EAC security rigor insufficient to secure election systems as critical infrastructure (US)

On December 7, 2025, the Chair of the Election Assistance Commission, Donald Palmer, issued a statement designed to give a false sense of security that our electronic voting systems are secure. The Election Crime Bureau responded with a report supported by evidence that asserts that the security safeguards in place for election systems are not sufficient to satisfy the security needs of “critical infrastructure”. Certified systems have contained unlisted tools and insecure configurations; trusted builds have destroyed required audit records; documented database manipulations and logging practices have rendered key contests non-verifiable; systemic cyber weaknesses persist across the election infrastructure subsector; and federal authorities have been slow to act on urgent, expert warnings. The Chair’s statements do not grapple with these realities and therefore cannot be treated as an adequate or complete description of the true security posture and governance of U.S. voting systems.