Bill Text: CA SB1328 | 2023-2024 | Regular Session | Chaptered


Bill Title: Elections.

Spectrum: Partisan Bill (Democrat 2-0)

Status: (Passed) 2024-09-25 - Chaptered by Secretary of State. Chapter 605, Statutes of 2024. [SB1328 Detail]

Download: California-2023-SB1328-Chaptered.html

Senate Bill No. 1328
CHAPTER 605

An act to amend Sections 2550, 13004, 13004.5, 15209, 17301, 17302, 17305, 17306, 18564, 19201, 19205, and 19281 of, to add Section 327.5 to, and to add Chapter 7 (commencing with Section 17600) to Division 17 of, the Elections Code, relating to elections, and declaring the urgency thereof, to take effect immediately.

[ Approved by Governor  September 25, 2024. Filed with Secretary of State  September 25, 2024. ]

LEGISLATIVE COUNSEL'S DIGEST


SB 1328, Bradford. Elections.
(1) Existing law generally requires electronic poll books, ballot manufacturers and finishers, ballot on demand systems, voting systems, and remote accessible vote by mail systems to be approved by the Secretary of State before their use in an election.
This bill would authorize the Secretary of State to impose additional conditions of approval for these purposes.
(2) Existing law requires a ballot card manufacturer, ballot card finisher, or ballot on demand system vendor to notify the Secretary of State and affected local elections officials in writing within 2 business days after discovering any flaw or defect that could adversely affect the future casting or tallying of votes.
This bill would instead require a ballot card manufacturer, ballot card finisher, or ballot on demand system vendor to provide that notice within 24 hours.
(3) Under existing law, specified election materials, including voted ballots, are required to be kept by county elections officials for 22 months for elections involving a federal office or for 6 months for all other elections. Existing law authorizes an elections official to open sealed ballot containers if it is necessary in a shredding or recycling process.
This bill would add paper cast vote records, voted conditional voter registration ballots, and conditional voter registration voter identification envelopes to the list of materials county elections officials are required to keep. The bill would also require county elections officials to keep certain electronic data for 22 months for elections involving a federal office or for 6 months for all other elections. By imposing additional duties on county elections officials, this bill would create a state-mandated local program. The bill would prohibit an elections official from opening sealed ballot containers unless it is necessary in a shredding or recycling process.
(4) Under existing law, it is a felony punishable by imprisonment for 2 to 4 years to interfere or attempt to interfere with the secrecy of voting or ballot tally software program source code or to knowingly, and without authorization, possess a key to a voting machine that has been adopted and will be used.
This bill would specify that, with respect to the secrecy of voting or ballot tally software program source code, the phrase “interferes or attempts to interfere with” includes knowingly, and without authorization, providing unauthorized access to, or breaking the chain of custody to, certified voting technology during the lifecycle of that certified voting technology, or any finished or unfinished ballot cards. The bill would also expand the crime of knowing and unauthorized possession of a key to a voting machine that has been adopted and will be used to include knowing and unauthorized possession of credentials, passwords, or access keys to a voting machine that has been adopted and will be used. By expanding the scope of an existing crime, this bill would create a state-mandated local program.
The bill would authorize the destruction or secure disposal of certified voting technology at the end of lifecycle with the written approval of the Secretary of State and the manufacturer. The bill would also require specified actions to be taken for any part or component of certified voting technology for which the chain of custody has been compromised or for which security has been breached or attempted to be breached, including that the technology be removed from service immediately.
(5) Existing law prohibits a voting system from being connected to the internet and from receiving or transmitting wireless communications or wireless data transfers.
This bill would prohibit establishing a network connection to any device not directly used and necessary for voting system functions and would prohibit communication by or with any component of the voting system by wireless or modem transmission. The bill would require a voting system to be used in a configuration of parallel central election management systems separated by an air-gap, as defined.
(6)  The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.
This bill would provide that with regard to certain mandates no reimbursement is required by this act for a specified reason.
With regard to any other mandates, this bill would provide that, if the Commission on State Mandates determines that the bill contains costs so mandated by the state, reimbursement for those costs shall be made pursuant to the statutory provisions noted above.
This bill would declare that it is to take effect immediately as an urgency statute.
Vote: 2/3   Appropriation: NO   Fiscal Committee: YES   Local Program: YES  

The people of the State of California do enact as follows:


SECTION 1.

