication and
network access control, encryption, firewall, and VPN.
He works closely with the U.S. Government on secure network
and remote access solutions and manages both Aruba's Product
Security Response Team and its Threat Lab, an internal security
research group.
Dr. Ron Rivest is an institute professor at the
Massachusetts Institute of Technology. He is widely known as
coauthor of the textbook ``Introduction to Algorithms'' and as
coinventor of the RSA public-key cryptosystem. He is also a
cofounder of both RSA and Verisign.
An expert in election security and cryptography, Dr. Rivest
is a recipient of the ACM Turing Award, the BBVA Frontiers of
Knowledge Award, and a Marconi Prize. He has served on the
Election Assistance Commission's Technical Guidelines
Development Committee and is a member of the Caltech/MIT Voting
Technology Project, as well as the Board of Verified Voting.
Dr. Aviel Rubin is a professor of computer science at Johns
Hopkins University, where he also serves as technical director
of the Information Security Institute. Dr. Rubin is an expert
in computer security and applied cryptography and was among the
first to expose the vulnerabilities of electronic voting in his
book ``Brave New Ballot: The Battle to Safeguard Democracy in
the Age of Electronic Voting.''
Dr. Rubin has briefed Congress and the Department of
Defense on election tampering and other national security
issues. He served as director and principal investigator for
the National Science Foundation's Center for Correct, Usable,
Reliable, Auditable, and Transparent Elections, otherwise known
as the ACCURATE Center.
Dr. David Wagner is a professor of computer science at UC
Berkeley, where he has worked on electronic voting, software
security, wireless security, sensor network security, and
applied cryptography. He is a part of Berkeley's security
research group and is also an active member of the ACCURATE
Center.
Dr. Wagner has developed quite a bit of software, including
tools to help with the auditing of elections. In addition to
his duties as a professor, Dr. Wagner currently sits on the
editorial board for the Journal of Election Technology Systems
and is part of the Science of Security Project.
These are distinguished witnesses, and we are eager to hear
from them.
So I will first recognize Ms. Johnson for your testimony of
about 5 minutes. Welcome.
STATEMENTS OF THE HONORABLE CHERYL L. JOHNSON, CLERK OF THE
U.S. HOUSE OF REPRESENTATIVES; NEWT GINGRICH, FORMER SPEAKER OF
THE HOUSE; WILLIAM CROWELL, PARTNER, ALSOP LOUIE PARTNERS; JON
GREEN, VICE PRESIDENT AND CHIEF SECURITY TECHNOLOGIST, ARUBA
NETWORKS; RONALD L. RIVEST, INSTITUTE PROFESSOR, MIT COMPUTER
SCIENCE AND ARTIFICIAL INTELLIGENCE LAB; AVIEL RUBIN, PROFESSOR
AND TECHNICAL DIRECTOR, THE JOHNS HOPKINS UNIVERSITY
INFORMATION SECURITY INSTITUTE; AND DAVID WAGNER, PROFESSOR,
COMPUTER SCIENCE DIVISION, UNIVERSITY OF CALIFORNIA, BERKELEY.
STATEMENT OF THE HONORABLE CHERYL L. JOHNSON
Ms. Johnson. Thank you. Good afternoon. Chairperson
Lofgren, Ranking Member Davis, Members of the Committee, thank
you for inviting me to participate in this hearing on such a
critical topic.
Since 1789, the Office of the Clerk has supported the
legislative functions of the U.S. House of Representatives. The
Clerk maintains the House Journal, certifies the passage of
legislation, verifies the accuracy of each individual vote,
records the vote, tallies the vote, and transmits the results
to the public.
After 181 years of manual voting, the House passed the
Legislative Reorganization Act of 1970, authorizing electronic
voting. And while the bill was passed in 1970, it was another 3
years before the system was developed and put into use. That
system, the Electronic Voting System, or EVS, is a real-time,
computerized information system. EVS resides on its own private
air-gapped network, separated from the House network, which
affords it a very high level of security.
The voting procedures are as follows: Voting stations are
distributed throughout the Chamber and equipped with a vote
card slot, voting buttons, and a system readiness indicator.
Each Member who chooses to vote electronically does so by
inserting a personalized voting card into a voting station and
selecting a voting button to cast their vote. Voting results
are displayed on screens in the House Chamber.
In 2018, all of the voting stations were upgraded with the
latest proximity card reader technology and new capability to
assist visually impaired Members. An LED display was added to
provide additional vote confirmation to Members directly on the
vote station. We also implemented a new network architecture
for greater security and flexibility for future expansions.
I am confident that, as the House looks to our office to
inform and implement the critical decisions it will make in the
coming months and years to preserve and protect the legislative
process, we will rise to the occasion.
Recently, pursuant to House Resolution 965, the House
allowed its first proxy vote. On our website, we post the
letters which designate who holds the proxy for the Member
voting by proxy. Our staff worked long and hard to ensure a
successful implementation. To date, we have held 29 votes with
proxies without incident.
The topic you are discussing today and moving forward is of
great importance. However the House decides to proceed on how
it conducts voting, our office will be prepared to advise on
the associated costs, benefits, and challenges, and we will be
prepared to implement whatever decisions are made to ensure the
continuity of this irreplaceable institution.
If the House chooses to pursue remote voting, we will need
to perform an exhaustive review of the requirements, available
technology, design options, and, once developed, a very
thorough testing to ensure its highest level of security,
reliability, and availability.
It is critical that we ensure complete confidence of the
Members and the public in the way House votes are recorded. As
with the initial development of the EVS and with each past
upgrade, it will be critical to take the necessary time to
implement any remote voting system correctly and securely.
The mission of the Clerk's Office is to support the House
in carrying out its legislative responsibilities, and I am
committed to these duties with maximum integrity and
reliability.
Thank you, and I look forward to your questions.
[The statement of Ms. Johnson follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much. It is great to hear
from you.
Now, I would like to recognize our former Speaker.
Mr. Gingrich, we are looking forward to hearing your
testimony. You may need to unmute. Can somebody unmute Mr.
Gingrich?
Mr. Gingrich. I think I am now unmuted.
The Chairperson. There you are. We can hear you.
STATEMENT OF NEWT GINGRICH
Mr. Gingrich. Okay. Sorry. Let me just say, first of all,
thank you, Chairperson Lofgren, and I want to thank Ranking
Member Davis. I served for a decade on the House Administration
Committee. So it is kind of fun to be back and be part of this
process.
I think learning by video is very good and very useful. I
think trying to govern by video is a disaster. And the key
factor is not going to be all the technology we hear about
today. The key factor is how human beings learn and the pattern
of the collective dialogue which makes up a legislative body
and how, over time, its Members become collectively smarter by
interacting with each other.
The Founding Fathers were virtually all members of
legislatures before they created the United States, and they
believed in the legislature. In fact, if you look at the
Constitution, the legislative branch is first and has a long
section devoted to the House and Senate before they get around
to the executive branch.
The Federalist Papers make very clear that they thought a
legislative parliament meeting on a regular basis was a key to
protecting freedom. And the reason they thought that is that
they had studied carefully the rise of Cromwell as a dictator
during the English civil war, and they were very frightened
that an executive branch that didn't have a vigorous
legislative body would always be a danger and a threat to our
freedom.
So their view was that you had to have people who got
together regularly; they had to bond together; they had to be
prepared to do things, to learn from each other, and to
communicate. I remember, when I used to be on the House floor,
during the course of one or two votes, you could see 8, 10, 12,
15 different people, learn about things all across the country.
So I want to emphasize from my part--not the technology.
You will hear a lot about technology today--although with all
the various hacking, I would be worried about it. But I don't
worry about technology. I worry about history and the nature of
human institutions, and I think they require us to physically
be together regularly.
I would just say that I think there are three severe
consequences of going to any kind of remote system. The first,
as a former Speaker who has been accused on occasion of being
very powerful, I think when everybody else is out of town, the
Speaker and their staff become virtually a dictatorship because
they have all the power; they have all the ability to deal with
the executive branch, to deal with the Senate, and I think it
puts the average Member at an enormous disadvantage.
Second, the individual Members are isolated. Oh, they may
communicate back and forth, but there is an enormous biological
power in people being physically together. And that is why I
want to emphasize, if you study history, going back to the
Greeks, the Romans, coming up through the Middle Ages, you will
see why the rise of legislative bodies, whether it was the
Roman Senate or it was the British Parliament, why these
institutions always involve people coming into a room, meeting
with each other, bonding, sharing ideas, and it is a very
simple thing.
I think, third, the legislation will be less well thought
through. There is an enormous power to the legislative process
as it improves, as different Members bring in ideas, as
different people find things that are wrong. That process
really matters, and the legislative product gets to be
dramatically better the more there is a systemic legislative
process. And I think that the natural pattern of having remote
voting will be to dramatically weaken that process.
Lastly, I guess, I want to challenge what I sense is an
absurd level of fear. Because Callista is the Ambassador of the
Vatican, I have been living in Rome. We have lived through the
pandemic. Italy closed down. There was a crisis comparable to
New York City. But I am very worried by the level of fear that
I sense in the United States and this sense of danger.
You know, we used to say--we used to sing, ``We are the
land of the brave and the home of the free.'' I sense we are
beginning to be the land of the timid and the home of the
fearful. And I recently wrote Franklin Delano Roosevelt's great
admonition that we have nothing to fear but fear itself.
I think the idea that politicians are too precious to come
together at a time--as you pointed out, Chairperson Lofgren,
truck drivers, people who run grocery stores, people who work
in restaurants, the number of Americans every day who are going
about their business--you can be prudent. You can wear masks.
You can have social distancing. But this idea that the current
challenge leads us into a radical disruption of 3,000 years of
legislative history I think is a very, very sad commentary on
the American system. Politicians are not more important than
truck drivers. They are not more important than nurses, or they
are not more important than, frankly, people who work in a
restaurant or at a Walmart or at a grocery store.
So I wish you would drop this sense of panic, relax, figure
out how to get together in a healthy way and show the country
by example that we can, in fact, function even under this
challenge. Thank you for giving me a couple seconds more than
my time.
[The statement of Mr. Gingrich follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you, Mr. Gingrich.
We will now hear from Bill Crowell.
Mr. Crowell, you are recognized for your testimony. You
need to unmute your microphone.
STATEMENT OF WILLIAM CROWELL
Mr. Crowell. Thank you very much, Chairperson Lofgren. It
is a pleasure to be with the Committee, and I appreciate the
opportunity. My name is Bill Crowell, and I am testifying today
as a private citizen and not on behalf of any entity.
I think that it is reasonable to parse the challenges
associated with remote voting into four major categories: The
first, videoconferencing systems with the right functionality
and superiority. The second, voting systems with verification
of the identity of the Members and of their votes and with the
functionality required to carry out your legal obligations.
Technical issues, such as connectivity, operating capacity,
certification of the security of the system, and secure end-to-
end encryption and multifactor authentication, and secure
storage of all relevant documents and records, is the third
item. And the last is adequate funding to acquire, maintain,
and operate and certify the systems.
There are many videoconferencing systems. They vary widely
in their features and functions as well as the level of
security. Only a few have end-to-end encryption, and none are
certified for classified information unless operated in a
secure facility.
Many of them were either developed outside the United
States or have considerable operating support coming from
outside the United States, which raises extra concerns about
their security and their reliability.
Also, since COVID-19 has significantly increased the use of
videoconferencing, a number of these systems have been
subjected to successful cyber attacks, underscoring the lack of
cyber resilience of this method of staying connected.
With regard to voting systems during the COVID-19 pandemic,
at least 24 State legislative bodies have embraced various
approaches to both remote voting and remote hearings. No common
approaches or standards have been adopted, although there has
been wide use of a number of videoconferencing systems as a
means of conducting remote hearings and the use of video
streaming over the internet to provide for public participation
and transparency.
A wide variety of techniques have been used as voting
platforms. It is my belief that the most attractive solution
for remote voting is a purpose-built software package that
incorporates all of the attributes associated with
congressional process, including committee management, remote
hearings, document and bill markup, archiving, public access to
the proceedings, and recorded votes, and of course, an easy-to-
use remote voting process.
There are several technical issues that also can limit or
interfere with the success of our remote voting system. First
on that list is the fact that Members and staff do not use the
same devices either in their districts or on the road. In
addition, the internet service providers in their districts
provide differing levels of performance.
Security issues are the most prevalent and pervasive
technical issue in this digital age. Specifically, multifactor
authentication, end-to-end encryption, and verification or
audit of all the votes, documents, and proceedings must not
only be present in the solution but be accredited or certified
to work as specified.
Today, cyber attacks are an hourly and daily fact, and many
of them are successful against well-designed but flawed product
implementation or use. These attacks have been commonplace.
They are carried out by nation-states, criminals, hacktivists,
as well as hackers just seeking the thrill of a successful
attack. A remote voting system must be resilient against all of
these bad actors, particularly nation-states who are seeking to
disrupt our democratic processes.
Last but not least of the four categories is providing
sufficient funding to acquire and certify services.
In conclusion, I believe there are many factors that can
impede successful deployment operation of remote voting
solution in the House, but I also think that many of these can
be mitigated. I hope that my parsing of this problem is useful
in your framing of an approach that maximizes the functionality
needed to make this effort successful.
And thank you very much for the opportunity to provide a
perspective on this important topic. I look forward to
answering your questions.
[The statement of Mr. Crowell follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
I will now recognize Mr. Green for his testimony.
Mr. Green, you are welcome to testify.
STATEMENT OF JON GREEN
Mr. Green. Thank you. Chairperson Lofgren and Ranking
Member Davis and Members of the Committee, thank you for
inviting me to testify today as you explore the feasibility and
security of remote voting for House Members.
While recognizing that this institution is founded on in-
person engagement and voting environments, the current pandemic
has made it entirely reasonable to consider technology that
allows for secure remote voting.
I have spent the past 17 years working for Aruba, a part of
Hewlett Packard Enterprise, and for the past 10 years, I have
worked closely with our U.S. and allied partner government
customers on secure network and remote access solutions. I hope
that experience will help provide relevant information on
today's topic.
Before beginning my formal testimony, I want to thank
Chairperson Lofgren for her representation of San Jose and
Silicon Valley for the past 25 years. HPE and the larger
technology community in the Valley are grateful for her
consistent support and leadership.
Let me assure you that you are not alone in trying to adapt
to the new world of work-from-home orders. Since this pandemic
began, we have received thousands of inquiries from our
Enterprise customers seeking solutions to enable secure remote
working. It is fair so say that very few of them envisioned a
world where 100 percent of their workforce would suddenly be
working from home.
Such widespread remote working brings with it additional
challenges. End users without the benefit of on-site IT support
personnel often become frustrated when their technology doesn't
work correctly. And without protections provided by IT security
solutions, users often turn to that which is convenient, such
as personal email accounts, rather than that which is secure.
The stakes are very high when it comes to remote voting in the
House, so it is critical to provide Members a solution that is
both convenient and secure.
In the world of information security, we often speak of the
CIA triad. Not to be confused with the intelligence agency, CIA
stands for confidentiality, integrity, and availability, the
three most important aspects of a secure system. Many people
equate security with confidentiality, but in remote voting, the
most important principle is actually integrity, the guarantee
that information is trustworthy, consistent, accurate, and
originated from the correct person.
Second in importance is availability. A Member must be able
to cast a vote during the period that voting is open. We have
all seen the reports documenting foreign adversary interference
in U.S. public elections, and we can't for a minute believe
that adversaries would not also try to interfere in
congressional voting. For that reason, it is imperative that
the House implement the highest degree of security possible.
