85S10633 SRS-F
By: Reynolds H.B. No. 342
A BILL TO BE ENTITLED
AN ACT
relating to cybersecurity for voting systems.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Section 276.011, Election Code, as added by
Chapter 683 (H.B. 8), Acts of the 85th Legislature, Regular
Session, 2017, as effective September 1, 2017, is amended by
amending Subsections (a) and (b) and adding Subsection (b-1) to
read as follows:
(a) Not later than September [December] 1, 2018, the
secretary of state shall:
(1) conduct a study regarding cyber attacks on
election infrastructure;
(2) prepare a public summary report on the study's
findings that does not contain any information the release of which
may compromise any election;
(3) prepare a confidential report on specific findings
and vulnerabilities that is exempt from disclosure under Chapter
552, Government Code; and
(4) submit to the [standing committees of the]
legislature [with jurisdiction over election procedures] a copy of
the report required under Subdivision (2) and a general compilation
of the report required under Subdivision (3) that does not contain
any information the release of which may compromise any election.
(b) The study must include:
(1) an investigation of vulnerabilities and risks for
a cyber attack against all voting systems, including a county's
voting system machines, [or] the list of registered voters, or the
administration of voting by mail;
(2) information on any attempted cyber attack on all
voting systems, including a county's voting system machines, [or]
the list of registered voters, or the administration of voting by
mail; and
(3) recommendations for protecting all voting
systems, including a county's voting system machines, the [and]
list of registered voters, and the administration of voting by
mail, from a cyber attack.
(b-1) In conducting the study, the secretary of state shall
consult with:
(1) county election officials, including officials
from any county targeted by a cyber attack;
(2) local law enforcement officials, including county
and district attorneys;
(3) federal law enforcement officials, including
officials from the United States Department of Homeland Security;
and
(4) experts in the field of cybersecurity risk and
incident prevention.
SECTION 2. Chapter 276, Election Code, is amended by adding
Section 276.012 to read as follows:
Sec. 276.012. REPORT OF CYBER ATTACK. A county clerk shall
report any cyber attack or attempted cyber attack on a county's
voting system to the secretary of state not later than 48 hours
after the discovery of the attack or attempted attack. The
secretary of state shall make available a record of the report of
any cyber attack or attempted cyber attack to a member of the
legislature.
SECTION 3. This Act takes effect immediately if it receives
a vote of two-thirds of all the members elected to each house, as
provided by Section 39, Article III, Texas Constitution. If this
Act does not receive the vote necessary for immediate effect, this
Act takes effect December 1, 2017.