 Section 327.5 is added to the Elections Code, to read:

327.5.
 “Jurisdiction” means any county, city and county, city, or special district that conducts elections pursuant to this code.

SEC. 2.

 Section 2550 of the Elections Code is amended to read:

2550.
 (a) For purposes of this section, “electronic poll book” means an electronic list of registered voters that may be transported to the polling location. An electronic poll book shall contain all of the following voter registration data:
(1) Name.
(2) Address.
(3) Precinct.
(4) Party preference.
(5) Whether or not the voter has been issued a vote by mail ballot.
(6) Whether or not the vote by mail ballot has been recorded as received by the elections official.
(b) An electronic poll book shall not be used unless it has been certified by the Secretary of State.
(c) The Secretary of State shall adopt and publish electronic poll book standards and regulations governing the certification and use of electronic poll books.
(d) The Secretary of State shall not certify an electronic poll book unless it fulfills the requirements of this section and the Secretary of State’s standards and regulations. The Secretary of State may impose additional conditions of approval as deemed necessary by the Secretary of State.

SEC. 3.

 Section 13004 of the Elections Code is amended to read:

13004.
 (a) The Secretary of State shall adopt regulations governing the manufacture, finishing, quality standards, distribution, and inventory control of ballot cards and ballot on demand systems.
(b) A ballot printer shall not manufacture or finish ballot cards, or manufacture unfinished ballot cards, for use in California elections, or accept or solicit orders for ballot cards or unfinished ballot cards, before certification as a ballot printer by the Secretary of State. The Secretary of State may impose conditions of approval as deemed necessary by the Secretary of State.
(c) For commercial ballot manufacturers and finishers, the Secretary of State shall require a biennial inspection of the certified manufacturing, finishing, and storage facilities.
(d) Not later than five working days before the Secretary of State begins the initial inspection, the ballot card manufacturer or finisher shall notify or disclose to the Secretary of State in writing any known flaw or defect in its ballot card manufacturing or finishing process, or its manufactured or finished ballot cards, that could adversely affect the future casting or tallying of votes. Once approved by the Secretary of State, the ballot card manufacturer or finisher shall notify the Secretary of State and the affected local elections officials in writing within 24 hours after it discovers any flaw or defect in its ballot card manufacturing or finishing process, or its manufactured or finished ballot cards, that could adversely affect the future casting or tallying of votes.
(e) For purposes of this section, “ballot printer” means any company or jurisdiction that manufactures, finishes, or sells ballot cards, including test ballots, for use in an election conducted pursuant to this code.

SEC. 4.

 Section 13004.5 of the Elections Code is amended to read:

13004.5.
 (a) A jurisdiction shall not purchase, lease, or contract for a ballot on demand system unless the ballot on demand system has been certified by the Secretary of State. The Secretary of State may impose additional conditions of approval as deemed necessary by the Secretary of State.
(b) A vendor, company, or person shall not sell, lease, or contract with a jurisdiction for the use of a ballot on demand system unless the ballot on demand system has been certified by the Secretary of State.
(c) This section does not preclude a jurisdiction from conducting research and development of a ballot on demand system. A ballot on demand system that is used for purposes of this subdivision shall not be used in an election conducted pursuant to this code unless the system has been certified by the Secretary of State.
(d) Once a ballot on demand system is approved by the Secretary of State, the ballot on demand system vendor shall notify the Secretary of State and the affected local elections officials in writing within 24 hours after it discovers any flaw or defect in its ballot on demand system that could adversely affect the future casting or tallying of votes.
(e) The Secretary of State shall promulgate regulations for purposes of certifying ballot on demand systems.

SEC. 5.

 Section 15209 of the Elections Code is amended to read:

15209.
 Any magnetic or electronic storage medium, or copy thereof, used for the ballot tabulation program and any magnetic or electronic storage medium, or copy thereof, containing election results shall be kept in a secure location and shall be retained for 6 months following any local election and 22 months following any federal election or so long thereafter as any contest involving the vote at the local or federal election remains undetermined.

SEC. 6.

