WASHINGTON - Top Republican on the House Committee that oversees federal elections, Ranking Member Rodney Davis (IL-13), sat down with Politico Pro's cybersecurity reporter, Tim Starks, in an open Q&A to discuss his bill, H.R. 3412, the Election Security Assistance Act, one of the most comprehensive election security bills introduced by Republicans this Congress and to explain the different approaches being taken to secure our nations' elections by Republicans and Democrats. While Democrats are attempting to federally mandate election technology and infrastructure to states, Republicans want states to bolster their election security and choose the secure election technology that works best for their citizens' unique needs.

You can read the article on Politico Pro by clicking here or in the transcript below:

POLITICO Pro Q&A: Rep. Rodney Davis
By Tim Starks | 08/02/2019 05:02 AM EDT

Rep. Rodney Davis (R-Ill.) isn't just a Nickelback defender; he's the ranking member of the House Administration Committee, where he's emerged as one of his caucus' leading critics of Democratic election security legislation.

While he has issued his broadsides both within the committee and on the House floor, he also hasn't been just a naysayer: He recently introduced one of the more comprehensive GOP election security bills (H.R. 3412) this session.

After offering opinions on vintage hair metal bands and the kindness of Poison frontman Bret Michaels, Davis spoke with POLITICO Pro about election security and another area of his panel's jurisdiction, the cybersecurity of the House of Representatives itself.

This transcript has been edited for length and clarity.
Until your bill, Republicans have been saying "Wait, let's see how the last batch of grant money was spent before providing new funds." What changed?
I think we all recognize we have to invest some resources to ensure that our local communities and our states have the resources necessary to ensure that their equipment is equipment that's going to withstand any cybersecurity attempts. The appropriators had already invested hundreds of millions of dollars in the years past. Those dollars were used during the 2018 cycle, and used very effectively. There's not one instance in the 2018 election cycle where we had state officials or Department of Homeland Security officials talk about cyberattacks.

Did you talk to GOP leadership or the Trump administration in putting together that bill?
We talked to a lot of groups. We've been in constant contact with our leadership team. Heck, we were in negotiations with the Democrats in the House to come up with a plan that would've been a bipartisan plan, and they walked away from the table, which showed me they wanted to be more partisan rather than come up with solutions.

It's not just about the money. It's also about making sure we have the ability — we wanted to put in place provisions like security clearances for election officials so if there is an intrusion, our intelligence community and analysts can actually talk to local election officials about what that intrusion is. That has been a problem in the past. It was not addressed in the Democrats' bill.

Our bill was what we'd consider even more bipartisan, because that's what we were working toward with the Democrats on the House Administration Committee, with our leadership team, and the Democrats decided they wanted to play politics with H.R. 2722. [That bill] became more partisan because they wanted to rush it through in anticipation of some larger message that would related to an attack on the administration.

What they said was we don't have much time left on the calendar.
We don't have much time left on the calendar for infrastructure, we don't have much time left on the calendar for appropriations, we don't have much time left on the calendar for anything.

That's clearly a failure of their leadership in running the House right now. That's an excuse that seems pretty righteous coming from the majority, which asked to be able to control the calendar. So you walk away from a bipartisan negotiation out of the blue one day because somebody had calendar problems? That's the biggest hunk of bullshit I've ever heard.

There did seem to be some things in the bill they would like, but ...
We thought we were there. Look at our bill, H.R. 3412. Your first question is indicative of where we were, and where we were willing to work with them. Even you said we'd moved from where it's traditionally thought Republicans were. That shows we were negotiating in very good faith.

Your bill would order a "feasibility study" of paper ballots and post-election audits. Some jurisdictions have implemented them, and expert consensus is that they're two vital steps. What do you think a study like that would do?
Who are the experts with the consensus on paper ballots being the answer?

Anyone who works on election security, probably 99 percent if not everyone.
Everyone thinks everyone should have optical scan machines? They want a paper ballot that gets fed through an optical scan.

That's one option, sure, but at least a backup.
That's the clear difference. The Democrats' bill required optical scan machines only. What we have said is we are OK with technology as long as you have a voter-verified paper backup. I want local officials, state officials, to be able to use what we see as an increasing opportunity to have new and more secure election infrastructure in the next 10-15 years.

What the Democrats' bill tried to do was go back in time to basically say technologically speaking, we are only going to use optical scan machines.

I thought it was just saying, as long as there's a paper ballot.
You would not be able to use electronic machines with voter-verified paper backup. If local communities want to invest in optical scan machines, great. Paper ballots aren't foolproof either. We have some issues we tried to address with both H.R. 1 and the debate on 2722 in regards to ballot harvesting. That's a problem. A process can't be legal in one state and have someone go to jail for it in another state without understanding that maybe we have to take a look at this process were people use the paper ballot system and in the case of North Carolina, a Republican operative is going to go to jail for misusing the paper ballot process.

We're not saying get rid of paper. We're saying, allow communities to plan for the future, don't prescribe certain kinds of machines, because electronic machines that may have just been purchased by state and local officials would be by 2022 phased out. Many communities have taken their hard-earned tax dollars, they've sacrificed road projects, they've sacrificed bridge projects to get election infrastructure.

[Editor's note: POLITICO's understanding of the Democratic bill is that it does not mandate optical scan machines. Davis staff later said Davis meant to indicate that it would effectively and largely do so, even if it did not contain language specifically requiring it.]