Fortunately, a model already exists for highly secure
remote access. Congress does not have to go first. Ten years
ago, the National Security Agency introduced a program known as
Commercial Solutions for Classified, which has been widely
adopted by the DOD, the intelligence community, law
enforcement, and others to connect classified systems and
devices over untrusted networks using commercial off-the-shelf
IT products. The same architecture has been also deployed for
unclassified systems when organizations have needed to adopt
the best security available. Congress can dispense with months
of security analysis by adopting an existing, proven
architecture.
Overall, I believe we need to focus on four key principles
to ensure a successful remote voting program: First, as
previously mentioned, secure remote network connectivity should
be provided following the NSA Commercial Solutions for
Classified architecture. This ensures that Members of Congress
are not connecting directly to malicious or compromised
networks.
Second, dedicated voting devices should be issued to each
Member to be used only for the purpose of voting. These could
take the form of laptops, tablets, or smartphones with a simple
application showing buttons labeled yes, no, and present.
Third, multifactor authentication would be mandatory for
such a solution. It is critical to ensure that the Member and
only the Member is the person casting a vote. Multifactor
authentication is already widely used by the Federal Government
and is a well-understood technology.
And, fourth, a manual system of vote verification is
required. The Member needs a way to verify that the correct
vote was registered in real time in a system that is visible to
all. This could be as simple as monitoring the vote on C-SPAN.
My remaining caution to you is to focus on availability. We
can solve for integrity and confidentiality, but availability
is often overlooked. Systems deployed today that use public
internet rely on users being lost in a crowd, their internet
traffic appearing indistinguishable from others.
If an adversary were able to pinpoint the internet location
of each Congressional Member, then targeted denial-of-service
attacks could prevent specific Members from casting their
votes. To counter this threat, backup systems of voting must
remain available and time limits on voting windows may need to
be relaxed. As skilled as we are today at engineering reliable
networks, the best backup systems are often low tech.
In summary, I believe that should you decide to move
forward, remote voting is technically feasible, can be enabled
for a reasonable cost, and can be done with an appropriately
high level of security.
Thank you again for the opportunity to offer testimony. I
look forward to answering any questions you may have.
[The statement of Mr. Green follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much for that interesting
testimony.
Dr. Rivest, you are now recognized for your testimony.
STATEMENT OF RONALD L. RIVEST
Mr. Rivest. Thank you. Chairperson Lofgren, Ranking Member
Davis, and Members of the Committee, my name is Ron Rivest. I
thank you for inviting me to testify regarding the feasibility
of using technology for conducting remote voting in the House.
My bottom line is that such remote voting is feasible and can
be made adequately secure.
I will skip a few paragraphs of my testimony since my bio
has already been read. I just note that I have worked for over
two decades on voting system security. And I speak here only
about the security aspects of the remote voting, not about the
appropriateness of remote voting for the House. That question
is beyond my pay grade.
I see that the House, under House Resolution 965, is
already using proxy voting for remote voting. That resolution
authorizes examination of ways to vote remotely in a secure
manner, hence today's hearing.
As noted, I think the House is in a good position. There
are indeed suitable secure voting technologies available. The
most important reason why that is true is that the House votes
are not secret. Voting in the House is not based on secret
ballots. That makes all the difference, as manipulation or
alteration of votes can be detected and corrected.
For the record, I note that, in the U.S., secret ballot
voting was first implemented in Massachusetts in 1888. However,
implementing secure secret ballot remote voting is still beyond
the state of the art.
Back to nonsecret voting, designing a secure voting system
requires, first of all, a clear statement of the security
objectives. A system can't be said to be secure if there is no
specification of what security should mean for that system.
What are the baseline voting system security requirements?
Here are four: Only eligible voters can vote and each at most
once. Votes are cast as intended. Votes are collected as cast.
And votes are counted as collected. Each property should not
only be true but be verifiably true. Counting, as noted,
tabulation, is not an issue since nonsecret ballots can be
posted publicly and the tally then verified by anyone.
One recommended principle for achieving voting system
security is that of software independence, a notion developed
by John Wack of NIST and myself. This principle basically says
that you never want to be in a position where you have to say,
well, the result must be right because the computer says so. In
other words, the election outcomes must be auditable.
Here is a sketch of a simple architectural approach for
secure remote nonsecret voting to illustrate. There is a public
website where all cast votes are posted. Each Congressperson
composes his or her vote, digitally signs it, and sends the
resulting digitally signed ballot for posting on the public
website. Many digital signature schemes are available. NIST has
developed digital signature standards. Digital signatures are
now implemented in every browser. One approach uses the RSA
public-key cryptosystem.
A nice thing about digital signatures is that the signature
on a digitally signed document, such as a ballot, is verifiable
by anyone. I note that a digital signature is not just a cut-
and-paste image of a handwritten signature; it is a
mathematical function of the message being signed and secret
information specific to the signer.
Digitally signed ballots can be authenticated using public
information, both as to the origin, who the voter is, and as to
the content, what the ballot says. Vote manipulations are not
possible, as forging digital signatures is not feasible. The
most an adversary can do is to delete or duplicate votes. An
adversary can conceivably delete or duplicate votes even now
with proxy voting. If a Congressperson can't submit a ballot,
they can't vote.
Detection and correction mechanisms can work for voting
with digitally signed ballots much as they work for proxy
voting. It is important to note that voters, in this case
Congresspeople, can check or audit their votes as correctly
recorded on the public website. Missing votes can be restored.
This should be checked. This is important.
An approach sketched here bears many similarities to your
current proxy voting procedures. The public website becomes the
proxy for those voting remotely. Indeed, such a system should
provide a smooth and secure extension of your current proxy
voting procedures, which need not be abandoned. This sketch is
intended only to show that it is possible to use technology to
do remote, nonsecret voting in a secure manner. Many other
approaches are possible.
This concludes my testimony. I would be happy to answer any
questions you may have.
[The statement of Mr. Rivest follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very, very much.
I would now like to ask Dr. Rubin to give us his testimony.
STATEMENT OF AVIEL RUBIN
Mr. Rubin. Thank you. Good afternoon, Chairperson Lofgren,
Ranking Member Davis--or I should actually say, for some of
you, it is good morning, right--and Members of the Committee.
Thank you for inviting me to participate in today's hearing. My
name is Avi Rubin, and I am a professor of computer science at
Johns Hopkins University. I am also technical director of our
Information Security Institute. I have held these positions for
the last 17 years. And prior to that, I was a cybersecurity
researcher for 9 years at AT&T Labs and Bellcore.
For 10 years my research focused on election security, and
I was director of the National Science Foundation ACCURATE
Center for secure elections. I was also an election judge in
Maryland, and I worked six elections as an election judge.
I have been asked to comment on the technical feasibility
of building a system for House Members to vote remotely. I will
not be addressing the political question of whether the House
should employ it, just focusing on technical issues relating to
feasibility and security.
Remote voting for House Members is very different from
remote internet voting where citizens elect their political
leaders, which I strongly oppose for security reasons. What
makes internet voting difficult is the secret ballot
requirement. The House Members' votes are not anonymous, and
that makes all of the difference.
I consider important features of a system for remote voting
by House Members: The features are that the votes are cast over
the internet on a mobile device or computer or even a dedicated
device. The votes are displayed as they are cast on a virtual
board simulating the large board in the House Chamber that
shows the votes. The public has access to the virtual board and
can see how Members voted. And the system needs to work in real
time because some procedural votes lead to activity based on
the results of those votes right away. So a system that detects
errors days later would not be that useful.
Without the secrecy requirement, I believe that it is
possible to design, build, and deploy a reasonably safe and
secure remote voting capability for House Members that meets
these requirements, provided that certain procedures are
followed.
When considering the security of a system, the first step
is to develop a threat model. Next, you want to rank the
threats in order of severity, and then security designers will
attempt to address those threats.
For House Members to vote remotely, here are examples of
some of the threats. One would be an attacker compromising a
Member's device, whether it is a phone or a tablet or computer,
and forging votes on behalf of that Member.
