In the News

Today, Congressman Gerry Connolly (D-VA) sent a letter to Vice President Pence urging he rescind the Presidential Advisory Commission on Election Integrity’s directive for sensitive voter data. Connolly said the directive “is a thinly veiled effort to carry out voter suppression on a national scale. States should not comply.” The Vice President serves as chair of the Commission.

On June 28, Vice Chair of the Commission Kris Kobach sent letters to all 50 states and the District of Columbia directing them to provide publicly-available voter registration data, including full names, addresses, dates of birth, party affiliations, criminal history, information regarding military status, last four digits of Social Security numbers, and voter histories since 2006.

“This extensive order risks compromising the privacy of millions of Americans’ personal information, potentially violates several federal statutes, paves the way for illegal purging of voter rolls, and is based on false claims made by President Trump and members of his administration,” Connolly wrote.

“Of additional concern is that the Commission’s directive is potentially in violation of several federal statutes that mandate certain protective processes around the sharing of personal information,” Connolly added. “Congress will not allow this Commission to disregard existing policies and laws enacted to protect personal information.”

“This is a senseless exercise that would potentially violate federal laws and could lead to false positives and a purging of voter rolls,” added Connolly.

“President Trump and Vice Chair Kobach have each made false accusations of widespread voter fraud in the 2016 U.S. presidential election,” wrote Connolly. “The truth is that Russian President Vladimir Putin directed a massive interference campaign to influence the election in President Trump’s favor, and 17 U.S. intelligence agencies agree with that assessment. Department of Homeland Security Acting Director of Cyber Division Samuel Liles testified under oath that as many as 21 state voting systems may have been targeted by Russian government-linked cyber actors.”

Connolly’s full letter follows and a pdf can be found here:



July 11, 2017

Office of the Vice President
1600 Pennsylvania Avenue, N.W.
Washington, DC 20500

Dear Mr. Vice President:

I write to urge you, in your capacity as chair of the Presidential Advisory Commission on Election Integrity, to rescind the Commission’s directive for sensitive voter data. This extensive order risks compromising the privacy of millions of Americans’ personal information, potentially violates several federal statutes, paves the way for illegal purging of voter rolls, and is based on false claims made by President Trump and members of his administration.

On June 28, Vice Chair of the Commission Kris Kobach sent letters to all 50 states and the District of Columbia directing them to provide publicly-available voter registration data, including full names, addresses, dates of birth, party affiliations, criminal history, information regarding military status, last four digits of Social Security numbers, and voter histories since 2006.

In a recent Washington Post opinion editorial, former Secretary of Homeland Security Michael Chertoff raised several important questions regarding how such data would be protected: “Congress and the states need to be advised on how any data would be housed and where. Would it be encrypted? Who would have administrative access to the data, and what restrictions would be placed on its use? Would those granted access be subject to security background investigations, and would their behavior be supervised to prevent the kind of insider theft that we saw with Edward Snowden or others who have released or sold sensitive data? What kinds of audit procedures would be in place? Finally, can the security risk of assembling so much tempting data in one place be mitigated by reducing and anonymizing the individual voter information being sought?” These are questions that must be answered immediately for the safety of all American voters.

Of additional concern is that the Commission’s directive is potentially in violation of several federal statutes that mandate certain protective processes around the sharing of personal information. The Privacy Act of 1974 (P.L. 93-579) obligates federal agencies to publish systems of records in the Federal Register, which involves a 30-day public comments phase. The Paperwork Reduction Act (PRA) (P.L. 96-511) requires the submission of such a request to states go through the Office of Management and Budget’s Office of Information and Regulatory Affairs (OIRA). The E-Government Act of 2002 (P.L. 107-347) then requires the agency to develop, approve, and publish a Privacy Impact Assessment that meets all statutory and OMB requirements. President Trump’s Executive Order 13800 on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure states that the executive branch should secure its information technology and data responsibly using all U.S. Government capabilities. Congress will not allow this Commission to disregard existing policies and laws enacted to protect personal information.

It is also deeply troubling that your office told ProPublica that state voter information will be run “through a number of different databases,” such as Federal databases of non-citizens, “looking for the possibility for areas where voter rolls could be strengthened.” This is a senseless exercise that would potentially violate federal laws and could lead to false positives and a purging of voter rolls. In 2012, Florida Governor Rick Scott attempted to remove noncitizens from voter rolls using similar methods. The initiative resulted in so many false positives that it was abandoned. Additionally, as Kansas’ Secretary of State, Vice Chair Kobach conducted a similar experiment which was found to have resulted in two hundred false positives for every case in which a voter was found to be registered at multiple addresses. Further, it is not illegal to be registered to vote in multiple jurisdictions. This often happens when an individual moves and forgets to update his or her registration. Several senior members of the Trump Administration are reported to have been registered at multiple addresses, including White House Senior Advisor Jared Kushner, White House Press Secretary Sean Spicer, White House Chief Strategist Stephen K. Bannon, and Treasury Secretary Steven Mnuchin, who were registered to vote in multiple states during the November 2016 election.

President Trump and Vice Chair Kobach have each made false accusations of widespread voter fraud in the 2016 U.S. presidential election. The truth is that Russian President Vladimir Putin directed a massive interference campaign to influence the election in President Trump’s favor, and 17 U.S. intelligence agencies agree with that assessment. Department of Homeland Security Acting Director of Cyber Division Samuel Liles testified under oath that as many as 21 state voting systems may have been targeted by Russian government-linked cyber actors.

This directive is a thinly veiled effort to carry out voter suppression on a national scale. States should not comply. For those that do, it is incumbent upon the administration to articulate how it will protect such sensitive information given President Trump's demonstrated ambivalence about election hacking.

Best Regards,



Gerald E. Connolly
Member of Congress
11th District of Virginia