 Thank you all for being here. I'm very honored right now to introduce Senator Ron Wyden of Oregon. I'm just going to read off the bio real quick. Senator Ron Wyden is the foremost defender of American civil liberties in the U.S. Senate and a tireless advocate for smart tech policies. Years before Edward Snowden blew the whistle on the dragnet surveillance of Americans, Wyden warned that the Patriot Act was being used in ways that would leave Americans shocked and angry and his questioning of NSA Director James Clapper in 2013 served as a turning point in the secret surveillance of American communications. Since then, Wyden has fought to protect Americans' privacy and security against unwanted intrusions from the government, criminals, and foreign hackers alike. He has opposed the government's efforts to undermine strong encryption, proposed legislation to hold companies accountable for protecting their users' data, and authored legislation with Rand Paul to protect Americans' Fourth Amendment rights at the border. Wyden is a senior member of the Senate Select Committee on Intelligence and the top Democrat on the Senate Finance Committee, and he lives in Portland, Oregon. Thank you very much, Senator, for joining us. Thank you very much for that unquestionably inflationary introduction. And one percent of the United States Senate is here today, and I can't think of anywhere I'd rather be, and I thank you for the invitation. First of all, when you get a chance to wander around a little bit at the voting village, you think about how you work in a place where the Blackberry went out of style about an hour ago, and you recognize that we're here to talk about how we're going to make a difference. And I'm not talking about five years from now. I'm talking about when the Senate comes back in the fall, because I heard a lot of you asking what you could do and how you could make a difference. First of all, what I'm going to focus on is how three years after Russia attacked our election infrastructure, and another election is 16 months away, and you touched on it in the quick ending of the last program, why hasn't Congress fixed the problem? Two words, Mitch McConnell. I sure wish he could have been walking around with me in the voting village seeing a who's who of hackable voting machines, because it's that kind of information that we've got to get out. And I'm going to talk a little bit in my comments about how you can make a difference in that effort. And I'll also tell you how urgent the timetable is. All of the experts, and there are many in the audience, are saying to us that you've really got to have this decision made in the fall of 2019 in order to be ready in the fall of 2020. So this is not something where Congress can have a yak-a-dee-yak for days and months on end. What we need is real action, and I will tell you that without real reform, and we'll discuss what that is, I believe as a member of the Senate Select Committee on Intelligence. My older child said, dad is on the so-called Intelligence Committee. I will tell you if nothing happens, I believe the kind of interference we will see from hostile foreign actors in 2020, and it will not just be the Russians, folks. The kind of thing we'll see in 2020 will make 2016 look like child's play. That's what we're dealing with, and what the urgency is all about. We're just not prepared, not even close, to stop it. Now cyber security experts have been shouting from the top of their lungs about this for some time, but suffice it to say, a lot of members of Congress, since this was brought up practically the day after Y2K, have sort of dozed through the lesson. So what we need to do now is really talk about what is at issue. And 2016, and it wasn't just the DNC hacks and the email leaks, it was a list of attacks by foreign actors and vulnerabilities here at home that is enough to give you a heart attack, and I'm going to be specific. The ESNS voting machines that for years came with pre-installed remote access software. Let me tell you, because people asked me what it meant, I said, you don't have to be an election specialist to know that that is like putting American ballot boxes on the streets of Moscow. And they lied about it, they lied about it to me, they lied about it to the New York Times, they lied about it to Congress, and then for right off the presses just yesterday, the journalist Kim Zetter broke another story that talked, and we've worked with her for years now, that talked about how there are 35 systems that have an open connection to the Internet. That's not 20 years ago, folks, that's what she said is a problem now. Also an AP investigation recently found that the vast majority of 10,000 election jurisdictions nationwide are using Windows 7, which is going to reach end of life in a few months. All of those systems are going to be vulnerable to hacking. 