Gentlemen. Pleased on behalf of the Penn State Dickinson School of law, penn state institute for constitutional sciences, the center for democracy and technology, and the center for justice to welcome you to what i consider to be a very timely, and honestly a very, very important form and symposium. At the outset, i want to thank all of the participants regarding and incredible array of speakers dissipating in the forum. I want to thank the guests who have taken the time to join us this morning, and i also want to reach out and say thank you to cspan for covering something that all of us, i think regardless of republican, democrat, or independent, think is quickly important. It is undisputed that there are people who have been hacking into our elections for a long, long time. Indisputable. S we can start with 2016, and i think we can look back before that, we might have seen there were people playing around in that arena, even before that time, so we decided to get these organizations, to pull together a symposium to deal with hacking in u. S. Elections and how to make the 2020 election more secure. So were grateful that you joined us this morning. Some of you in the audience will probably remember, but i did happen to talk about some of my colleagues, asked them how old they were 2001 on 9 11. Most of them were in grade school, a couple in school. At that time, i reminded them that i was called to the white house and then given the opportunity to set up the department of Homeland Security right after those horrific events. And as i look back and reflect on that time, im reminded that initially we were focused on a small group of terrorists from a small part of the world who would attack us and use physically and attack our citizens. And then within a couple of months, within a year or so, we decided that in addition to dealing with physical attacks, we better start paying attention to digital attacks. Think about it. This is 2002 and 2003. The tools available to those who would attack us with Digital Tools was minimal. The sophistication was probably primitive compared to what were dealing with today. And clearly the frequency has been expanded exponentially. I think back about those days, and i think about trying to deal with both physical and cyberattacks. And i think to myself, and this is my opinion. I share it with you. I hope you agree. Its one of the reasons behind the forum. Potentially as harmful, as painful, as harmful and painful to deal with the attacks of those days, and as potentially harmful to our citizens and our economy, as massive terrorists, physical or Cyber Attacks would be, in my judgment, nothing, nothing has greater potential to undermine who we are as a free people than Cyber Threats to our democracy. To challenge and undermine free and fair elections, by creating doubt. Doubt and uncertainty to the legitimacy of our political process. And create chaos, which we see even today divides our political leaders. If the goal of those who sought to attack this country was to destabilize our government and our political institutions, im afraid we have to admit, to date, theyre succeeding. Truth and civility and the very foundation on our Constitutional Government are the primary victims of the abuse and the misuse. Of social media. Our enemys goal is to destabilize. Theyre succeeding. Now, lets be very clear. We focused a lot on foreign influence and there certainly is , and there will be some discussion about that. But lets not underestimate the role of domestic cyber activity as well. Perhaps not to destabilize our process but to promote a political candidacy or point of view. No matter what the goal. It is unamerican, no matter what the goal, in the digital world, it is one of the major challenges we have going forward. The other challenge is, and i conclude with these remarks, the digital sun is never going to set. Its just going to get hotter, in a hyperconnected world. The challenges associated with Cyber Threats to our institutions of government continue to grow, continue to expand. So it is for that reason that these four organizations got together and said, lets take a look at vulnerabilities in the electoral process, and lets take a look at the impact of the abuse and misuse of social media on that process itself. I had a great opportunity the past several months to work with professor anne toomey mckenna. Shes really the catalyst. Shes really made a lot of this happen. And a lot of the speakers are here because of their admiration and respect for her. I want to introduce my friend and colleague, professor anne. [applause] mckenna so really, im the chief button pusher. Its a pleasure to be here today. I want to thank you all and welcome to our audience on cspan. The governor has told you about the sponsors involved. I think one thing thats important to remember, because were going to be talking today about those Election Security and the infrastructure, and were going to be talking about social media and money and data as well, as part of the undercurrent here. An important thing to do is to remember that no one here is a paid speaker. No one was charged admission. No sponsor is doing this pursuant to a grant. This is because a group of entities and individuals, like you all here, recognize the importance of securing our elections and recognize the actual threat to our elections that come from these two different aspects were gonna talk about today. So when we talk about politics, its very easy to get personal. This group of speakers is incredibly interdisciplinary. Its incredibly mixed in terms of their backgrounds and affiliations. The speakers that have come here today. And so is this audience. This really is an impressive members of media, intelligence community, security, academia, researchers. So were looking