Print Version (PDF)
FOR IMMEDIATE RELEASE
February 21, 2019
SOS Press Office
SACRAMENTO - Secretary of State Alex Padilla today announced his sponsorship of two new bills, authored by Assemblymember Jacqui Irwin (D-Thousand Oaks), to bolster election cybersecurity and better safeguard California voter data. AB 1043 will expressly permit political campaign expenditures on cybersecurity technology and services. AB 1044 will authorize the Secretary of State’s office to require entities applying for voter registration data to demonstrate that they have completed a specified course on data security.
“As we have seen since 2016, our election and political processes are increasingly being targeted by malicious actors," Secretary of State Alex Padilla said. "Candidates, campaigns, political parties, and individual elected officials face increasingly sophisticated threats, and cybersecurity should be recognized as a valid campaign expenditure. Candidates and campaigns are not the only ones being targeted. State law makes some voter data available to the press, researchers, and campaigns for specific authorized uses. Those with proper access to voter data also have a responsibility to safeguard that data. Those storing and utilizing voter data must do so in a lawful and secure manner."
“Secure elections are fundamental to our democracy and I applaud Secretary of State Padilla for leading the charge to preserve data integrity by sponsoring these bills,” Assemblymember Jacqui Irwin said. “AB 1043 and AB 1044 will safeguard voter data by ensuring that political campaigns have the tools that are necessary to stay ahead of constantly evolving threats.”
AB 1043 - Use of Campaign Funds for Cybersecurity
Political parties, candidates and campaigns have increasingly become the targets of cyber threats. In 2016, attacks targeting the DNC and Clinton campaign led to breaches of internal campaign documents and communications. In 2018, three California candidates for US House of Representatives faced cyber attacks. The Federal Elections Commission (FEC) issued an advisory opinion in December 2018 clarifying that Federal office holders may use campaign funds to bolster cybersecurity protection for personal devices and accounts.
AB 1043 clarifies state law to ensure that state candidates and elected office holders can make campaign expenditures on cybersecurity.
AB 1044 – Requiring Cybersecurity Courses to Access Voter Data
Under state law, limited voter data is made available for specific restricted use by campaigns, journalists, and academic researchers. Currently, those applying for voter data must only provide documentation of their organizational affiliation, description of their planned activities using the voter data, and a plan to securely store this data.
AB 1044 would allow the Secretary of State’s office to require those applying for voter data to complete a course on data security. Any course would have to be offered at no cost to those applying for voter data.