[Pages S4815-S4816]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

EXECUTIVE SESSION

______

EXECUTIVE CALENDAR

The PRESIDING OFFICER. Under the previous order, the Senate will
proceed to executive session to resume consideration of the following
nomination, which the clerk will report.
The legislative clerk read the nomination of Peter Joseph Phipps, of
Pennsylvania, to be United States Circuit Judge for the Third Circuit.
Mr. SCHUMER. Mr. President, I suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The legislative clerk proceeded to call the roll.
Mr. WYDEN. Mr. President, I ask unanimous consent that the order for
the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.

Election Security

Mr. WYDEN. Mr. President, I stand here this afternoon in a state of
disbelief. Last Wednesday, my colleagues and I in the Congress were
briefed on the state of election security in America.
I am prohibited from talking about the details of that classified
briefing, but the message from my Republican colleagues after that
elections security meeting was very clear: Nothing to see here. One
Senator said it is clear the Federal Government is doing ``everything
you can do.'' The top Republican on the House Homeland Security
Committee said: ``I wouldn't say we've got a need for more election
security legislation.'' A Member of the House Republican leadership
said: ``The agencies have the tools they need, and I am confident they
are addressing the threats.''
It is case closed for those Republicans--mission accomplished. My
Republican colleagues were just so satisfied that the foundation of our
democracy is in good hands. Election security is not a problem for
those colleagues I just quoted.
It was to my enormous shock this weekend when I picked up my phone,
and I read the following headline: ``Old Software makes new electoral
systems ripe for hacking.''
Over the weekend, I said: Gosh, that just can't possibly be right.
After all, my Republican colleagues said after the classified briefing
that election security issues were in good shape. I just kept reading,
and as it turns out, according to an exhaustive analysis by the
Associated Press, the vast majority of 10,000 election jurisdictions
nationwide use election management systems that run on old software
that is soon going to be out of date and ripe for exploitation by
hackers.
According to the Associated Press, Pennsylvania, Wisconsin, Michigan,
Florida, Iowa, Indiana, Arizona, and North Carolina, among others, are
all at risk. Even the State of Georgia, which just passed legislation
to buy new voting machines, is on track to buy equipment that suffers
from this significant cyber security weakness. Worse, two of the three
largest voting machine companies, ES&S and Hart, don't make election
systems that are free from this vulnerability. Many election officials
will be buying election systems that will be out of date the moment
they start using it.
I am reading this story, and I am thinking to myself: Maybe--just
maybe--this Trump administration hasn't solved the election security
issue.
Now, colleagues, I am being a little bit disingenuous here. I have
actually known about this problem for some time. In fact, I wrote to
the Election Assistance Commission about it because, of course, our
elections weren't secure last week, and they sure as heck aren't secure
this week. Anybody who says otherwise is either selling you a voting
machine or simply has a malicious intent toward our elections.
Russia attacked our democracy on every front in 2016, including voter
registration databases and election software vendors. I am a member of
the Senate Intelligence Committee, and I can't talk about classified
matters, but it is public record that there were attacks on our
election infrastructure in 2018.
Our colleague Senator Rubio of Florida even said that hackers were
``in a position'' to alter voter rolls in 2016. In April, the FBI
Director said that 2018 was, ``just kind of a dress rehearsal for the
big show in 2020.''
I will say, as I have been saying at home at townhall meetings across
my home State, that in 2020 I believe the hostile foreign actors are
going to make 2016 look like small potatoes, and I am not just talking
about the Russians here.
What the Associated Press revealed this weekend should be chilling
for anybody fighting to protect our elections from foreign
interference, but it is certainly not the first indication Americans
have gotten that our elections are vulnerable.
Last year, the journalist, Kim Zetter, and the New York Times
reported that ES&S had installed remote access software and wireless
modems in election equipment for years. I believe that is about the
worst thing you can do in terms of election security in America, short
of putting American ballot boxes on a Moscow street.
Special Counsel Robert Mueller revealed in his report that an
election software vendor was actually hacked by Russia in the summer of
2016. The public still doesn't know enough about what happened there or
what the government did to investigate. This is another area where I am
seeking to excavate the facts. My colleagues, particularly my colleague
from Minnesota, Senator Klobuchar, and my colleague from Rhode Island,
Senator Reed, are doing the same.
VR Systems, the company Mr. Mueller was referring to, sold e-
pollbooks to a county in North Carolina. I am talking now about the
systems that workers used to check voters in at a precinct. It happened
that several of the VR Systems e-pollbooks used by Durham County in
North Carolina malfunctioned on election day in 2016. The problem was
so bad that one precinct had to shut down completely for several hours.
Last month, I asked the FBI what happened; is anybody investigating?
It sure looks like no Federal Agency has been out there looking at
these malfunctioning e-pollbooks. It wasn't until last month that the
Department of Homeland Security announced it would finally perform a
forensic examination of the Durham County machines. That is not good
enough. It is critical to secure our political parties, our campaigns,
and the votes of Americans.
In 2015 and 2016, Russia hacked two Democratic campaign committees.
Russian hackers also stole emails from John Podesta, Secretary
Clinton's campaign manager. The Russian Government then leaked
Democratic emails to influence the Presidential and, reportedly, House
races in six States.
As I have emphasized at every part of my investigation, every part of
my efforts, this is not a problem reserved for one political party. The
National Republican Party committees have also all been hacked in the
past, as well as the campaigns of Senator Graham and our late colleague
John McCain.
Political campaigns don't have the expertise or resources to protect
themselves from foreign government hackers. They ought to be in a
position to get assistance, and if Congress doesn't act, they are going
to get hacked again in 2020.
That is why I introduced legislation earlier this year, the Federal
Campaign Cybersecurity Assistance Act, to secure campaigns and State
parties. This would apply to both Democrats and Republicans. The bill
turns the party committees, like the Democratic National Committee and
the Republican National Committee, into an ``IT department'' for their
campaigns, State parties, and candidates. The parties will be able to
give campaigns professionally managed, secured laptops, cell phones,
and emails, which are much harder to hack. I think it is in the
interest of our country, voters, Democrats, and Republicans to pass
that bill.
I am going to close my remarks where I began, this extraordinary
information that was compiled by the Associated Press that demonstrates
that out-of-date software is going to be