Another threat might be that an attacker forges votes for a
Member without even compromising their device. Let's look at
another threat. An attacker could compromise a back-end system
and cause the votes to be tabulated incorrectly. And, finally,
a targeted denial-of-service attack, which was already
mentioned, against a Member's network right when they are
trying to vote that prevents them from being able to vote.
Well, against the forged votes and the disruption of the
tallies, we can address those with standard security practices.
These can include encrypted and authenticated communication
lines, multifactor authentication, and checks.
For example, imagine that a staffer for a Member registers
their mobile device with the system and then whenever the
staffer votes--I am sorry--whenever the Member votes, that
staffer receives a notification on their phone saying the
Member has voted and here is how they voted, and that would be
one check to make sure that the votes were being cast the way
that the staffer knew that the Member could cast the votes.
There are many other such safeguards that a designer of a
system could put into place.
Now, addressing the denial-of-service attacks is more
challenging, but this can be addressed with backup
communication capabilities, including voice calls, and in the
worst case, alarms can be raised. The key is that any security
issues can be detected and addressed in a system such as this.
So, in conclusion, technology is available today to make it
possible for Members to vote on bills remotely over the
internet. However, care must be taken to employ proper security
design procedures and audit to ensure that tampering is not
occurring, and backup procedures should be considered in the
event that the system is unavailable at a critical time.
So I am happy to answer any questions during the Q/A
portion of the hearing, and thank you very much.
[The statement of Mr. Rubin follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much.
Our last testimony will be from Dr. Wagner.
We are eager to hear your comments.
STATEMENT OF DAVID WAGNER
Mr. Wagner. Chairperson Lofgren, Ranking Member Davis, and
Committee Members, thank you for the opportunity to participate
in this hearing today. I am a professor of computer science at
the University of California Berkeley. I have published more
than 100 peer-reviewed scientific papers on computer security,
and I have worked on the security of elections for over 15
years.
I have one message for you today: It is technologically
feasible for the House to vote remotely if you decide that
voting remotely is in the public interest. There are risks, but
my assessment is that the technical risks can be mitigated.
If Members of the House can vote on bills over the
internet, a natural concern is that hackers might attack your
computers and try to tamper with the votes. Another concern is
that technical issues might prevent Members from casting their
vote or cause votes to be recorded inaccurately. These are
serious risks, but I believe these risks can be addressed
through a combination of people, process, and technology.
I would like to walk you through three possible models you
could consider for remote voting. One way you could vote online
would be for the House to develop its own app. You have heard
how this could work. Each Member could cast their vote from an
app on their phone with a public vote board showing the votes
received in real time. I had suggested each Member have one of
their staff crosscheck that the vote was recorded correctly.
Maybe party whips could help with that too.
And I discuss in my written statement some security
measures that I think would be appropriate for this approach.
The primary disadvantage of developing your own app is that it
might take many months or even years to develop and deploy your
own solution.
A second option would be to buy a commercially available
system for voting online. A third option would be to use remote
videoconferencing. To record their vote, a Member could make a
video call to the Office of the Clerk, and the Clerk's staff
could verify the Member's face and voice and record their vote.
I outline in my written statement ways that you could
harden this approach against hacking. The primary advantage of
a videoconferencing approach is that it could be deployed
rapidly using existing tools.
Regardless of which model you adopt, I would like to
propose four principles that I think would support security for
voting in the House. First, I suggest that you provide a way
for Members to check that their votes were recorded correctly,
and you encourage everyone to do this. This provides a powerful
backstop in the event of technical problems.
If you make it easy for Members and their staff to verify
that their vote was recorded correctly, then any technical
issues or hacking can be detected and corrected. Any system can
potentially be hacked, but well-designed ones anticipate this
and provide a way to detect it and correct the problem.
Second, I think it will be important to consider the
policies and processes that govern remote voting. You might
consider how Members can report any discrepancies in how their
vote was recorded and have them corrected. You might also
consider what fallback procedures would be available if the
Member is unable to vote due to technical issues and the
timeline for doing so.
Third, you might consider selecting a partner with
cybersecurity expertise. When you buy a house, you hire a
professional inspector to check for any problems. And the same
applies here. It might be helpful to have security experts on
tap to help, and there are a number of government organizations
that might be available to help with that.
Fourth, I suggest following good cybersecurity practices,
such as use of two-factor authentication, end-to-end
encryption, and providing Members with hardened devices to vote
from.
In summary, I believe technology can enable the House to
vote remotely in a reasonably safe way if you decide that it
would be appropriate to do so. Thank you.
[The statement of Mr. Wagner follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. Thank you very much, Dr. Wagner.
And thanks to all of the witnesses for their very
informative testimony.
We now have an opportunity to ask questions of our
witnesses for five minutes. I would note that Mr. Gingrich has
previously advised us that he has a hard stop in about 25
minutes. So I just wanted members to know that if they have
questions for Mr. Gingrich.
Mr. Gingrich. Well, actually, Chairperson, this is so
interesting; I will stay. I will just blow off my----
The Chairperson. Okay. Good. Very good. Very good.
Mr. Gingrich. Thank you.
The Chairperson. I am going to turn to the Ranking Member
first to recognize him for his five minutes of questions. Mr.
Davis.
Mr. Davis of Illinois. Thank you, Madam Chairperson.
And thank you to all the witnesses. I appreciate the
opportunity to talk about technology and talk about the overall
process of remote voting possibly existing in the House.
Mr. Speaker, you touched on this in your testimony, but can
you elaborate further on how you see remote voting as possibly
centralizing power in the Speaker's Office?
Mr. Gingrich. I will be glad to. And let me say, I was very
impressed with the witnesses, and I have no doubt that if the
House decides it is wise, that you can develop a very solid
system. And I concur with the Clerk, Cheryl Johnson, that she
could easily, I think, develop and guarantee the integrity of
that kind of a system. So I think that is an important frame of
this.
The challenge you have is basically how humans operate. As
you know, you build teams by being together long enough to know
each other. You build teams by working out and solving problems
together.
I think you have to look at, not just the first week or the
first month, but if you start down a road where you are saying
that being distant, not interacting biologically in the same
room, is an acceptable pattern, then I think you begin to set
up a post-legislative body that is something we have never seen
before.
Legislative bodies historically aren't just about voting;
they are about building a collective understanding and a
collective knowledge, and, at times, in taking on Presidents or
taking on kings, they are about people who know each other well
enough to have courage in situations of enormous danger.
So, as a historian, I worry about the wisdom half of this.
As a citizen, I have no doubt, if you decide it is the way to
go, you have brilliant people today who are testifying, and
collectively, they could produce a--they can guarantee the
technology, but I am not sure they can guarantee the historical
and sociological side effects.
Mr. Davis of Illinois. Mr. Speaker, I agree with you. We
are the United States of America. If there is anything that
needs to be built in this globe, we can make sure that happens,
and the great people who are here today likely could do that.
But I agree with you. I still believe it impacts what Congress
looks like over the next generation.
Matter of fact, I am on the Committee to Modernize
Congress, Select Committee to Modernize Congress. Many of our
recommendations have been built around how we ought to get
together more, talk more. That is how we begin to legislate.
But another important process is oversight. Now, you
changed the oversight process within the House when you got rid
of proxy voting that the committee chairs had before you were
Speaker. Did that empower more Member input, and what kind of
oversight issues do you think remote voting would give to a
legislative branch when dealing with the executive branch?
Mr. Gingrich. Look, I think oversight is unbelievably
important. I don't think we do enough of it, and I don't think
we develop enough expertise in it. And, again, I would just
say, a lot of these topics, whether it is healthcare or
national security or you name it, they require years of
learning. Members who spend years working on a particular area
very often know more than the executive branch people that they
are interrogating.
So I think it is very important. We eliminated proxy voting
because what was happening was the chairman would walk in and
they would have 15 votes in their pocket. Now, those people
didn't sit through the hearing. They didn't ask any questions.
Well, when the time came to vote, even if you had had all your
people there on some of these committees where they were
stacked pretty intensely, the chairman just won. There was
almost no reason to go. So that was a big factor in why we went
there.
I think our hope was that it would get more Member
involvement, more Member engagement, and more Member learning.
And as a result, all 435 players could be involved, not just a
handful. That was our hope anyway.
Mr. Davis of Illinois. We appreciate you doing that. I do
believe it has made the House work better. We do, as I know the
Members of this Committee have tremendous input. And I also
want to thank you for the transformation that you made to the
House when you took over as Speaker to move the House from a
patronage machine of decades before to a more professional
organization with our Chief Administrative Officer and making
sure that politics was put out of that process as much as
possible in a political House that we work in.
So I appreciate your experience, appreciate your comments.
And I will go ahead and yield back, and thanks for taking the
time today.
The Chairperson. The gentleman yields back.
I would now turn to the other Davis on our Committee, the
gentlelady from California, Susan Davis, for five minutes.
Mrs. Davis of California. Thank you very much, Madam Chair.
I appreciate all of our witnesses here today.
And I wanted to start with Clerk Johnson, if I might.
And, Clerk Johnson, I especially wanted to thank you for
everything that you and your staff have been doing to make
voting and legislative processes possible during this difficult
time of the pandemic.
And we need to remember: we are in a national emergency
here. We are not just talking about this because we think that,
you know, maybe some people would like to do it this way. There
is a reason for that, and it is a matter of life and death. And
for some of our families, quite honestly, it is a matter of
life and death. So being safe is very, very important.
I wanted to just acknowledge your effort, Clerk Johnson, to
make Congress work remotely requires remote voting, of course,
that we have been talking about, but also remote legislative
processes, including bill introduction and co-sponsorship. And
I know that you have worked hard on that, creating electronic
signatures.
I want to thank you as well for setting up the email system
for bills and sponsorships, and I hope we could continue to
work together on that. And you have also been active in setting
up some of the small group voting and proxy voting that is also
smart and safe for all of us.
I am sure you know and probably the one issue that Members
would talk about that is a concern of theirs, especially when
they are there and voting right now, again, because of COVID,
is being able to vote quickly, get on and off the floor, and
perhaps find ways of saving time in between. And I wonder
whether you think that there are some more efficient ways of
doing that? I want to turn to the Clerk for that.
The Chairperson. The Clerk needs to unmute her microphone
before she answers.
Ms. Johnson. Yes.
Mrs. Davis of California. Thank you.
Ms. Johnson. In looking at the process that is currently in
place, I certainly think it is very efficient with the proxy
voting. Members are able to come in, and if they are holding
proxies for other Members, they announce those proxies on the
floor.
At the same time, the tally clerk holds a binder that has a
copy of the proxies to make certain that it is reliable and
transparent, and Members are able to move on and off of the
floor very, very efficiently.
A vote normally takes about 45 minutes, because they are
sequential. Members come in probably 15 at a time. They
exercise social distancing. And, as I said, we have not had any
incidents to date.
Mrs. Davis of California. If I may just add quickly, I
think the timing in between the votes, and for some of us
walking back and forth to offices, it is great. We get more
steps in, I guess you could say that.
But I also just wanted to see that if there are some ways
that people have suggested shortening some of the time, and
maybe that is something that we could all continue to talk
about.
But I know that that is the concern that people have
expressed, because it kind of forces people to hang out a
little bit, and that is not something that we know is
necessarily in the best interest of all of us doing that and
keeping people safe.
I wanted to turn quickly, because several of our witnesses
have talked about this, and I think it is really an interesting
concept. How could remote voting be corrupted given that it is
not a secret ballot?
And I know that Dr. Rubin has talked about that, Dr. Rivest
as well.
Are we talking about corruption here? Or is it that we want
to be sure that Members have the ability very, very quickly to
be able to check and see if their votes are correct?
It is not a secret system. So the whole world should be
able to watch this with us and to be sure that we are correct.
And I ask others on the panel to respond to that.
Dr. Rivest.
Mr. Crowell. Well, I would just----
Mr. Rivest. I would be happy to speak to that.
Sure, yes, you are absolutely right, you hit the nail on
the head with the key requirement, which is that the voters
need to be--the Congress people who are voting need to be able
to check that their ballot is correctly reported and posted.
There may be corruption on the way between inside the
voter's mobile device and their laptop, whatever they are
using. There may be corruption on the routes to the posting.
But any of those things can be detected and corrected as long
as there is a way for the voter to check that the vote was
received as intended and posted correctly.
So I think that is exactly right, there are possibilities
for corruption, but as long as you have a detection and
correction mechanism, such as you have talked about here, such
as we have all talked about, this can work well.
Mrs. Davis of California. Thank you.
The Chairperson. Mr. Crowell, you were going to say
something.
Mr. Crowell. Yeah. I wanted to add to that list disruption,
which I think is a very big issue and will have to be
addressed, as Dr. Rivest and Dr. Rubin mentioned earlier.
Disruption is occurring all the time in the internet, and we
have to deal with it.
The Chairperson. Very good. Thank you so much.
I would now like to turn to the gentleman from North
Carolina, Mr. Walker, for his questions.
Mr. Walker. Thank you, Madam Chair.
Speaker Gingrich, you touched on how working together and
hearing different perspectives will be greatly diminished with
Members not physically being in D.C.
I know some of my personal work has been bipartisan. Some
of those relationships and some of the development on policies,
those conversations happen on the House floor.
I can think of two instances during a motion to recommit
where colleagues of mine did change their votes going on to the
floor after hearing the debate. In fact, there is a verse in
Proverbs in the original Hebrew that states: The one who states
his case first seems right until the other comes along and
examines him.
I don't look at this as a technological debate. I look at
this as a procedural debate, a historical debate, a debate of
what is best for the American people.
Would you mind expanding on how this remote voting will
have a potential corrosive impact on the legislative process?
Mr. Gingrich. Well, thank you for that question,
Congressman Walker.
Look, I approach this from two different perspectives. One
is, somebody who did serve 20 years in the House. And, for
example, when I was Speaker most of our major bills had huge
bipartisan majorities and they did so because we listened to
each other.
And on occasion we got into fights. We had one effort, to
reform welfare, that got vetoed. We had to sit back down, talk
it through. By the time we were done, literally half the
Democrats voted with us. It was 101-101 in the caucus. And that
wouldn't have happened if we weren't able to listen to each
other.
I can also tell you that I am a big fan of congressional
delegation trips, because you get away from your staff, you get
away from your constituents, you get away from lobbyists. You
are with the other Members for 3, 4, 5, 6 days, learning
together, experiencing together, talking together.
So one is my own personal experience biologically having
done it.
The other is my experience as a historian, that when you
study all of these great demands that involve freedom, if you
look at the proceedings leading up to the English civil war,
where the Parliament organized itself against King Charles I,
if you look at the rebellion against Cromwell, who had become a
dictator at the end of that civil war, if you look at why the
Founding Fathers--remember, all these Founding Fathers were
professional politicians. They had all served in legislatures.
They were colonial legislatures, but they were real, and they
had all negotiated.
And so they believed that the legislative branch was so
important that they made it the number one thing in the
Constitution. But in their experience, the legislative branch,
for example, for Washington and others, meant you rode down to
Williamsburg. You were there for 6 or 8 weeks. You stayed
together, you ate together, you talked together.
Constitutional Convention, 55 days without a break, all of
it in secret. Talking together, worrying, negotiating,
thinking. Finally, at one point having a day of prayer, because
they had gotten deadlocked.
I think humans learn from each other, and when you start
trying to replace humans with a mechanical interface or an
electronic interface you rapidly degrade the long-term wisdom
of the collective group.
Mr. Walker. I certainly agree. All over the country right
now we are trying to bring people together. In a couple of
weeks, we will have 200 pastors coming together from all of our
communities to begin conversations to talk about how we resolve
issues. It would be impossible to do that remotely.
There is also another aspect of this. What kind of message
does this send to the American people when Members of Congress
can just stay at home and push a button or call in or video
conference while our other essential workers are still showing
up? My wife is a trauma one nurse specialist practitioner. She
has to show up every day.
