WeVote

Bill

Bill

AB 2281

Office of Elections Cybersecurity.

2025-2026 Regular Session Introduced by Marc Berman

Expands the Office of Elections Cybersecurity to coordinate threat mitigation, counter misinformation, and develop best practices with partners for internet-connected election syst

Read second time and amended. Re-referred to Com. on APPR.
0
WeVote Research Nonpartisan
Bill Summary · AB 2281

Summary of AB 2281 (2025-2026) — Office of Elections Cybersecurity (California)

What the bill aims to do

  • AB 2281 would amend Section 10.5 of the California Elections Code to strengthen the role and activities of the Secretary of State’s Office of Elections Cybersecurity.
  • The core purpose is to enhance coordination between the Secretary of State, local elections officials, and other partners to reduce cyber threats to elections and to counter false or misleading information about the electoral process that could suppress participation or disrupt election administration.
  • The bill explicitly authorizes consulting with academic researchers as part of developing best practices for election cybersecurity.

Key provisions and changes

  • Establishment and mission:
    • Reaffirms that there is an Office of Elections Cybersecurity within the Secretary of State.
    • Primary missions:
    • Coordinate efforts between the Secretary of State and local elections officials to reduce the likelihood and severity of cyber incidents that could affect election security or integrity.
    • Monitor and counteract online or other platform information that is false or misleading about elections and could deter participation or disrupt election administration.
  • Administrative and operational duties (the Office shall):

    1. Coordinate information sharing about threats, risk assessments, and mitigation among federal, state, and local agencies in a timely manner while protecting sensitive information.
    2. Develop best practices for protecting election cybersecurity in consultation with federal, state, local agencies, academic researchers, and private organizations.
    3. Develop best practices for cyber incident responses to be included in emergency preparedness plans for elections (in consultation with relevant agencies).
    4. Identify resources available to state and county election officials (e.g., protective security tools, training).
    5. Assess whether additional state resources are needed to replace election cybersecurity resources previously provided by the federal government.
    6. Advise the Secretary of State on election cybersecurity issues and recommend changes to state laws, regulations, and policies to protect election infrastructure.
    7. Serve as a liaison among the Secretary of State, other state/federal agencies, and local elections officials on cybersecurity issues.
    8. Coordinate protections for Internet-connected election-related resources, including:
      • The online voter registration system.
      • The statewide voter registration database (per HAVA requirements).
      • The Secretary of State’s election night results website.
      • The online campaign and lobbying filing and disclosure system.
      • Other parts of the Secretary of State’s Internet site.
    9. Assess and address false or misleading information about the electoral process and educate voters—especially new and unregistered voters—using information from elections officials.
  • Scope of impact:

    • The provisions cover coordination and defense of major election infrastructure that is internet-connected, including voter registration systems, election results websites, and related disclosure systems.

Who would be affected

  • Primary: Secretary of State’s Office and its established Office of Elections Cybersecurity.
  • Local election officials (county and city) who rely on cybersecurity guidance and resources.
  • Federal, state, and local agencies involved in information sharing and threat mitigation.
  • Academic researchers and private organizations that collaborate on developing best practices.
  • General public, particularly new and unregistered voters, through enhanced information and education about misinformation.

Procedural and timeline notes

  • Legislative history (as of action recorded):
    • Introduced: February 19, 2026, by Assembly Member Berman.
    • Referred to committees with subsequent moves: Election-related committee actions in March-April 2026, including passage from the Elections Committee and re-referral to Appropriations.
    • The latest action noted shows “From committee: Do pass” and a subsequent move to Appropriations, indicating it was advancing through standard committee hearings.
  • Fiscal considerations:
    • The bill does not create an appropriation (no new funding explicitly stated in the digest), but it does authorize expanded activities and consultation; fiscal committee is listed, suggesting potential budgetary implications could be addressed in later amendments or the Appropriations process.
  • Effective date:
    • The text provided does not specify an effective date; typical implementation would align with the bill’s enactment and subsequent regulatory/operational rollout.

Practical implications

  • Strengthened posture against cyber threats to California elections.
  • Increased emphasis on collaboration with researchers and private partners to develop best practices.
  • Potential shift in resource needs if federal support for election cybersecurity resources wanes, prompting a state resources assessment.
  • Enhanced public education to combat misinformation related to elections, with a focus on reaching new voters.

If you’d like, I can compare this bill to current law language or provide potential fiscal impact scenarios based on typical cybersecurity program costs.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.