10,000 election jurisdictions is what we're talking about, from C to Shining C. ESNS and Hart, two of the biggest vendors, don't make election systems without that vulnerability. So that means election officials across the country, as we speak, are buying election systems that will be out of date the moment they open the box. Just put your arms around it. We're spending money, federal money, because it's untied over there. On systems, they're going to be out of date. When you crack open the box, five states still exclusively use hackable, paperless voting machines, and nine states still use paperless machines in some counties. It's the election security equivalent of putting our military out there with superpowers to go up against with a pea shooter. That's probably why it's not a big surprise to anybody in this room that Russia targeted election systems in all 50 states in 2016. So a number of years ago, I started working on legislation that would become the Protect America Votes Act. The bill was the first ever introduced in Congress to mandate the two key priorities that experts universally recommend, paper ballots and routine post-election risk limiting audits. This spring, after the public revelations of the holes in the security safety net, I introduced an expanded version of the PAY Act, and for the first time it mandated federal cybersecurity standards for election systems and addressed some of the specific vulnerabilities discovered in voting machines by the cybersecurity experts. In June, the House passed a major election bill, and I had worked very closely with them, and their bill, the SAFE Act, incorporated each of the priorities that were in my bill, the hand-marked paper ballots, the risk limiting audits, the cybersecurity hygiene practices. So now, the question is, how are you going to get it passed when it sure seems that Russia's number one ally in compromising American election security is Mitch McConnell? And I'm going to tell you why I believe he is blocking election security legislation. There are several potential answers why right now he's trying to bury election security in the legislative graveyard. First, Russia attacked the 2016 election, and the 2016 election turned out pretty well for Republicans. They took unified control of government, passed a lot of legislation, confirmed a lot of judges to lifetime seats on the federal bench. Mitch McConnell does not want Republicans to lose any power, so I guess at some point you ask yourself, why would he change the system that gave the Republicans that kind of power? He knows full well that blocking election security reform and, excuse me, blocking election security legislation makes it easier for Russia and other foreign powers to attack our next election. And my sense is this is a price Mitch McConnell and Donald Trump are willing to accept. It amounts to a deal with the election devil to keep a firm grip on power. And certainly over the years, we've known one way they've held on to power is by engaging in voter suppression. It often seems that for them stopping Democrats from voting, actually keeping them from voting, is priority number one. How many times have you turned on the TV on a Sunday or a Monday before the election and you see people standing in the heat waiting to vote and then after they've waited, maybe they're told they're going to go somewhere else and they're going to have to take a day off from work? Folks, that doesn't happen by accident. It doesn't happen by osmosis. They're politicians who have wanted to suppress the vote. They shutter polling places in progressive communities. They eliminate same-day registration. They shorten polling hours. They find ways to make the lines at polling places very, very long. And this, of course, is right in the bread basket of the voting machine lobby. Hand-marked ballots are easier and quicker for most people to use than a touchscreen. People get in and out of their polling places faster. The lines get shorter. Those images I just mentioned on TV where people are waiting for hours and hours to vote. You know where you don't have that happen? Do we have some Oregonians in the crowd? Ask them about how much they enjoy our vote-by-mail system where they've got a couple of weeks. And I'm telling you, as long as I have the honor to represent you in the United States Senate, we are never going to give up the fight to take vote-by-mail the Oregon system national and people from C to Shining C can have it in America. So long lines right now keep people from voting. Historically, low turnout elections favor Republicans. You hear this song in Washington, D.C. all the time. Oh, it's really not an issue for Congress. It's an issue for the states. And by the way, that's the same language that people on the far-right Republicans use to oppose the Voting Rights Act and other civil rights legislation. In that context, Republicans arguing for states' rights are arguing for the right of a state to suppress the turnout, to suppress the vote. Finally, part of the reason that Mitch McConnell and the Republicans have blocked election security legislation is because the voting machine lobby has very big political biceps. And I'm going to tell you a little bit about them because I am perhaps their least favorite United States member of Congress. 