forward to working towards problem solving with you all. I dont want to take very much time, but i want to remind everybody, as we frame our questions, as we frame our responses, and well have a really great opportunity for audience participation with the luncheon, and we want to hear from you. So, again, remember, this is not about my politics or your politics. This is about saving democracy. So lets work to do that together. Without further ado, i want to turn the mic over to my colleague, jenny evans, who is one of the leading data scientists in the country. Thanks, jenny. [applause] jenny thank you, anne. And thank you, governo my persou and governor ridge for your investment in bringing us here together today. Were here to wrestle with a critical challenge to our democracy. As anne mentioned, im the director of penn States Institute for computational and data sciences. We support a myriad of data and Computational Research at penn state. We also support penn states High Performance computing system and events at events such as this. The mission of the institute is to bring Interdisciplinary Research of societal and scientific importance and advance these goals. We do that by cohiring faculty with departments all across the university. Were jointly hiring with numerous colleges and departments, departments such as astrophysics and Biomedical Engineering but also such as political science, psychology, geography, and law. And one of these intellectually adventurous, intelligent and , and interdisciplinary scholars. The institutes culture is to bring together a diversity of experts in action through many disciplines, professional perspectives, and backgrounds. You are that group of scholars today. Its our tendency as humans to limit ourselves to consideration of just the facts in front of us, consider the well, where did i find that image . There we go. Therefore, continue the maam behind me. This was purported to be australia on fire. The fires in a single day in australia last year. As an australian, also as an american, this was terrifying to me until i found out that this is not a day. Its a month. Its still horrendous, but its a different story. No single expert can take on securing elections today. Im sorry. Its not simply a technology issue. Its not simply a policy issue. Its not simply a law issue. Its an interdisciplinary problem requiring collaboration from experts in all of these specialties and more. Because elections are at the heart of a functional democracy, its imperative that we investigate this issue from a multitude of perspectives, bringing the best minds to bear. Election security is an interdisciplinary challenge but its also a data science challenge. Data is at the core of our elections, starting months before the votes are cast. The readily available, personal and Demographic Data creates opportunities to provide tailored messages, microtargetting select groups through social media. While this can be a boon to business, this data mining has been readily used to spread disinformation across the electorate. Once elections take place, each vote is a crucial data point in determining the leadership of our country. How these data are tabulated, where they are how they are analyzed and communicated, without bias, these are important aspects of the electoral process that must be secure. While well delve into for newer perspectives on the electoral process today, the fundamental underpinning of data science and technology, the critical need for interdiscipline groups to come together, sharing the diversity of perspectives and opening new doors to discover is unquestionably important. Im delighted that penn States Institute for computational and data sciences, Penn State School of dickinson law are collaborating today with the Brennan Center for justice, the center for democracy and technology, and governor ridge to host this event, tackling this critical issue for our democracy. I ask you to take advantage of this exceptional group, to continue or initiate conversations that will lead to action in support of this grand challenge. Thank you all for joining us here today, and thank you again, anne and governor ridge, for bringing us together. [applause] prof. Mckenna again, chief button pusher. I want to introduce larry norden. Its my pleasure to introduce larry, the director of the reform program. Welcome, larry. I think you press the buttons , too. Larry yes, i can. Which button am i pressing . [laughter] larry this one. Ok. Terrific. Thank you, anne. Thanks to all of the groups involved in partnering with the Brennan Center for justice on the event today. I think its going to be an interesting and informative conversation. Ive been asked to lets see. Oh. Yes. Ive been asked to present an overview of some of the Biggest Challenges facing American Election infrastructure. And im going to discuss a little bit about why theyre not insurmountable challenges in 2020 but also what we can do in the longer term after 2020 to start making some bigger changes to secure our election infrastructure. It isnt fair, but im going to use iowa and the caucuses as an introduction to this topic. [laughter] norden i was a little bit worried about nevada over the weekend, but fortunately i didnt have to overhaul my slides tonight. The reason i think its not fair to use iowa, as an example, before i go ahead and do it, of course there was no cyber attack on the infrastructure they were using there, as far as we know, and, of course, as others have pointed out, the caucuses were run by a political party, in this case the democrats. They were not run by professional Election Officials, by the states or the counties, as the primaries are and as the general election in november will be. Nevertheless, i think there are some important lessons going into 