Would you address that as well?
Mr. Gingrich. I am deeply concerned by the level of panic
that the American news media has created. I don't see it here
in Europe. I don't see it anywhere else around the world. And I
think that it is almost entirely media driven.
Yes, this is a problem, but we have dealt with a lot of
other health problems before and I think that we can deal with
this one.
And I think, as a populist, as somebody whose father served
27 years in the Army, came out with no money, look, I find the
idea of the political class being too precious to take the risk
of getting together, I find that goes against everything in the
American system. And I find it deeply offensive to think that
the politicians think that they are more valuable than a truck
driver or a worker at In-N-Out in Los Angeles.
Mr. Walker. Thank you. Right on time, five minutes. Thank
you, Mr. Speaker. It is a pleasure to see you today.
I yield back.
The Chairperson. At this point I would like to recognize
the other gentleman from North Carolina, Mr. Butterfield, for
his questions.
Mr. Butterfield. Thank you very much, Madam Chair.
And it is good to see all of my colleagues today. I hope
and pray that all of you are well.
Let me also thank our witnesses for your testimony.
I have been listening very carefully, Madam Chair, to the
various witnesses today, and I was really struck when Mr.
Gingrich suggested that we are acting in a sense of panic that
the news media has created. And I want to respectfully dispute
that premise.
I suggest today that Democrats are engaged in what I would
like to call strategic planning. That is to protect this
institution if rates of infection continue to increase.
Protecting the Members if assembling on the floor is
infectious, that is our goal. It is not to create any panic. It
is simply to protect the Members if assembling on the House
floor becomes infectious.
I will note that there was a press conference last week in
front of the Capitol and one of our beloved Members from
Virginia contracted the coronavirus while right here on the
Capitol Grounds.
And so we are just trying to be proactive and to look
forward and to do some strategic planning.
I was in a meeting the other day, a virtual meeting, with
two of the leading epidemiologists in the world, and what those
two gentlemen told us was that COVID is winning--COVID is
winning.
If States don't require extraordinary measures, the
infection rates could reach as much as 50 percent by the end of
the year.
I hope my colleagues are not surprised by that. I hope you
agree with that assessment. But if the rates of infection
continue on the same course that we are seeing now, it could
rise to 50 percent this year.
And so as my colleague, Susan Davis, said a moment ago,
this is a national emergency and it could be a matter of life
and death.
Let me just turn my first question to the clerk.
And thank you, Ms. Johnson, for your incredible work in all
that you do for all of us in the House.
At any given time under normal circumstances, Ms. Johnson,
how many people are on the floor? And that would be Members and
Members' staff and the support personnel, including the Capitol
Police and the sergeant at arms and the personnel from your
office. Collectively, how many people under normal conditions
are on the floor?
Ms. Johnson. Approximately 20 persons, and that is clerk
staff, as well as staff of the parliamentarian and Speaker's
leadership staff as well, both Democrat and Republican. But
with the Clerk's Office, we have the bill clerk, the reading
clerk----
Mr. Butterfield. But put it all together, including the
Members, including the Capitol Police, in the aggregate, how
many people, 500 perhaps?
Ms. Johnson. Oh, if we include everyone on the floor at one
time, it is well over 500. It is probably more like 550.
Mr. Butterfield. And so while I think it is wonderful to
have 500 people on the floor so that we can talk with each
other and plan our votes in the middle of a motion to recommit
and all of that, I think we have to look at extraordinary
circumstances.
We do not need 500 people on the floor at one time. We
don't need 50 people on the floor at one time. And so thank you
for that.
It occurs to me that one of the most straightforward ways
to vote remotely might be to do it by video conference in which
the Member would simply tell a vote clerk how they wish to
vote.
I know our friends over in the other body, they vote by a
roll call, but it is an in-person roll call. And I am thinking
perhaps about an electronic teleconference roll call.
Would that be practical?
Ms. Johnson. It would be technically feasible. We would
just have to make certain that it is reliable. But it certainly
would be practical.
Mr. Butterfield. And finally, in a remote voting scenario,
do you think it would be beneficial to have votes to be public
the moment the votes are cast?
And as we all know, the public does not know how we vote
instantaneously. The Members know because we can look up at the
board, but the public does not know for a few minutes until
your office is able to post it on the internet.
But do you have a system in mind whereby the public would
immediately know how a Member of Congress voted on legislation?
Ms. Johnson. I think that involves variables. I don't have
a system in mind, but we could probably have such a system.
But, no, I don't have one in mind.
Mr. Butterfield. But that would be beneficial, I take it,
if the public could instantly know how a Member voted?
Ms. Johnson. Transparency is always beneficial, I agree.
Mr. Butterfield. Thank you, Ms. Johnson.
Thank you, Madam Chairman.
The Chairperson. Thank you very much.
I would now like to turn to the gentleman from Georgia, Mr.
Loudermilk, for his questions.
Mr. Loudermilk. Thank you, Madam Chair. Appreciate it.
I apologize for my voice. Believe it or not, there are
other sicknesses other than COVID out there. And I came down
with the good old common cold this week and I totally lost my
voice yesterday.
The Chairperson. I am sorry.
Mr. Loudermilk. But it is coming back. It isn't COVID
because of a flight I took on Air Force One a few days ago. I
was tested.
And so I know that that kind of plays into, I think, what
Speaker Gingrich was talking about, it is almost like today if
anybody gets a cold, they are all of a sudden just scared to
death that they have COVID. And so we have to keep things in
perspective.
I think the question that we should be asking here today,
and several of our witnesses have alluded to this, the question
isn't whether or not this could technically be done, it is
whether we should be doing this.
And I think one key indicator to whether we should be doing
this or not is the amount of time that we have talked about
security on here today. That ought to be the first indicator,
that ought to raise a red flag.
I spent 30 years in the technology sector and one of the
things I can tell you, there is an old adage that basically
said, the question isn't if you are going to be hacked, but it
is when.
And I know that we can build systems that will be secure
enough to do this, but also those systems are only as good as
you maintain them continually. And it would create an
inordinate amount of work to continue to maintain these,
because as some of our esteemed panelists have said today, they
have talked about how high profile this would be, what a target
we would be, the risk that we would have.
And obviously we would be one of the highest profile
targets, not only to cyber criminals, but to foreign entities
as well. And the amount of effort that we would spend in just
continuing to stay ahead of the bad guys, I don't know that it
would be worth implementing a system like this.
I think we really should be talking about ways to hold
ourselves accountable to do the jobs we are supposed to be
doing. I can't remember, I am sure Speaker Gingrich can tell
us, when was the last time that the House and the Senate
actually passed appropriations by our own deadline?
I mean, I think we should spend time on how we hold
ourselves to do our jobs, not trying to make it easier for us
not to do our jobs.
But I think it is important to have the conversation. But
the most secure way to vote is to walk on the floor with your
card.
And I give credit to the system that we have right now. It
does take longer. It isn't as efficient, because we can't go on
the floor and vote on four votes at one time. It takes half a
day or a quarter of a day to vote on one bill because the
machines are closed. But yet we have got it down to where we
can do that.
So anyhow, I think the real question ought to be, is this
something we should be considering, not if it could be done?
Speaker Gingrich, good to see you, again. And it took me a
moment when you said you are in Rome, I had to figure out, were
you talking about Rome, Georgia, or Rome, Italy? So I think I
figured that out.
But you did a lot to reform House processes. I have read
several books on it. When you became Speaker it was like
reforming the entire House because of the level of corruption
that existed at several levels--and including at the time the
House Administration Committee.
And one of the things that has been spoken about is that
you got rid of proxy voting. Why did you get rid of that in the
committee level and what were the problems it created?
Mr. Gingrich. Well, let me say first, just for a second,
that in terms of what Clerk Johnson is dealing with, we
actually brought in a firm to audit the House. And after about
9 months they came back and briefed us and said, ``It is
impossible. Since 1789 the House has never kept records
accurate enough to be audited.'' But they said, ``If you will
give us a contract, a year from now we will be able to audit
the House.'' And that was one of the breakthrough moments that
led to a much more modern House.