2016 brought to light a lot of serious issues that the voting machines used across the country. So in October of 2017, I went out and looked to see if anybody had ever asked the voting machine lobby any questions about how they do business. Quaint idea, huh? Big, powerful people, yes and yes. All these companies. And it turned out that nobody had even really tried to hold them accountable. So I said, that's sort of what I think public service is all about. And I wrote to the big voting machine companies and I asked some really complicated, difficult, Byzantine questions of them. Like, did they have a chief information security officer? How many times has your company's security been audited by someone independent? Did you fix any problems? Are you aware of data breaches or hacks of your internal systems? Did you report those breaches to anyone? Is your company using what are really the best practices, the National Institute of Standards, the best practices? Now, as I was saying sarcastically, this is not exactly doctoral computer science questioning. This is pretty basic. And as far as I can tell, nobody had ever even asked these voting machine companies these questions. They have been above the law for too long and if there's one thing you take out of here, it is time to take them off the gravy train. They are not above the law. Now, in response to companies basically didn't offer anything of any substance when I talked to them. Basically just a lot of cliches sort of blew off the questions. Really nothing that indicated they were taken security seriously. A few months later, DEFCON here at Voting Village generated more important questions about the company's practices. The media coverage turned up the heat. EAS and S didn't like that so they wrote the Senate Intelligence Committee to say, well, we should have an investigation. Folks, that is not how this stuff works. You don't stonewall the Congress, run to the feds to ask for an investigation of your critics when the questions get tough. This is an industry that is using textbook 101 tactics to keep from having to step up and fix itself. Now, one of the reasons why I'm here and thrilled to be the 1% of the Senate again is you guys have a long history. The white hats. The white hat hackers of companies and making sure that when they respond in a way that's detrimental to the public interest, you make sure that there's follow-up. You bring their vulnerability to light. You unleash public interest authorities rather than just thanking somebody briefly for coming forward. And these voting machines have had too cushy a deal for just too long. There are only a few companies. The revenues come from taxpayer-funded coffers, but government officials buying the products often have the tax savvy of a babushka. So, it's not surprising that companies play the influence game, whining and dining state and local officials, hiring them away, putting them on the payroll as lobbyists. Bribery isn't unheard of. I think the chief of staff in Georgia where some really troubling practices to the governor comes out of the voting machine industry. So, you can see why these companies have a financial interest in not giving up their power. And to me, it comes down to a basic choice. Business as usual with these voting machines is an imminent threat, a clear and present danger to our democracy. And we've got to take them on. 2016 should have been a wake-up call, but the companies are not changing. As of now, they want to sell a new generation of overpriced, unnecessary technology to the American people. They used to argue that the paperless machines were more secure than the alternative. So, they've realized that they kind of sort of maybe lost that debate. The new debate deals with how voters mark their ballots. Since they're getting away from selling paperless machines, they've begun advocating for something called the universal ballot-marking device. Essentially, rather than having most voters mark their ballot by hand the way we Oregonians do, these companies want states to buy expensive touchscreen machines that would be used by all voters. And real simple reason behind this, this lists their profits. There is good money to be made in this so-called change. Georgia recently agreed to spend more than $100 million to buy these universal ballot-marking devices. If the rest of the country followed Georgia's lead, it would cost billions of dollars. And that's just to mark the ballots, folks, not to count them or secure the rest of the election infrastructure. So not only are these machines more expensive than hand-marked paper ballots, they're also less secure. This is particularly true for the machines that Georgia has chosen, which produce barcode ballots. These ballots encode the voter's choice in a way that the voter cannot verify their choice with their own eyes. So, same pattern repeating itself. The machines get more expensive and less secure. Next, they're going to say the safest voting machine will be encased in platinum and studded with diamonds. So, the bottom line, and I want to get to your role when you leave DEF CON. The bottom line is we've got to take away the power of the voting machine industry and we've got to defeat all of the politicians who prop it up and who support business as usual. And I really feel, I was director of the Great Panthers, a senior citizens group, for a number of years before I was elected to Congress and I was in the days when I had a full head of hair and rugged good looks and if a town had a lunch program for elderly people, that was considered a big deal. And the senior citizens showed that political change doesn't start in Washington D.C. and then trickle down. It's bottom up. It's bottom up. And what we need to do, and particularly DEF CON, because you all have shown an ability to influence key conversations with security researchers and hackers who are shouting from the rooftops about how easy it is to hack voting machines. The public is