 Section 17301 of the Elections Code is amended to read:

17301.
 (a) The following provisions shall apply to those elections where candidates for one or more of the following offices are voted upon: President, Vice President, United States Senator, and United States Representative.
(b) The packages containing the following items shall be kept by the elections official, unopened and unaltered, for 22 months from the date of the election:
(1) Voted polling place ballots.
(2) Paper cast vote records, as defined by Sections 305.5 and 19271.
(3) Voted vote by mail voter ballots.
(4) Vote by mail voter identification envelopes.
(5) Voted provisional voter ballots.
(6) Voted conditional voter registration ballots.
(7) Provisional ballot voter identification envelopes, including conditional voter registration voter identification envelopes cast pursuant to subdivision (e) of Section 2170.
(8) Spoiled ballots.
(9) Canceled ballots.
(10) Unused vote by mail ballots surrendered by the voter pursuant to Section 3015.
(c) If a contest is not commenced within the 22-month period, or if a criminal prosecution involving fraudulent use, marking or falsification of ballots, or forgery of vote by mail voters’ signatures is not commenced within the 22-month period, either of which may involve the vote of the precinct from which voted ballots were received, the elections official shall have the items identified in subdivision (b) destroyed or recycled. The packages shall otherwise remain unopened until the items are destroyed or recycled.

SEC. 7.

 Section 17302 of the Elections Code is amended to read:

17302.
 (a) The following provisions shall apply to all state or local elections not provided for in subdivision (a) of Section 17301. An election is not deemed a state or local election if votes for candidates for federal office may be cast on the same ballot as votes for candidates for state or local office.
(b) The packages containing the following items shall be kept by the elections official, unopened and unaltered, for six months from the date of the election:
(1) Voted polling place ballots.
(2) Paper cast vote records, as defined by Sections 305.5 and 19271.
(3) Voted vote by mail voter ballots.
(4) Vote by mail voter identification envelopes.
(5) Voted provisional voter ballots.
(6) Voted conditional voter registration ballots.
(7) Provisional ballot voter identification envelopes, including conditional voter registration voter identification envelopes cast pursuant to subdivision (e) of Section 2170.
(8) Spoiled ballots.
(9) Canceled ballots.
(10) Unused vote by mail ballots surrendered by the voter pursuant to Section 3015.
(c) If a contest is not commenced within the six-month period, or if a criminal prosecution involving fraudulent use, marking or falsification of ballots, or forgery of vote by mail voters’ signatures is not commenced within the six-month period, either of which may involve the vote of the precinct from which voted ballots were received, the elections official shall have the items identified in subdivision (b) destroyed or recycled. The packages shall otherwise remain unopened until the items are destroyed or recycled.

SEC. 8.

 Section 17305 of the Elections Code is amended to read:

17305.
 (a) The following provisions apply to those elections where candidates for one or more of the following offices are voted upon: President, Vice President, United States Senator, and United States Representative.
(b) Upon the completion of the counting of the votes as provided in Article 4 (commencing with Section 15640) of Chapter 9 of Division 15, all items specified in subdivision (b) of Section 17301 shall be kept by the elections official for 22 months from the date of the election or so long thereafter as any contest involving the vote at the election remains undetermined.
(c) Notwithstanding any other provision of this code, the final disposition of all items specified in subdivision (b) of Section 17301 shall be determined by the elections official.
(d) Sealed ballot containers shall not be opened unless the elections official determines it is necessary in a shredding or recycling process. This section shall not be construed to allow packages or containers to be opened except for purposes specified herein. The packages or containers shall otherwise remain unopened until the ballots and paper cast vote records are destroyed or recycled.

SEC. 9.

 Section 17306 of the Elections Code is amended to read:

17306.
 (a) The following provisions shall apply to all state or local elections not provided for in subdivision (a) of Section 17305. An election is not deemed a state or local election if votes for candidates for federal office may be cast on the same ballot as votes for candidates for state or local office.
(b) Upon the completion of the counting of the votes as provided in Article 4 (commencing with Section 15640) of Chapter 9 of Division 15, all items specified in subdivision (b) of Section 17302 shall be kept by the elections official for six months from the date of the election or so long thereafter as any contest involving the vote at the election remains undetermined.
(c) Notwithstanding any other provision of this code, the final disposition of all items specified in subdivision (b) of Section 17302 shall be determined by the elections official.
(d) Sealed ballot containers shall not be opened unless the elections official determines it is necessary in a shredding or recycling process. This section shall not be construed to allow packages or containers to be opened except for purposes specified herein. The packages or containers shall otherwise remain unopened until the ballots and paper cast vote records are destroyed or recycled.