And the corruption wasn't particularly partisan. It was
just people had gotten sloppy over a very, very long period.
I would say, and I draw a distinction here, as I said
earlier, I have no doubt with the experts you have heard from
today that you can get to a safe and secure method for remote
voting.
The proxy voting issue is a different issue and one which
does concern me, and that is it centralizes power and actually
lowers the interest of other Members in participating because
they are just going to lose the vote. And the chairman of the
committee or the Speaker of the House or whoever is just going
to beat them with the names of people who aren't even there,
have no idea how it has been voted.
And so for us that was a very frustrating part of being in
the minority and that is why we changed it when we took over.
We actually took away from our brand-new chairmen the power
that their predecessors had and would not let our new chairmen
use the proxies to dominate their committees.
Mr. Loudermilk. Thank you, Mr. Speaker.
I mean, there are times that it would be beneficial when I
have three committee hearings going on at the same time or
markups and I have to run from one to the other, but that is
just part of what I signed up to do.
So thank you. I see I am out of time. And I yield back.
The Chairperson. Thank you.
Mr. Raskin has been able to join us from the Rules
Committee.
We thank you.
The gentleman from Maryland is recognized for his five
minutes.
Mr. Raskin. Madam Chair, thank you very much. And thanks
for calling this extremely important meeting at a time when the
country is in an intensifying crisis with the coronavirus. We
have 3.3 million cases. We lead the world in case count. We
lead the world in death count. We have tens of millions of
people thrown out of work because of this nightmare. And
several of our States would be in the top five countries in the
world in terms of increases in the coronavirus if they were
treated as a country.
And we know that there are hospitals being maxed out and
overrun in Florida, in Texas, in Arizona, and throughout a lot
of the southern part of our country.
I would not agree with the proposition that using remote
voting or proxy voting in the context of a national public
health crisis reduces deliberation. I would think that people
can engage in robotic, cultish, party-line voting even when
they are standing on the floor of the House. And I have seen
many, many people do that.
And I think people, at the same time, could call in a proxy
vote or vote remotely, having listened carefully to the
speeches on TV and having consulted with their colleagues.
So I just think that that argument has very little force to
it. There might be other things we can do to promote meaningful
dialogue and discussion. But I understand the same kinds of
arguments were made when the House of Representatives first
moved to use electronic voting in the first place, that somehow
this would sterilize the process and cut down on interpersonal
communication and so on.
So I am more concerned about the arguments that I have
heard from several people today, phrased rhetorically: What
kind of message does it send to Americans on the front lines,
like nurses and doctors and first responders who go to work, if
there are Members of the House who can't make it and they vote
from home?
Does it say something, as Mr. Gingrich said--and I am sorry
I never had the chance to serve in Congress with Congressman
Gingrich because he is an interesting guy--but does it say
something about the preciousness of the political class?
Well, I don't think so. If anyone wants to really prove his
manhood in this process or prove your courage or your tenacity,
go spend a day in a hospital with the nurses and the doctors
and the frontline providers. And if you can't do that or you
don't want to do that, listen to them, because they are all
telling us the same thing: Stay home. Because the hospitals are
being overrun and the pandemic is out of control. And we have
people like the President who are not wearing masks and we have
people who are undermining the public health advice of our
doctors and our scientists and Dr. Fauci. Stay home if you can
stay home because this virus is still out of control.
Now, the House of Representatives, as I think I heard the
Clerk testify, when we are operating and there is a vote going
on, can have anywhere between 400, 500, 550 people together on
the floor.
My friends, conferences across the country have been
canceled during this period because they have 500 people coming
together at hotels. And that is how the virus has spread in a
number of cases, one infamously in Boston at a conference where
it just spread like wildfire.
We basically think we are a regular meeting conference in
that sense when you look at it from an epidemiological
perspective.
So nobody wants to be in this position, and this is not the
occasion to discuss the incompetence of the national
government's response to this crisis. Nobody wants to be in
this situation, but we do have a responsibility to maintain
continuity of government and the continuity of Congress and to
make sure that we are acting consistent with public health
protocols in a safe and in a secure way.
And so I very much favor the idea of moving forward.
You know, Madam Chair, if you would permit me one more
thought. There were people saying, well, this isn't fair to our
constituents, when we were talking about proxy voting.
Proxy voting has allowed lots of Members who were sick, and
we have had a number of Members, both Republicans and
Democrats, suffer from the coronavirus. We have enabled people
to participate. We have enabled them to participate if they
have immunocompromised or vulnerable family members, or other
people who couldn't go because of travel logistics and couldn't
make it to Washington. Their constituents had a voice. And I
know because the Republicans are suing about this.
A lot of Republicans didn't participate. I think in the
last vote, there were nine or ten Republicans who didn't
participate. What does it say to their constituents that they
would prefer to make some kind of vain moral gesture by not
voting and not having their own constituents represented than
to participate in a system which allows everyone to be heard?
I yield back. Thank you.
The Chairperson. The gentleman yields back.
I would now like to turn to the gentlelady from Ohio, Ms.
Fudge, for her five minutes of questioning.
Is Marcia still with us? Perhaps not.
Then we will go to Mr. Aguilar.
Mr. Aguilar. Thank you, Madam Chair.
And appreciate the panel and the panelists for being here.
Just off of what Mr. Raskin mentioned, too, one of the
other roles I play is chief deputy whip of our caucus. And I
have a number of conversations with colleagues about it, just
like you, Madam Chair.
And no colleague is in the same position. Some colleagues
live with someone who has autoimmune issues. Some live with in-
laws or spend time with family members who have compromised
systems. We all have to make decisions based on our own
personal health and circumstances.
This isn't anything that has to do with how the press is
portraying it. This has to do about public health. This has to
do about the real risks that exist by Members getting on planes
and coming from all points in the country.
We don't all live in Washington, D.C. I know maybe in
another time that was more prevalent. That has been weaponized
by politics in the past.
And so many of us, and I among them, I have been to every
vote that we have made here in the pandemic. I will board a
plane and come five hours each way doing that and having a
commute that is over 8 hours each way. And there is no problem
with that, that is what I signed up for, as my colleague from
Georgia mentioned.
But let's not minimize the fact that every Member is going
to make the decisions that is best for them.
And I would like to just bring it back briefly to the topic
of the hearing isn't about our hopes and fears, isn't about the
press. It is about exploring the feasibility and security of
the technology that is at hand.
And so I would like to ask Mr. Green, is there a technology
in existence in the commercial market space that could be
useful to the House in creating a secure infrastructure to
implement remote voting?
Mr. Green. I don't want to self-promote too much, but of
course my own company produces something like that that is used
widely for secure access, and that is just--that is a piece of
an overall solution. That is not a complete solution.
So we focus on the network, and there are other tech
companies that focus on secure network connectivity as well. On
top of that, you can layer very standard types of technologies,
whether that is browser-based applications. A voting
application could be as simple as a web server and a browser
running on a mobile device.
So it doesn't have to be a complex thing given that the
other protections that we have talked about and the other
panelists have talked about today are in place, notably some
live verification that a correct vote was received. That is
really the key to the entire thing.
So I think we can solve the network problem. We can solve
the application problem. The other processes that go around it,
that is the more complicated part.
Mr. Aguilar. If you were responsible for a secure voting
system, what would concern you most? What would keep you up at
night about devising a system that can work?
Mr. Green. As I indicated at the end of my testimony, I
would be most concerned about the availability, the fact that
you may have Members with poor internet connections or no
internet connections or unreliable internet connections. You
may have adversaries that specifically target those Members. If
they know what the vote is going to be and you can prevent
those specific Members from voting, you may potentially be able
to throw the vote in a direction or another.
So, again, backup systems are really critical, and there
are different ways to engineer those that I think involve
humans rather than necessarily involving technology that can
end up making things safe.