listening and DEF CON was right about a problem before anybody else. What I'd like you to do is I'd like you to leave this three-day extravaganza because that's how I look at it. What an exciting time to be here looking at both challenges and solutions like each one of you before you leave here to tweet what you're hearing at the conference about election security because if you will do nothing else but send a tweet to a large number of your friends and neighbors, that can help us start a citizen's juggernaut. That's what we need to do. We need to start coming out of DEF CON a citizen's juggernaut. I tell everybody what I'm doing is looking for the Paul Revere's of election security who are going to go out in their communities when they hear this. And it's for a short period of time, guys. This is August. This is going to be decided for purposes of the real reforms. It's going to be decided by October because you need to give the states the time to implement them. So if you will start tweeting and reaching out to your friends and neighbors, everybody here ought to look for an elected official who hasn't said anything about election security, doesn't seem to have a position, and ask them to help, ask them to use their web page, ask them to talk to their friends, get their neighbors involved. This country's got a real track record, folks, of coming through and stepping up and moving fast when there is urgency and people see the threat. I mean, if we were faced with the Russian military outside Las Vegas, we wouldn't say the Las Vegas City Council is supposed to take them on. A lot of my Republican colleagues in the Intelligence Committee, the vote was 14 to 1. You might guess who was the one who wasn't willing to go along with just the states' rights approach to this. And I said, I'll be damned if when we're up against the Russians and all their military and all their cybersecurity might, we're going to send out the county IT guy. I think you can make a huge difference. There are people in this room with the energy and the talent and the networks of friends and neighbors, and I would ask you, so everybody said, what can we do? Let me be really specific. If you will later today send a tweet saying you've been listening to friends talk about the urgency of election security and you want to work with them to get the word out so that every elected official in America is in effect saying to Mitch McConnell, you got to do this. This is not complicated. One person is going to make the decision about whether or not we get this reform, folks. One person, the Senate Majority Leader, makes a decision about what comes up on the floor of the United States Senate. I had a call from a friend yesterday and said, well Ron, is there something in the Constitution or can I file a lawsuit or all these kinds of things? It doesn't work that way. The Senate Majority Leader has the exclusive right to decide what comes up on the floor of the Senate. He has the right. And as of now, I'm not sure and we're trying every way possible to make sure that people see how dire the situation is. People ask me, well, I heard there were some problems before. So what are you talking about? Ten days ago, we heard that 10,000 systems were using outdated software and yesterday we just heard in ten states 35 systems still have connections to the internet. This is not some abstract issue. This is now. And if all of you will leave here and get your friends and your allies and your elected officials moving, we can get this passed in the fall. You've all seen, we're trying to find every possible way to crank up how serious the country is taking this. The country has been listening. People are putting stuff up online and running ads and the like. As far as I'm concerned, we're just getting started. And we've got now a few weeks to make a big, big difference in democracy for America. And I'll leave you with this. Let's say the election is decided by a small percentage. And people in America don't think that the election was fair. The effect that would have on our 200-year experiment in self-governance, our democratic system would take a real hit. We have 200 years of self-governance and democracy, in my view, on the line in the 2020 election. And I will tell you, as a member of the Senate Intelligence Committee, this is national security priority business, not something trifling. And in fact, I remember that at one point in the Intelligence Committee, both sides seemed to agree that no votes were changed in the 2016 election. And I said, the experts I talked to say that until you have a forensic analysis of a vote, until you go in there and scrub the whole system, you can't really say that. I'll tell you for a fact, voter registration systems are going to be targeted in 2020. As sure as the night follows the day, voter registration systems are going to be targeted. And that means you can affect votes. You can affect votes, and you can affect turnout. So I'm so appreciative that you would have me today. This is a great honor to be able to talk to you about a subject that I think is really all about protecting 200 years of democratic self-governance. Let's make sure by the end of the fall, this bill, security reform with hand-marked paper ballots, real audit cyber security hygiene is on the floor of the United States Senate, and it is on its way to becoming law. Thanks for having me.