Audit calls for upgrades to Minnesota voter registration

Efforts to fortify the cyberdefenses of Minnesota's voter registration system got a boost Friday when Gov. Mark Dayton included funding for the project in his new budget plan, and a legislative auditor's report recommended upgrades to a system it said is "showing signs of strain."

The DFL governor proposed spending $381,000 a year for election cybersecurity. Secretary of State Steve Simon said that $350,000 of that would allow him to hire three or four people to write code to improve the system's ability to detect and repel intruders. Total cost: $1.4 million over four years.

"It's a small appropriation in the grand scheme of things," said Rep. Laurie Halverson, DFL-Eagan, who with Sen. Susan Kent, DFL-Woodbury, has introduced legislation that would fund the security updates and establish automatic voter registration.

Minnesota was among 21 states where voter databases were targeted by entities working at the behest of the Russian government in 2016. The state's registration system was not hacked, but those in Illinois and Arizona were.

Voter registration systems contain sensitive private information, sometimes including Social Security numbers and address histories. Minnesota's has been in use since 2004.

In a briefing for reporters, Simon said addressing the threat of a cyberattack by "someone meaning to do us harm by undermining our democracy" is "very timely and critical and urgent."

Simon said Dayton's spending plan also includes $87,000 to make other improvements this year that were recommended by the U.S. Department of Homeland Security.

Separately, the Office of the Legislative Auditor called the voter database "an aging system that is showing signs of strain." The report, released by a joint House and Senate subcommittee, urged Simon to work with the Legislature to fund the improvements.

Sen. Mary Kiffmeyer, R-Big Lake, a member of the panel and a former secretary of state, said in an interview that the price tag for modernizing the state's system is modest. "You have to have redundant layers of security … and you have to stay on top of it," she said.

The audit report also noted that the changes would be rolled out "in a piecemeal fashion over a period of time." Simon emphasized that the system would not be replaced wholesale — unlike the state's troubled computer system for vehicle licensing, which has cost $93 million so far and needs much more.

Among other recommendations, the auditors said county officials should use a report compiled by Simon's office to identify people who are ineligible to vote. They also said that the secretary of state should improve an online voter registration application to screen for people using it who already are registered.

The audit found that between 2012 and 2017, county attorneys filed 162 charges against people who registered or voted while they were ineligible; 46 were convicted.

Registrations filed at polling places on Election Day can lead to ineligible people casting ballots, the audit found, when officials don't verify the information provided until after the person has voted. And Minnesota allows most registrants whose eligibility is challenged by officials to vote after answering questions and swearing that nothing precludes them from participating. The validity of their votes isn't determined until later.

"It is a vulnerability and needs to have more attention," said Kiffmeyer, who would like the state to use provisional ballots, which are not counted until eligibility is confirmed.

Judy Keen • 612-673-4234