[[Page S4816]]

used by election officials all over the country unless something is
done about it. As a result, I have asked the Election Assistance
Commission what they are going to do to stop the proliferation of out-
of-date, insecure software.
A lot of people tell me, don't stay up waiting for much.
Earlier this year, I asked the Department of Homeland Security how
many States used voting machines with old, insecure software on
Election Day in November of 2018. They said they didn't know. I will
say it again. The Agency in charge of protecting our election
infrastructure against cyber threats has no idea how many vulnerable
voting machines are out there right now. That is a big problem.
An even bigger problem is the inadequate laws. Right now, there are
no mandatory Federal cyber security standards for elections. There is
no law or regulation that says States can't use insecure machines. It
is perfectly legal for the biggest voting machine company in America--
and these voting machine companies basically think they are above the
law; they wouldn't even answer basic questions when I asked them--to
sell a small county equipment that every cyber security expert in
America knows is insecure. It is perfectly legal for a county clerk to
put the outcome of a Presidential election at risk by buying insecure
machines.
I will just say to my colleagues, I don't think this has anything to
do with Democrats or Republicans. I believe it is an out-and-out
scandal--an out-and-out scandal that does a disservice to our country
and particularly the sacred right to make sure that all Americans can
vote and have their vote counted.
Congress has poured hundreds of millions of dollars into election
technology since 2016, but without required cyber security standards, a
huge portion of that money is going to go towards voting machines and
election systems that are not much better than the insecure systems
they are replacing.
The Congress must do better. Voluntary standards or just saying to
the local governments ``We are just going to let you do your own
thing'' will not cut it on cyber security. It is up to the Congress to
get serious, finally, about providing for the security of our
elections.
I have been pushing hard for hand-marked paper ballots and risk-
limiting audits as key defenses against the hackers. The hackers are,
in effect, burglars out there knocking on windows just looking for an
opportunity to exploit. We need a stronger defense against these
hackers, and it is critical.
In addition to the hand-marked paper ballots and the risk-limiting
audits, it is critical for Congress to pass legislation giving the
Federal Government the authority to require basic cyber security for
election infrastructure. In my view, anything less is waiving a white
flag to foreign hackers.
By blocking any and all election security legislation, I believe
Donald Trump and the majority here in the Senate are in effect rolling
out the red carpet for all of the hostile foreign actors I have
mentioned here and saying: Look, there are holes in our cyber security.
Come on in, and interfere in our democracy.
We are better than that. I am going to be working with Democrats and
Republicans to ensure that--especially in light of the developments
that were reported on just in the last 72 hours about the out-of-date
software that we are seeing in our voting machines all across the
country--I am going to work with Democrats and Republicans to put the
security and the integrity of our votes--a process that is sacred in
our country--first.
I suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The legislative clerk proceeded to call the roll.
(Ms. ERNST assumed the Chair.)
Mrs. HYDE-SMITH. Mr. President, I ask unanimous consent that the
order for the quorum call be rescinded.
The PRESIDING OFFICER (Mr. Boozman). Without objection, it is so
ordered.