SEC. 10.

 Chapter 7 (commencing with Section 17600) is added to Division 17 of the Elections Code, to read:
CHAPTER  7. Preservation of Electronic Data

17600.
 For purposes of this chapter, the following terms have the following meanings:
(a) “Ballot image” means an electronically captured or generated image of a ballot that is created on a voting device or machine, which contains a list of contests on the ballot, may contain the voter selections for those contests, and complies with the ballot layout requirements.
(b) “Certified voting technology” means any certified voting technologies certified by the Secretary of State, including voting systems, ballot on demand printing systems, electronic poll book systems, or adjudication systems, and the hardware, firmware, software, proprietary intellectual property they contain, any components, and any products they generate, including ballots, ballot images, reports, logs, cast vote records, or electronic data.
(c) “Chain of custody” means a process used to track the movement and control of certified voting technology, as defined in subdivision (b), through its lifecycle by documenting each person and organization who handles certified voting technology, the date and time it was collected or transferred, and the purpose of the transfer. A break in the chain of custody refers to a period during which control of the certified voting technology is uncertain and during which actions taken on the certified voting technology are unaccounted for or unconfirmed.
(d) “Electronic data” includes voting technology software, operating systems, databases, firmware, drivers, and logs.
(e) “End of lifecycle” means the secure clearing or wiping of the certified voting technology so that no software, firmware, or data remains on the equipment and the equipment becomes a nonfunctioning piece of hardware.
(f) “HASH” means a mathematical algorithm used to create a digital fingerprint of a software program, which is used to validate software as identical to the original.
(g) “Lifecycle” of certified voting technology means the entire lifecycle of the certified voting technology from the time of certification and trusted build creation through the end of lifecycle of the certified voting technology.

17601.
 (a) The following provisions shall apply to those elections where candidates for one or more of the following offices are voted upon: President, Vice President, United States Senator, and United States Representative.
(b) The following data shall be kept by the elections official, on electronic media, stored and unaltered, for 22 months from the date of the election:
(1) All voting system electronic data.
(2) All ballot on demand system electronic data, if applicable.
(3) All adjudication electronic data.
(4) All remote accessible vote by mail system electronic data, if applicable.
(5) All electronic poll book electronic data, if applicable.
(6) HASH values taken from the voting technology devices, if applicable.
(7) All ballot images.
(c) If a contest is not commenced within the 22-month period, or if a criminal prosecution involving fraudulent use, using the ballot tally system to mark or falsify ballots, or manipulation of the ballot tally system, is not commenced within the 22-month period, either of which may involve the vote count of the precinct from which voted ballots were received, the elections official shall have the backups destroyed.

17602.
 (a) The following provisions shall apply to all state or local elections not provided for in subdivision (a) of Section 17601. An election is not deemed a state or local election if votes for candidates for federal office may be cast on the same ballot as votes for candidates for state or local office.
(b) The following data shall be kept by the elections official, on electronic media, stored and unaltered, for six months from the date of the election:
(1) All voting system electronic data.
(2) All ballot on demand system electronic data, if applicable.
(3) All adjudication electronic data.
(4) All remote accessible vote by mail system electronic data, if applicable.
(5) All electronic poll book electronic data, if applicable.
(6) HASH values taken from the voting technology devices, if applicable.
(7) All ballot images, if applicable.
(c) If a contest is not commenced within the six-month period, or if a criminal prosecution involving fraudulent use, using the ballot tally system to mark or falsify ballots, or manipulation of the ballot tally system is not commenced within the six-month period, either of which may involve the vote count of the precinct from which voted ballots were received, the elections official shall have the backups destroyed.

17603.
 (a) Certified voting technology equipment and components that are at the end of lifecycle may be securely disposed of or destroyed with the written approval of the manufacturer and the Secretary of State.
(b) With respect to any part or component of certified voting technology for which the chain of custody has been compromised or the security or information has been breached or attempted to be breached, all of the following shall occur:
(1) The chief elections official of the city, county, or special district and the Secretary of State shall be notified within 24 hours of discovery.
(2) The equipment shall be removed from service immediately and replaced if possible.
(3) The integrity and reliability of the certified voting technology system, components, and accompanying electronic data shall be evaluated to determine whether they can be restored to their original state and reinstated.

SEC. 11.

