Congress provided hundreds of millions of dollars to shore up the nation's election system against cyberattacks and other threats, but roughly two-thirds of the money remained unspent just weeks before last year's presidential election.
A recently released federal report says the states, the District of Columbia and U.S. territories had spent a little more than $255 million of $805 million in election security grants through Sept. 30 of last year, the latest figures available.
States were given leeway on how and when to spend their shares because election concerns and potential vulnerabilities of voting systems vary widely across the country. Several election officials cited two main reasons for the slow pace of spending: More than half the money wasn't allocated until the 2020 election was less than a year away, giving election officials and state lawmakers little time to make major spending decisions. And the coronavirus pandemic upended last year's election planning, forcing officials to focus on safety at the polls and pivot to provide more early voting and mail-in balloting.
“Security was still on everybody’s mind, but it took a back seat to just making sure that the election ran without it just having a total meltdown,” said Don Palmer, chairman of the U.S. Election Assistance Commission, which issued the report.
A state-by-state snapshot the commission released last month shows that as of the end of the federal fiscal year on Sept. 30, when early voting was already happening in the presidential election, the nation’s 50 states plus the District of Columbia and five territories had spent roughly 31% of the election security funding. The grant money came in two chunks since 2018 under the Help America Vote Act.
Louisiana, one of the last states to use aging voting machines statewide that have no paper trail, spent none of its $12.5 million election security grant ahead of the 2020 presidential election. Its initial efforts to replace thousands of voting machines were scrapped amid controversy over the bid-selection process.
In July, Louisiana's Democratic governor and its Republican lawmakers agreed on a process requiring an auditable paper trail for whatever voting system the GOP secretary of state chooses.
In 2017, the federal government notified election officials in 21 states that hackers had targeted their systems before the 2016 presidential election. The widespread nature of the attempts raised concerns at the time among some election officials and lawmakers, although being targeted did not mean the hackers had succeeded in penetrating election systems or were able to manipulate voter data or results.
North Dakota — one of the targeted states — spent none of the $6 million it received in election security grants by Sept. 30. The state told the Election Assistance Commission in its own financial report that it purchased no voting equipment nor did it conduct any security training during the year. It instead was prioritizing other funding sources that have expiration dates. North Dakota had initially requested the election security money to buy a statewide digital scan voting system and electronic poll books for every polling location in the state.
Former special counsel Robert Mueller’s report said Russian operatives successfully compromised the Illinois State Board of Elections computer network in June 2016 and gained access to a voter registration database containing the information of millions of people. Still, as of Sept. 30, Illinois officials had spent less than 16% of the state's $28.1 million in federal election security money. EAC Commissioner Benjamin Hovland told lawmakers that Illinois' expenditure appeared low because the state was spending most of its money on a multi-year project called the Cyber Navigator Program, which aims to defend, detect and recover from cyberattacks.
Pennsylvania, a presidential battleground that also was among the targeted states in 2016, spent nearly 90% its $28.6 million before the 2020 election, mostly to replace voting machines. Other politically important states that were targeted — Arizona, Florida and Wisconsin — spent roughly half their money.
Hovland said the election grant money didn't come with expiration dates, explaining it was “the first real money” to come to states for elections in a long time and people didn't have confidence there would be additional federal funding.
A review of state progress reports by commission staff found that one “common activity” among states was spending the money to audit the November presidential election. The report noted that Colorado, Georgia, Idaho, Indiana, Iowa and many other states plan some form of audit.
The agency’s 2020 report says states' spending of the federal grant money fell mostly under three categories: nearly 39% was used to make cybersecurity upgrades; about 25% was invested in new voting equipment; and 11% went to upgrade voter registration databases.
During the 2020 general election, only 32 voting jurisdictions across the nation relied on voting machines with no paper backup. Nine states — Arkansas, Indiana, Kansas, Kentucky, Louisiana, Mississippi, New Jersey, Tennessee and Texas — used electronic voting machines that did not have a verifiable paper trail in at least one of their jurisdictions.
Five states that in 2018 used voting machines that did not have a paper backup had stopped using them by the 2020 general election. Those were Delaware, Florida, Georgia, Pennsylvania and South Carolina.
Lack of consistent federal money for election security is likely one reason many state election officials have been reluctant to spend their federal grants, said Lawrence Norden, director of election reform at the Brennan Center for Justice.
Former Kansas Secretary of State Kris Kobach, who served as vice chairman of former President Donald Trump’s now-disbanded election fraud commission, was the state’s top election official when Kansas received the first infusion of what eventually would total $9.3 million. None of that money was spent at the time.
Kobach said that when the federal money arrived, the Legislature was not in session to provide the required matching funds. Under his successor, Scott Schwab, Kansas ended up using just $19,200 before the 2020 election for testing and training to ensure election personnel were using email in “a safe and secure manner.” State officials say they since have spent more than $3.4 million of the grant funding, in part to enhance security of Kansas' statewide voter registration system and supplement its cyber-security efforts.
Some states have opted to hold on to the federal money because technology that seems to be effectively securing elections now could be outdated in 10 years, said Danielle Root, an elections security expert with the Center for American Progress.
“A lot of states view securing elections as a marathon, not a race, and many states want to reserve some of this funding to update their systems as new threats and technological advances emerge,” she said.