Cloture Motion

The PRESIDING OFFICER. Pursuant to rule XXII, the Chair lays before
the Senate the pending cloture motion, which the clerk will state.
The legislative clerk read as follows:

Cloture Motion

We, the undersigned Senators, in accordance with the
provisions of rule XXII of the Standing Rules of the Senate,
do hereby move to bring to a close debate on the nomination
of Peter Joseph Phipps, of Pennsylvania, to be United States
Circuit Judge for the Third Circuit.
Mitch McConnell, Roger F. Wicker, John Barrasso, David
Perdue, James E. Risch, Mike Crapo, Roy Blunt, Johnny
Isakson, Shelley Moore Capito, Pat Roberts, John
Cornyn, John Hoeven, Steve Daines, John Boozman, Thom
Tillis, Kevin Cramer, Richard Burr.

The PRESIDING OFFICER. By unanimous consent, the mandatory quorum
call has been waived.
The question is, Is it the sense of the Senate that debate on the
nomination of Peter Joseph Phipps, of Pennsylvania, to be United States
Circuit Judge for the Third Circuit, shall be brought to a close?
The yeas and nays are mandatory under the rule.
The clerk will call the roll.
The legislative clerk called the roll.
Mr. THUNE. The following Senators are necessarily absent: the Senator
from Kansas (Mr. Moran), the Senator from Kentucky (Mr. Paul), and the
Senator from Nebraska (Mr. Sasse).
Further, if present and voting, the Senator from Kansas (Mr. Moran)
would have voted ``yea.''
Mr. DURBIN. I announce that the Senator from Colorado (Mr. Bennet),
the Senator from New Jersey (Mr. Booker), the Senator from New York
(Mrs. Gillibrand), and the Senator from Minnesota (Ms. Klobuchar) are
necessarily absent.
The PRESIDING OFFICER. Are there any other Senators in the Chamber
desiring to vote?
The yeas and nays resulted--yeas 53, nays 40, as follows:

[Rollcall Vote No. 204 Ex.]

YEAS--53

Alexander
Barrasso
Blackburn
Blunt
Boozman
Braun
Burr
Capito
Cassidy
Collins
Cornyn
Cotton
Cramer
Crapo
Cruz
Daines
Enzi
Ernst
Fischer
Gardner
Graham
Grassley
Hawley
Hoeven
Hyde-Smith
Inhofe
Isakson
Johnson
Jones
Kennedy
Lankford
Lee
Manchin
McConnell
McSally
Murkowski
Perdue
Portman
Risch
Roberts
Romney
Rounds
Rubio
Scott (FL)
Scott (SC)
Shelby
Sinema
Sullivan
Thune
Tillis
Toomey
Wicker
Young

NAYS--40

Baldwin
Blumenthal
Brown
Cantwell
Cardin
Carper
Casey
Coons
Cortez Masto
Duckworth
Durbin
Feinstein
Harris
Hassan
Heinrich
Hirono
Kaine
King
Leahy
Markey
Menendez
Merkley
Murphy
Murray
Peters
Reed
Rosen
Sanders
Schatz
Schumer
Shaheen
Smith
Stabenow
Tester
Udall
Van Hollen
Warner
Warren
Whitehouse
Wyden

NOT VOTING--7

Bennet
Booker
Gillibrand
Klobuchar
Moran
Paul
Sasse
The PRESIDING OFFICER. On this vote, the yeas are 53, the nays are
40.
The motion is agreed to.
The PRESIDING OFFICER. The majority leader.

____________________