It has been reported that on Monday, The House unanimously approved legislation that would make hacking federal voting systems a federal crime. The Defending the Integrity of Voting Systems Act, approved by the Senate last year, would make hacking federal voting infrastructure a crime under the Computer Fraud and Abuse Act, which is commonly used by the Justice Department to take action against malicious hackers.
We can all agree that malicious access to a voting machine at any point in its life is a bad thing , so for those of you who thought it was already illegal to hack a voting machine; things are complicated. Since voting machines are owned and managed at the local district level, and aren’t involved in interstate commerce, the Computer Fraud and Abuse Act (CFAA) didn’t cover unauthorised access to voting machines. With passage of the Defending the Integrity of Voting Systems Act, the CFAA was amended meaning that unauthorised access to local voting machines used in Federal elections will become subject to CFAA. Unfortunately the CFAA isn’t without controversy as it doesn’t define “unauthorised access”. Clarification of this situation is currently before the US Supreme Court where the outcome could have a significant impact on how cybersecurity research is conducted and the scope of what research is permissible.