WeVote

Bill

Bill

SB 5843

Establishing penalties and protections against harassment of initiative and referendum signature gatherers.

2025-2026 Regular Session Introduced by Keith Wagoner and 1 co-sponsor

Requires counties to install 24/7 intrusion detection for election systems and report breaches promptly to the Secretary of State and AG, strengthening election security.

Prefiled for introduction.
0
WeVote Research Nonpartisan
Bill Summary · SB 5843

SB 5843 — Summary (Chapter 28, 2024 Laws)

Concerning security breaches of election systems and election‑related systems. — Effective 6/6/2024

Purpose / Intent

The bill strengthens Washington’s legal and operational framework for detecting, reporting, and responding to cybersecurity incidents that affect voting systems and other election‑related IT. It also creates new criminal prohibitions and penalties for certain forms of election interference and clarifies procedures when a county canvassing board refuses to certify election results.

Key provisions

  • Intrusion detection systems (IDS)

    • Requires every county to install and maintain an intrusion detection system that passively monitors the county network 24/7/365 for malicious traffic.
    • The IDS must be operated by a qualified, trained security team with access to cyber‑incident response personnel and be able to receive cyber‑intelligence threat updates to address evolving attack patterns.
  • Mandatory disclosure of malicious activity / security breaches

    • County auditors or county IT directors participating in the statewide voter registration system or operating a SOS‑certified voting system must immediately notify the Secretary of State (SOS) and the Attorney General when malicious activity or an IT security breach is discovered if:
    • it was detected by an IDS, malicious domain blocking/reporting, or endpoint security software; or
    • the breach has, or is reasonably likely to have, compromised election systems, election administration IT, related peripheral systems, or the integrity/confidentiality of an election; or
    • personal information of residents was, or is reasonably believed to have been, acquired by an unauthorized person.
    • Notification must be made in the most expedient time possible and without unreasonable delay.
  • Definitions added/clarified

    • "Malicious activity" and "security breach" are defined in statute (examples include malware, ransomware, unauthorized penetration or manipulation of election systems, internal or external threats).
  • Secretary of State reporting and coordination

    • SOS must annually consult with the Washington State Fusion Center, the State Chief Information Officer, and county auditors to identify breaches.
    • SOS must attempt to identify whether the source is a foreign or domestic entity.
    • By December 31 each year SOS must submit a restricted distribution report (to governor, State CIO, Fusion Center, and legislative committee leaders) describing incidents and security recommendations.
  • Election administration and criminal penalties

    • Authorizes SOS to certify election results if a county canvassing board refuses to certify without cause.
    • Establishes or clarifies violations and penalties related to election interference, including prohibitions on interference by observers, destruction/tampering with ballots or election materials, interfering with voting centers, unauthorized access to election administration locations/systems, and forfeiture of office following conviction for specified offenses. (Penalties referenced in statute include gross misdemeanors and class C felonies—subject to standard statutory sentencing and fines.)

Who is affected

  • County auditors and county IT staff (installation, monitoring, reporting duties)
  • Vendors/manufacturers and operators of voting systems (existing disclosure duties preserved)
  • Secretary of State’s office (expanded reporting and coordination responsibilities)
  • Election observers and members of the public (new/prospective criminal prohibitions)
  • Counties (operational and cost implications to procure/operate IDS and retain security teams)

Procedural / timeline notes

  • Introduced: prefiled 12/14/2023. Passed Senate 2/2/2024; Passed House 2/27/2024. Governor signed 3/13/2024. Effective date: June 6, 2024.
  • Several House floor amendments were proposed but not adopted (examples included making the IDS requirement permissive, placing IDS behind county firewalls, shifting liability, and SOS approval/reimbursement provisions).

If you want, I can:
- Extract and present the exact statutory text changes (RCW citations amended),
- Summarize the new or amended criminal provisions (specific RCW sections and penalty language),
- Outline potential implementation costs and timeline options for counties.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.