Rep. Young speaks out against bill that would exempt election security information from public records disclosure

Rep. Jesse Young shared strong testimony against House Bill 1068 during floor testimony on the House floor, Wednesday. The bill, which would exempt election security information from public records disclosure, passed out of the House. During debate, Young, R-Gig Harbor, spelled out all the reasons the legislation will not accomplish its intended purpose:

“As a software engineer with decades of global experience in this very industry, I can tell you this is a bad bill and it's dangerous.

“There's a concept that's been well debunked in the global security industry for decades now. It's the concept of security by ignorance, which is if you have a gap in your security profile in the private sector, you try hiding it somewhere and hope that someone doesn't come along and exploit that problem.

“I've witnessed this firsthand during my time consulting in Silicon Valley and around the globe. The concept of security by ignorance does not work because the hackers know how to exploit it and are constantly probing anyway. It's far better to have citizen oversight that helps reveal problems before they're exploited than trust in false premise.

“This is simple; evil doesn't disappear because you close your eyes, and this concept of removing citizen transparency to 'protect' us is just that: willfully closing our eyes to evil. The notion that somehow shielding elections from citizen oversight is going to prevent paid professional hackers that already know how to exploit things, and that somehow security by ignorance is going to help us by removing transparency, is a farce.

“It will not make us safer in the state. It will not build trust in our elections and unite us, and it will not secure these systems. Security by ignorance was debunked 20 years ago. Why are we still debating this issue now?

“This is a very, very bad bill because it tries to assume we are safe if we hide weaknesses somewhere else. That's not how hackers work. Ninety-two percent of the traffic that hits our state servers is illicit. That means only 8 percent is meant to allow us to conduct our business, because we are constantly being bombarded by hackers from all over the world.

“This is a bad precedent that we are setting and what it actually does is shield us from being able to review when someone like the state auditor makes a very critical mistake with regards to our private data.

“This is not making us more secure. It would not have protected us from the gaffes the state auditor recently had with people's data. It would not have protected us from the gaffe the Employment Security Department had over the summer with the Nigeria scandal. And it will not protect us in the future.

“What it will do is give us a false sense of security, and that's exactly the environment that hackers want to operate in.

“Why didn't the secretary of state support creating a select group of legislators and citizens to come in and oversee this and look at some of the data to ensure it works. Instead, they tell us that unless we take away citizens' rights to review, we won't be safe and therefore they are justified in trying to take away access and rights of the people. It is absurd.

“I don't know if I'm more embarrassed or ashamed of the secretary of state and county auditors, but nonetheless, it is a bad bill and it's not good for the citizens of Washington. We should have voted this down, but I will continue to fight against it. I can only hope the Senate is smart enough to fix it or stop it cold.”


Washington State House Republican Communications