But the feasibility studies are trying to get to the bottom of what, exactly?
The feasibility study is trying to get to the bottom of, how many people are using the audit process right now? And do we need a federal prescription on how that audit process ought to go? Local officials, I'm convinced that almost every single local election official wants one thing to happen. They want the election to go off without a hitch, and they want no lines, and they want to stop as much backup as possible during Election Day, and they want to count every single ballot that comes in and they want to do it fairly. So our bill was also to address some issues that were brought up at our election roundtables that we had in my district. I've put best practices out there with every single member on our side of the aisle to meet with their local election officials. I've met with mine.

When you talk about the cost of machines, Democrats do want to pay for that. Do you think that's a waste of money?
Clearly there's never going to be enough resources to pay for the replacement of every election machine in this country.

They want to do $1.3 billion over X number of years. You don't think they'll ever get to the amount?
Have you seen our appropriations process? I'd rather not take the chance — I'd rather be realistic.

Many state and local officials say we don't have the cybersecurity expertise. Given that even many of them acknowledge that, you have confidence they'll be able to purchase the best equipment?
I've got county clerk offices that have two people in them. I don't think anybody's going to say they have the cybersecurity expertise. But the state of Illinois has already implemented a Cyber Navigator Program to work in conjunction with the Department of Homeland Security, using the resources that they've already provided and they're included in getting that assistance right now in my home state. Why in the world would I want Washington to come in and prescribe another type of activity to go over what's already working? Our elections are going to be run at the state and local level. If the Democrats' goal is to run elections at the national level, that should scare every local county official now. That's not my goal. I think the safest, fairest elections are run in the polling places and places like Calhoun County and Christian County, Ill.

What they would probably answer is, we don't want a takeover. There's a certain level of attacks coming from this nation-state direction that they aren't equipped to handle, and they need guidance or in some cases, direction. It's not so much a full takeover as opposed to some interjection that isn't there now.
I would argue that they obviously don't understand local elections in states like Illinois. How in the world are we going to have anybody hack into an election precinct in some of our areas even of my district that have no broadband access, when they're running their election systems, using their machines, using in some cases the voter-verified paper backup machines that aren't connected anywhere online. Somehow, it's going to be safer to have a Washington top-down approach?

You don't think they talk to their local county clerk offices about these issues?
That doesn't make it better than our discussion. That's why we were sitting around a table trying to negotiate a bipartisan solution that they walked away from. We're not saying that Washington doesn't play a role. We're saying there's a debate about how big that role is. We can't have a debate out here in concrete buildings in Washington, D.C., without thinking about the areas in rural America that aren't going to be able to afford the top-down mandates.

On the Election Assistance Commission, there was a GOP movement to get rid of it, even after 2016. Has there been an embrace of the EAC of late from Republicans?
I wouldn't call it an embrace. I would say, the EAC was successful in working with DHS and the local and state officials in making sure some of the nefarious intrusion attempts we saw in 2016 didn't happen in 2018. So yeah, there's a newfound respect for that. That means we want to continue to allow them to operate in a manner that's continuing to be able to show those successful relationships and successful disbursement of funding to our state and local officials. They showed me their worth after 2016.

Do you have confidence in Brian Newby, EAC executive director?
I just talked about how I have gone from voting to disband the EAC to actually proposing to more money through the EAC to distribute to our state and local officials. Obviously they're doing something right over there. The Democrats on the House Administration Committee clearly want to air personnel issues during hearings that were supposed to talk about cybersecurity, but instead we have a limited amount of time and we're listening to people complain about personnel issues that could be fixed and should be addressed at a table like this, not in a hearing room.

What's your assessment of how the House is doing overall on its own cybersecurity?
This is getting a lot of discussion in the Select Committee to Modernize Congress. We've got to take the House from where we are today into future technologies. Five years ago, 10 years ago we may have invested in infrastructure that's outdated now that can be replaced by a much cheaper, more secure and more usable alternative like the cloud. We need to move more into the cloud technology not just for cybersecurity issues, not just for data backup, but for constituent management systems. Right now, two constituent management systems have something like a duopoly in our building, and that hasn't led to innovation. It hasn't led to easier constituent interaction between member offices and their constituents.

What do we have, 12,000 people who work here? We have companies that utilize private sector technology, utilize cloud technology, with hundreds of times that number of employees. We ought to be able to be a little more fleet-footed when it comes to addressing new areas instead of always looking back and saying, "Hang on, that may cause a problem." Let's take what's working in the private sector and apply it to here, too.

What kind of grade would you give the House?
In the areas of cybersecurity, over the last few years, I'd give our men and women working in the House of Representatives an "A," because they've become a lot more secure when it comes to being able to secure our digital mobile devices and to be able to interact with the House network. I was a staffer when somebody would click on an email that was a virus, and all of a sudden everybody on the House network would get an email. That doesn't happen anymore.

The capabilities, the intrusions, they're doing a lot better job with a lot more activity. There are many, many more intrusion attempts today than when we used to get the "oh please click here I've got a Nigerian aunt that needs your help" or what have you. It was a lot easier to look at those in the past and realize I'm not going to click on that. But now we don't know what the attempts are, and our folks here are doing a great job in making sure those attempts don't impact on what we do on the House network. But we also can't let the successes that we have stop us from moving forward.

###