Advertisement

Election security rules just got an overhaul in Colorado

After multiple county clerks acted on conspiracy theories about the 2020 election, Colorado Secretary of State Jena Griswold issued new rules restricting access to election-related IT.
(Getty Images / Scoop News Group)

Colorado Secretary of State Jena Griswold on Thursday announced a set of new rules tightening security controls on the technology used by election administrators around the state.

The rules, which Griswold said are temporary, were handed down in the wake of election security violations in two counties, one of which was ordered last year to replace its entire inventory of voting equipment after an unauthorized person published video footage of passwords for ballot-processing devices on a conspiracy website.

Colorado Secretary of State Jena Griswold (Colorado Department of State)

Among the rule changes are stricter schedules and requirements for changing passwords to access election-related computer systems, a requirement that any officials who have access to voting equipment sign the state’s acceptable-use policy and a reduction in the number of individuals in each county who can have administrative privileges to election systems.

Advertisement

The new rules also prohibit imaging the hard drives of voting equipment without the approval of Griswold’s office. Griswold’s order also addressed physical access to voting systems and the facilities where they’re housed. Under the temporary rules, no elected official from a county of more than 100,000 residents can be alone in a room where voting equipment is stored, according to a press release.

The Colorado rule changes came in response to incidents that’ve played out over the past year in which county clerks have been accused of tampering with election equipment to further conspiracy theories about the 2020 election. Last August, Griswold ordered Mesa County, in the western part of the state, to replace its entire inventory after a far-right website published video of County Clerk Tina Peters overseeing a routine software update on ballot-counting devices, exposing passwords in the process.

Peters, a Republican who’s seeking re-election this year, was barred by a judge from overseeing elections in Mesa County last fall. Griswold last month sued again to block Peters from those duties in 2022 as well. Separately, Peters was arrested this week after not cooperating with a search warrant for an iPad that she’s accused of using to illegally record a court hearing last year in which one of her deputies was charged with felony second-degree burglary and a misdemeanor cybercrime.

In addition to the drama in Mesa County, Griswold’s rule changes also responded to an investigation into Elbert County Clerk Dallas Schroeder, who said last month that last August, he removed hard drives from his county’s election servers and related computers and shared copies of them with two attorneys who do not work for the county.

According to an affidavit Schroeder signed, he made the copies because he worried a “trusted build” — a secured software update on election devices — would erase records from 2020, echoing conspiracy theories about the last presidential election. Griswold has also ordered Schroeder to reclaim the hard-drive images he shared and turn over devices he used in making the copies.

Advertisement

The new rules Griswold introduced also tightens the trusted-build process, requiring that all individuals involved undergo background checks disclosed to the Colorado Department of State and that the software updates be monitored by video surveillance.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts