Skip to main content

Election Official Security

Wednesday, February 14, 2024

Security Resources for Election Officials

No one should have to face violent threats at work, but unfortunately, this is the reality for many election officials. There are proactive steps election officials can take to improve their personal security, and it is critically important to document and report every threat and develop a working relationship with federal and local law enforcement. This website provides a quick reference for election officials who may be facing personal threats while at work. 

  • Election Mail Handling Procedures to Protect Against Hazardous Materials - Since mail is a key component of both standard office operations and mail balloting across the country, all election offices should have procedures in place to handle mail safely and respond to potential hazardous materials exposure. Use this resource, created jointly with CISA, FBI, EAC and the USPIS, for background information on how to prepare to handle suspicious mail, identify potentially suspicious mail, and respond to potential hazardous materials exposure while handling suspicious mail. 

  • Election Security Resources and Grant Funding from Other Federal Agencies - There are several federal grant programs that can be used to improve security for election officials and elections offices. This page is intended to inform election officials about grant programs available through other federal agencies.

  • Information about the different types of security improvements election officials can make to improve security can be found in the EAC’s 60-Second Security Series, a series of checklists with information about securing different elections assets and processes:  
  •  Non-Confrontational Techniques for Election Workers Training - This video is a shortened version of the Cybersecurity and Infrastructure Security Agency’s (CISA)  Non-Confrontational Techniques for Election Workers Training. To support election workers in a heightened threat environment, this training emphasizes non-confrontational techniques to help election workers recognize potentially escalating situations, determine if emergency response is needed, safely de-escalate, and report appropriately. State, local, tribal, and territorial (SLTT) election administrators can utilize this video for poll workers and other frontline election workers to complement their existing training with techniques to de-escalate potentially violent situations.

  • Election Official Security Panel Discussion: In this video from July 14, 2022, EAC Chairman Thomas Hicks lead a panel discussion on election official security with Sheriff Peter Koutoujian from the Middlesex Sheriff’s Office in Massachusetts, Chris Harvey Deputy Director with the Georgia Peace Officers Standards and Training Council, and Neal Kelley, retired Registrar of Voters for Orange County, California. They offered a synopsis of threats they and others in elections have faced, how they dealt with these circumstances, and what election officials can do to mitigate threats.

 

  • Removing Personal Identifying Information (PII) from a Google Search: Personal information, which is often part of the public record for election officials, administrators, poll workers, and others associated with conducting elections, can be exploited and shared online for the purpose of intimidation and harassment. One option for election officials to remove URLs containing personal information is Google’s newly expanded Personal Identifying Information (PII) Removal process.  This EAC memo provides information about the program and how state and local election officials can access or seek more information about this process. 

 

  • Personal Security for Election Officials Checklist: Election officials can take proactive steps to improve their security, and it is critically important to document and report every threat. This document provides a quick reference overview for ways election officials can stay safe.
     
  • Security Resources for the Election Infrastructure Subsector (2022) - The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have developed a summary of some of the resources available across the federal government for state, local, territorial, and tribal (SLTT) election officials and their private sector partners to assist in responding to threats to personnel and guidance on assessing and mitigating risks to their physical assets. All of the resources cited in this document are available at no-cost to the user and can be found on the listed websites.

*** If you have experienced threats, harassment, or intimidation in your capacity as an election official, contact your local FBI Field Office or submit a report to the FBI at 1-800-CALL-FBI (225-5324), prompt 1, then prompt 3, or online at tips.fbi.gov. *** 

How to Report a Threat
Challenges for Election Officials
Defining Common Threats and Harassment 
Assess Your Safety
Document Everything
Cybersecurity Best Practices
Self Care

How to Report a Threat  

The FBI is encouraging all election officials to report all election-related threats, harassment, and abuse. By reporting these incidents, the FBI can investigate individual instances, identify trends, and share information across the United States.  

Election officials can report all threats to their local FBI Election Crimes Coordinator (ECC). ECCs are FBI Special Agents, located in each of the FBI’s 56 Field Offices, who are assigned to assist state and local election officials with any incidents related to an election crime. To find your nearest ECC, contact your local FBI Field Office, or contact the EAC, which can provide ECC contact information upon request.  

Contacting the ECC at your local FBI office is the best way to report threats. Should you have any trouble identifying or contacting your ECC, you also may call the Public Integrity Section (PIN) of the U.S. Department of Justice via its main line at 202-514-1412. Please ask for John D. Keller, PIN’s Principal Deputy Chief, or Sean F. Mulryne, Deputy Director of PIN’s Election Crimes Branch. Election Officials can also report any election related threats to the FBI at 1-800-CALL-FBI (225-5324), prompt 1, then prompt 3. You also may file an online complaint at tips.fbi.gov.   

 

Challenges for Election Officials

Harassment or threats, whether in person, by phone, online, or through other means, affect every corner of society. Unfortunately, election officials are not immune to these threats, and they often face unique challenges that may put their safety at greater risk.  

  • Unlike private citizens, state and local election officials are public servants. Many election officials are directly elected or are appointed by a public body. This means that personal information, including personal addresses and contact information, may be on official public records.  
  • The public is less likely to trust the outcome of an election if their preferred candidate(s) loses. Additionally, individual members of the public may blame the system for political losses or distrust. Unfortunately, what the public views as a faceless system is in fact run by real people.  
  • According to the Pew Research Center, women are more likely to report facing extreme harassment or threats online: “Women who have been harassed online are more than twice as likely as men to say they were extremely or very upset by their most recent encounter (34% vs. 14%).” This is especially concerning for election officials since, according to the Democracy Fund, women make up 80% of all local election officials.  

 

Defining Common Threats and Harassment

PEN America has compiled a thorough glossary of online abuse terminology. The full glossary is extremely beneficial to anyone who has online interactions; however, several of these terms are particularly important for election officials to be aware of:  

Other Resources:  

Assess Your Safety

As public servants, election officials often face criticism. But no one should feel unsafe because of their jobs. If you’re unsure about how to determine if a threat is authentic or not, PEN America’s article on Assessing Online Threats provides several key questions for assessing your personal safety. Most importantly, if you feel physically unsafe, trust your instincts. Contact state or local law enforcement and/or call 911 immediately if you believe that you are in danger.

 

Document Everything

If you receive abusive messages, it is critically important to save all voicemails, emails, screenshots, text messages, or any other communications. By documenting this abuse, you can preserve the record of what took place, and establish a pattern if the harassment continues. 

Some key tips for documenting evidence of abuse include:  

  • Phone calls 

  • Log the time, date, and phone number (if possible) for any harassing phone calls.  
  • Save any voicemails, including the date and time they were received.  
  • If the caller provides any identifying information (name, location, etc.), be sure to document these details.  
  • Screenshots 

  • Windows  
  • Hit the Print Screen (PrtScr) button. This copies an image of your entire screen that can be pasted into a document or email by pressing “Ctrl + V”.  
  • Select “Windows Key + Shift + S” to select a portion of your screen. Like Print Screen, this copies the image, and then you can right click or select “Ctrl + V” to paste the image into a document. 
  • Mac  
  • To copy your entire screen, select “Shift + Command + 3”. The screenshot will then save to your desktop. 
  • To copy a portion of your screen, select “Shift + Command + 4”. Then click and drag the cursor over the image you want to save. The screenshot will then save to your desktop. 
  • More information on saving screenshots on other devices, including iPhones and Android devices can be found in PEN America’s article on Documenting Online Harassment.  
  • Paper Records / Notes 

According to PEN America’s article on Documenting Online Harassment, collecting this documentation “can be time-consuming and draining, and it can trigger negative feelings related to your harassment.” This is completely understandable, and it is important to take care of yourself if you are facing threats or abuse. One way to make this process less taxing is to ask trusted allies for help documenting and collecting evidence. 

 

Cybersecurity Best Practices

Cybersecurity can be an intimidating topic. However, when it comes to protecting yourself and your personal data, there are some simple steps to start with to prevent some common threats. 

Threat: Hacking 

Hacking is defined as the “unauthorized intrusion into a device or network,” and “is often carried out with the intention to attack, harm, or incriminate another individual by stealing their data, violating their privacy, or infecting their devices with viruses. When hacking is used to perform illegal activities or intimidate a target, it is a cybercrime.” 

Election officials may be a target of hacking in order to access either their professional or personal networks. To protect yourself and your networks from hacking, make sure to do the following: 

  • Use strong passwords. A strong password should use the following best practices: 

  • Use a string of words as your password. It’s harder for a computer to crack a long password, but several random words are often easier to remember. 
  • Change passwords only when you think it may have been compromised rather than on a periodic basis. 
  • Use a password manager to keep all of your passwords easily accessible and in one place. More information on secure passwords and password managers can be found in this article from PEN America.  
  • Compare your new password against known breaches online or through services offered by password managers. To see if your password may have been compromised, use this password checking tool – https://haveibeenpwned.com/Passwords.  
  • Additional information and best practices for password management can be found in the National Institute of Standards and Technology Digital Identity Guidelines.   
  • Invent answers to security questions. Common security questions include “Where were you born?” or “What is your mother’s maiden name?” The answers to these questions don’t have to be true, you just have to be able to remember them (or know where you recorded the answers). 

  • Turn on multi-factor authentication (MFA) when possible. Common services like Facebook, Gmail, and many Microsoft products offer two-factor authentication to help further protect accounts from unauthorized access.  

  • When using MFA, consider using a physical security key or authenticator app:  

  • A physical security key is a small device that is typically inserted into a USB port on your computer. This is one of the most secure methods of MFA. If the key is in your possession, your account can only be accessed by you.  
  • An authenticator app, like Google Authenticator, provides a secure code to access your account. After downloading an authenticator app, you can then scan a QR code. This code will then be used to create a random string of numbers that changes after a brief period of time. You can then access your account securely by entering your password and this securely generated code.   
  • Be aware of phishing emails

  • Do not open links or download attachments in emails from unknown senders.  
  • This can be challenging for election officials, especially when receiving official materials from Military and Overseas voters. If possible, set up a separate workstation for downloading attachments from the public on a computer that is not connected to any personal or office networks.  
  • Report any phishing emails to your IT office or service provider.  
  • Tip: If you are a member of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), you can report phishing emails directly to the EI-ISAC. To learn more about the EI-ISAC, or to become a member, go to https://www.cisecurity.org/ei-isac/.  

Threat: Doxing 

Short for “dropping docs,” doxing is defined as “the publishing of sensitive personal information online—including home address, email, phone number, social security number, photos, etc.—to harass, intimidate, extort, stalk, or steal the identity of a target.” 

Doxing can be an especially problematic issue for election officials, many of whom are elected. As an election official, your personal information may be available as part of public records. However, there are steps that election officials can take to remove unnecessary personal information from the internet. A thorough review of the steps individuals can take to protect themselves from doxing can be found in the PEN America article on Protecting from Doxing. A few of these tips are below: 

  • Google yourself:

  • Search for any information you do not want to be public, such as your address, personal phone numbers, etc.  
  • Search for images of yourself.  
  • Set up Google Alerts for your name or other private data.  
  • Tighten your privacy settings for any online accounts, including Google, Facebook, and other social media sites.  
  • Turn off location-tracking on as many apps as possible.  
  • For election officials, be aware of what information is publicly available on your official website and official social media accounts.  
  • For documents that are subject to public records searches, check with your legal counsel to determine if any personal information can be redacted. 

Additional resources for improving your cybersecurity:  

 

Self Care

According to HeartMob – an online community for combatting harassment and cyberbullying – online abuse and harassment can have severe consequences. “It can affect people’s mental health and wellbeing and lead to anxiety, depression, and PTSD.” When facing this type of trauma, it is important to take time to care for yourself. 

Election officials can often feel siloed. There are usually only a small number of individuals who administer elections in any given jurisdiction. However, you are not alone. Election officials across the United States have faced similar challenges, and the election officials in your network may be able to offer support. Being willing to ask for help may be the most important way of coping with a challenging situation.  

Other advice from HeartMob’s article on Self-Care includes taking time for “offline” activities, such as getting outside or doing simple breathing exercises. If possible, it may be beneficial to ask someone else to manage your social media accounts for a period of time as well. Other advice from PEN America can be found here: Advice from a Psychologist, and additional resources for mental health care can be found here: Mental Health Care and Direct Services.  

A Conversation with Jason Kander on Elections and Mental Health (YouTube) - Commissioner Hovland interviewed Jason Kander, who has served in the military and as an election official, about mental health and how it relates to elections.

Crisis Support Hotlines 

The National Suicide Prevention Lifeline – 1-800-273-TALK (8255) 

Substance Abuse and Mental Health Services Administration – 1-800-662-HELP (4357)  

The National Center for Victims of Crime Help Line – 1-855-4-VICTIM (1-855-484-2846)