2020. And the first is that vendors are a point of vulnerability in our elections. We, often on capitol hill, when people talk about our election infrastructure and Election Security, they talk about Election Officials. They talk about states and counties. But much of our election infrastructure is created and supported by private vendors. They touch nearly every aspect of our elections. So folks may know that there are three big manufacturers, Voting Machines in the United States , and they control about 90 of the market for Voting System. But there are certainly hundreds of Additional Companies that maintain and program these machines, that build and maintain Voter Registration databases and electronic poll books to determine who is eligible to vote and that perform other essential functions for our elections. Yet unlike other vendors in other sectors that have been deemed part of Critical Infrastructure, like dams or energy or defense, there are no federal regulations over these vendors. And in fact, theres been very little federal oversight of these vendors to date. What this means is, we dont even have a full picture of how many vendors there are working on our election infrastructure. Either manufacturing or servicing. We dont know where theyre working. We dont know what kind of screening they do of employees that perform critical functions. We dont know who owns them. Maryland infamously earned in the past couple of years that a vendor for the Voter Registration systems was owned by a russian oligarch. They only found that out because the f. B. I. Informed them of that. We dont know what their supply chain practices are. We dont know where their parts come from and we dont know what kind of internal Cyber Security practices they enforce. So Election Officials can know what kind of security practices they put in place in their offices. But they really dont know when theyre dealing with vendors and purchasing products or services from them, what theyre doing. They can ask and they can trust them about what theyre doing , but they really cant know. Were not going to get that problem fixed before 2020. But i do think there is a bipartisan interest in tackling this problem. There was a hearing at the House Administration committee in the past couple of months, where both republicans and democrats expressed concern about this issue, and certainly when i talked to Election Officials of both parties, they say this is something that they want to address. So i said, i dont think well solve this problem before 2020. I dont think that means we need to be despondent about 2020. The department of Homeland Security, Election Officials, state and local governments have all done a lot to secure our elections and our election infrastructure since 2016. And of course for the first time in more than a decade, congress has provided money to the states to help secure their systems to spot and patch vulnerabilities in those systems that they purchase from these vend. Nevertheless, i do think this is a real weakness going into 2020 , and the solution, as always in elections, is to hope for the best and to prepare for the worst. So that brings me to the second lesson from iowa, which is that a great danger of cyberattacks is systemwide failure. No election is perfect. There are always technical problems that we read about and see in elections. But if the reporting app in iowa, you know, were just a few glitches and only some precincts had trouble reporting their results, i wouldnt be here talking about iowa today. The problem in iowa was that the failure was systemwide. Systemwide failure is different and it is a danger of Cyber Attacks that entire communities or jurisdictions can be targeted for systemwide failure. A systemwide attack could be particularly damaging if, unlike in iowa, it prevented people in large numbers from voting or having their votes accurately counted. That means systems like Voter Registration databases, electronic pole books, which are used to determine eligible, and, of course, voter machines. The answer do this vulnerability to this vulnerability is to build in redundancies to ensure resiliency. So heres an example of one of those pieces of infrastructure that i was talking about. Electronic poll books. What might happen if this system was attacked or failed . It might not start up. So wed have difficulty checking people in. It might have inAccurate Information. You get long lines. People get told they cant vote a regular ballot. Maybe theyre even sent away. Weve seen examples of this is nearly every federal election. But at a county or statewide level, it would be a real i mess, and i would argue a bigger mess than the problems that we saw in the iowa caucus. So what kinds of things can we do to ensure resiliency under those circumstances . Well, there are 41 states that use these electronic poll books. Only 12 of them require to have in the polling place a paper backup for these electronic poll books. That seems like an obvious solution. Having something thats not on this tablet to go to, if the system fails. Of course, even if you have a paper backup, its possible that the paper backup itself could be corrupted in some way. And there we have a federal solution for that. The Voter Registration databases is infiltrated in some way. The federal solution is provisional ballots. We can have people vote and go back and check later whether or not there was some problem with the data that we had. So thats a really good federal failsafe. Unfortunately, most states dont have any minimums on the number of provisional ballots in polling places. And we have had instances in the past where polling places ran out of provisional ballots. So the Brennan Center has recommended that every voting place have two to three hours of materials, if theres some ki