Mr. Aguilar. I appreciate it.
Professor Rubin, different legislatures in statehouses
across the country and across the world have taken different
approaches on this, as you highlighted. Some require
legislators' emails and signed and scanned ballots. Others have
created apps.
When you think of the possibility of the House having a
vote-remote system, is there a particular system or framework
that comes to mind that is something you would counsel us to
consider?
Mr. Rubin. I think that if we had to recommend a particular
system, the first step would be to gather the experts together
and brainstorm that. And I think Dr. Wagner presented some very
compelling ideas. For example, the recorded--pre-recorded video
of the vote, as well as what has been discussed, such as a web
server and an app.
I think the key underlying all of these is the ability to
look in real-time and decide if there has been a problem and
identify it right away.
And I think as to the availability question, for example,
the first thing you could do if you are voting on a phone and
there has been a denial of service attack, perhaps switch from
your WiFi to your cellular provider and see if that works.
If that doesn't work, then the next step would be to alert
somebody and to have a mechanism in place in advance that would
make it easy to alert someone, saying, ``I am trying to vote
and my vote has not been successful,'' and then have a
procedure for getting that vote in some other way.
Mr. Aguilar. I appreciate it.
Thank you, Madam Chair. I yield back.
The Chairperson. Thank you.
So I would like to recognize myself for a few questions.
Mr. Crowell, Members of the House are all over the board in
terms of their familiarity with technology. Are there secure
methods to remote voting that you think would be more user-
friendly than others?
Mr. Crowell. Well, certainly. And, in fact, I would agree
with what Avi Rubin said, that a purpose-made application
running on a browser or running in an operating system would be
the most complete approach and would make it easier for the
Members to vote no matter what device they were using to vote
on, because these are commonly available on all of the devices.
Purpose-built because you want the voting to be very, very
easy, a ``yes'' or a ``yea'' or a ``nay'' button for the vote
itself, clear identification of what the matter is in front of
you so that there is no ambiguity about what you are voting on,
and the ability to record all of these things not only in real-
time, but for posterity since these become public records.
The Chairperson. Right.
Mr. Crowell. All of that has to be done securely and it can
be in a purpose-built system as opposed to trying to patch
together various apps that were never intended to support
voting.
The Chairperson. Mr. Green, I wonder if you have thoughts
on how votes that were cast remotely could be integrated with
the votes cast in the Chamber from a technological standpoint
given that the system we have is air gapped with one-way data
flow?
Mr. Green. Yeah, I think integrating those systems would be
ideal so that you don't have a 100 percent remote or a 100
percent in-person type of voting operation.
Ultimately, it seems like you are going to need somebody to
sit there and push the right button or somehow feed those
systems in, probably that somebody sitting on site in the House
Chamber or at least in the building there.
And, again, as long as the Member voting remotely can see
that and see the result of that, that can be done fairly
safely.
The Chairperson. Dr. Rivest, in your testimony you
mentioned that the most an adversary would be able to do in a
particular system would be to delete or duplicate votes. Can
you explain what sort of measures could be taken to protect
against deletion or duplication of votes?
Mr. Rivest. Thanks. Great question.
I think some innovation in the procedural aspects of voting
in the House might help a lot. One thing that occurs to me
here, hearing the discussion, would be to be able to file a
default vote ahead of time so that you can say, ``Should my
internet go down, should I be unable to communicate, this is
how I would intend to vote on this bill,'' but then after
hearing the debate, as Speaker Gingrich suggests, you change
your mind or you have other influences that cause you to
rethink the vote, you could file, either remotely or in-person,
a new vote that would override the default.
So something like that could be one way of mitigating the
risk of having unavailability, which is a risk that is pretty
unique to remote voting compared to in-person voting.
The Chairperson. Right.
Dr. Rubin, it is important that we authenticate--we have
all talked about that--that the vote being cast is being cast
by the Member herself.
Do you think we should consider, if we move to this, any
kind of tech system, a biometric authentication as part of a
multifactor authentication system? And if so, would that be an
iris scan?
Mr. Rubin. So biometrics are very powerful and if designed
correctly they can provide a useful factor. I am a big fan of
multifactor authentication, so I think that if there were a way
to integrate an iris scan such as what you get when you unlock
an iPhone today--well, that is face recognition, it is not an
iris scan--but something, some biometric to that effect, if you
could initialize the system in advance with what a person's
face is like and then integrate that into the authentication at
the time, that that would be beneficial.
But I also think that we can achieve authentication without
that. So it is just one of the tools in the arsenal that we
have that can help us when we design a system.
The Chairperson. Dr. Wagner, would technology that uses a
lot of bandwidth make denial of service attacks more likely?
Would it be better to utilize technology with low bandwidth and
more fault tolerance?
Mr. Wagner. Thank you.
I don't think that should be your primary consideration.
What I would recommend is the primary way to mitigate denial of
service concerns is to have a fallback method. We don't have
effective technological ways to absolutely prevent denial of
service attacks. So the primary defense is to have some other
alternate channel that can be used in the event of a problem.
The Chairperson. Let me ask you this. Should we be
concerned about man-in-the-middle attacks? And if so, what
would be the best way to secure a system against that type of
attack?
Mr. Wagner. Certainly. Man-in-the-middle attacks could
arise if casting votes over the internet or over a telephony
system where attacks are possible. And there are industry
standard defenses that would be effective at preventing man-in-
the-middle attacks. For instance, many of us have referenced
end-to-end encryption, which is an effective defense.
So I think using industry standard mechanisms would be a
reasonable way to defend against those attacks.
The Chairperson. Thank you.
I see my time is expired, so I want to thank all of the
witnesses for this enormously valuable testimony.
I would note that House Resolution 965 requires this
committee ``to study the feasibility of using technology to
conduct remote voting in the House.''
So that is what we are about. We have different views on
whether we should or shouldn't. But our task is to examine the
technology and to be able to certify to the House if we are
able to determine that an operable and secure technology exists
to conduct remote voting in the House.
The testimony received today is enormously helpful in
helping us to complete the task that has been assigned to us.
And I would like to note for the witnesses that the Members may
have additional questions for you. And if we do, we would ask
that you respond to those questions in writing and the hearing
record will be open for those responses.
You know, this is an important question for all of us.
Nothing is perfect. And I was listening to Members. I have
missed votes, not because of a denial of service attack, but
because United Airlines took off late and I didn't make it in
time to go to the House floor.
I agree, Mr. Gingrich, there is really nothing to
substitute for Members going on a codel together and getting to
know each other, but that is not happening now because we are
following the advice of the attending physician.
And I love being on the floor when the mix of Members,
everybody is running around and talking to each other and
getting letters signed, but that is not happening either
because the attending physician is saying we have to go in
groups of 20 and then leave.
The votes are taking a very long time because of the need
for social distancing. So in this pandemic our situation has
changed.
We look forward to the time when the conflagration of this
pandemic has abated. I envy you there in Rome where you are not
actually with the kind of wildfire that is eating through
America with this--not just America, but my own State of
California, where thousands and thousands of positives are
logging in every day. It is really a very serious matter.
Mr. Gingrich. If I might, Madam Chairperson, I just want to
say, I think for the purpose you were assigned, to ascertain
whether or not it is technically doable, this was a superb
hearing. It makes me proud to, once again, be briefly part of
House Administration. I think you had terrific guests, and I
think they all did a very fine job of outlining the technical
possibilities. So thank you for allowing me to be part of that.
The Chairperson. Well, thank you for that. From a former
Speaker, that is great praise indeed and we appreciate it.
With that, I want to thank all the Members for their
participation. I ask unanimous consent to put into the record a
letter received from Demand Progress and keep the record open
for other material that Members may wish to add to the record.
[The information follows:]
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]
The Chairperson. And with that, we are ready to adjourn,
and I will take my gavel and virtually tap it.
We are adjourned. Thank you very much.
[Whereupon, at 2:56 p.m., the committee was adjourned.]
[all]