 Section 18564 of the Elections Code is amended to read:

18564.
 (a) Any person is guilty of a felony, punishable by imprisonment pursuant to subdivision (h) of Section 1170 of the Penal Code for two, three, or four years who, before or during an election:
(1) Tampers with, interferes with, or attempts to interfere with, the correct operation of, or willfully damages in order to prevent the use of, any voting machine, voting device, voting system, vote tabulating device, or ballot tally software program source codes.
(2) (A) Interferes or attempts to interfere with the secrecy of voting or ballot tally software program source codes.
(B)  For purposes of this paragraph, “interferes or attempts to interfere with” includes knowingly, and without authorization, providing unauthorized access to, or breaking the chain of custody to, either of the following:
(i) Certified voting technology during the lifecycle of that certified voting technology.
(ii) Any finished or unfinished ballot cards.
(3) Knowingly, and without authorization, makes or has in the person’s possession credentials, passwords, or access keys to a voting machine that has been adopted and will be used in elections in this state.
(4) Willfully substitutes or attempts to substitute forged or counterfeit ballot tally software program source codes.
(b) The definitions in Section 17600 apply for purposes of this section.

SEC. 12.

 Section 19201 of the Elections Code is amended to read:

19201.
 (a) (1) The Secretary of State may grant conditional approval to a voting system or part of a voting system under either of the following circumstances:
(A) A voting system or part of a voting system was decertified as a result of a review by the Secretary of State pursuant to Section 19232.
(B) A certified voting system or part of that voting system is modified to comply with voting system standards or changes in statute.
(2) For purposes of granting conditional approval to a voting system or part of a voting system pursuant to paragraph (1), the Secretary of State may impose additional conditions of approval as deemed necessary by the Secretary of State.
(b) The Secretary of State may withdraw conditional approval at any time pursuant to Section 19232.

SEC. 13.

 Section 19205 of the Elections Code is amended to read:

19205.
 A voting system shall comply with all of the following:
(a) No part of the voting system shall be connected to the internet at any time.
(b) No part of the voting system shall electronically receive or transmit election data through an exterior communication network, including the public telephone system, if the communication originates from or terminates at a polling place, satellite location, or counting center.
(c) (1) No part of the voting system shall receive or transmit wireless communications or wireless data transfers.
(2) A network connection to any device not directly used and necessary for voting system functions shall not be established. Communication by or with any component of the voting system by wireless or modem transmission at any time is prohibited. A component of the voting system, or any device with network connectivity to the voting system, shall not be connected to the internet, directly or indirectly, at any time.
(d) (1) The voting system shall be used in a configuration of parallel central election management systems separated by an air-gap.
(2) For purposes of this subdivision, “air-gap” includes all of the following:
(A) A permanent central system known to be running unaltered, certified software and firmware that is used solely to define elections and program voting equipment and memory cards.
(B) A physically isolated duplicate system, reformatted after every election to guard against the possibility of infection, that is used solely to read memory cards containing vote results, accumulate and tabulate those results, and produce reports.
(C) A separate computer dedicated solely to this purpose that is used to reformat all memory devices before they are connected to the permanent system again.

SEC. 14.

 Section 19281 of the Elections Code is amended to read:

19281.
 (a) A remote accessible vote by mail system, in whole or in part, shall not be used unless it has been certified or conditionally approved by the Secretary of State before the election at which it is to be first used. The Secretary of State may impose additional conditions of approval as deemed necessary for the certification of the remote accessible vote by mail system.
(b) All other uses of a remote accessible vote by mail system shall be subject to the provisions of Section 19202.

SEC. 15.

  No reimbursement is required by this act pursuant to Section 6 of Article XIII B of the California Constitution for certain costs that may be incurred by a local agency or school district because, in that regard, this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIII B of the California Constitution.
However, if the Commission on State Mandates determines that this act contains other costs mandated by the state, reimbursement to local agencies and school districts for those costs shall be made pursuant to Part 7 (commencing with Section 17500) of Division 4 of Title 2 of the Government Code.

SEC. 16.

 This act is an urgency statute necessary for the immediate preservation of the public peace, health, or safety within the meaning of Article IV of the California Constitution and shall go into immediate effect. The facts constituting the necessity are:
To ensure that adequate protections for voting systems and voter data are implemented in time for the 2024 presidential general election, it is necessary that this act take effect immediately.
feedback