 |
ARIZONA STATE SENATE
Fifty-Fifth Legislature, Second Regular Session
voting machines; hardware; software; access
Purpose
Requires the Secretary of State (SOS) to ensure that certified vote recording and tabulating machines and devices meet specified security standards, do not have access that allows for internet connectivity, support the tracking of users based of unique credentials and log and maintain certain information.
Background
The SOS must appoint a three-member committee to investigate and test various types of vote recording and tabulating machines or devices that may be used for elections. The committee must submit its recommendations to the SOS, who makes final adoption of the types, makes and models of elections machines and devices to be certified for use in Arizona.
After consultation with the committee, the SOS must adopt standards for the loss of certification for elections machines and devices. The SOS may revoke the certification of any voting system or device if the person or firm: 1) installs, uses or allows the use of a voting system or device that is not certified for use or approved for experimental use in Arizona; or 2) uses or includes hardware, firmware or software in a version that is not certified for use or approved for experimental use in a certified voting system or device. Elections machines and devices may only be used if they have been tested and approved by a laboratory that is accredited pursuant to the Help America Vote Act of 2002 (A.R.S. § 16-442).
There is no anticipated fiscal impact to the state General Fund associated with this legislation.
Provisions
1. Requires the SOS to ensure that certified vote recording and vote tabulating machines and devices approved for use in Arizona elections:
a) have all operating systems and software configured to the appropriate level of security that is consistent with best practices in standards issued by the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency;
b) do not have hardware installed that supports internet connectivity or any other form of remote access or software that allows any change to result in files or a database;
c) support the usage and tracking of users based on unique credentials that are changed at least once per election cycle for each user;
d) log any deletions of ballot images, Windows event logs and results files and have a system that maintains election software logs; and
e) maintain required tracking and logging for 22 months of election data.
2. Makes technical and conforming changes.
3. Becomes effective on the general effective date.
Prepared by Senate Research
February 3, 2022
MH/slp