America’s Data Crisis: How Public Voter Registration Data Has Exposed the American Public to Previously Unforeseen Dangers and How to Fix It

I.     Introduction

Five days after his inauguration, President Trump announced he would “be asking for a major investigation into VOTER FRAUD, including those registered to vote in two states.”1 Following through on this promise, his administration created the Presidential Advisory Commission on Election Integrity to root out fraudulent voting behaviors.2 Despite scant evidence of any substantive voter fraud,3 the Commission, headed by Vice President Mike Pence and Kansas Secretary of State Kris Kobach, was charged with “study[ing] vulnerabilities in voting systems . . . that could lead to improper voter registrations, improper voting, fraudulent voter registrations, and fraudulent voting.”4

To effectuate this purpose, the Commission reached out to individual states and requested certain pieces of voter registration data.5 The states were supposed to provide the Commission with each individual voter’s full name, address, birthdate, party affiliation, Social Security Number, voter registration status, criminal record, military history, and dual citizenship information.6 Many states were outraged by the request, calling it: “disingenuous,”7 “inappropriate,”8 “an attempt to legitimize voter suppression,”9 and “bogus.”10 The Mississippi Secretary of State eloquently suggested “[the Commission] can go jump in the Gulf of Mexico,” then further noted that “Mississippi is a great state to launch from.”11

Initially, 44 states refused to comply with the Commission’s request.12 While the Commission garnered national criticism, local media outlets and individual voters began to realize something equally troubling to the request itself: Most of the requested data was already considered public information.13 In fact, almost all voter data could be found easily online or bought cheaply from individual states. The Commission folded after uncovering no signs of voter fraud,14 but questions lingered about the public nature of voting data: Why was all this information considered public record? Who has access to this data? Are there any protections or limitations on this highly sensitive information?15

This Note begins, in Part II, by breaking down the history and legality of voter registration laws. Part III explains how the current system of voter registration data storage and dissemination has created the potential for identity theft, stalking, data breaches, and more. The Note culminates in Part IV by advocating for a new federal statute that would shield voter registration data from actors, foreign and domestic, who would misuse this sensitive information.

II.     Disenfranchisement, Fraud, and Racism: The History of
American Voter Registration

Every two years, millions of Americans weave their way through a burdensome and, oftentimes, confusing registration process to fulfill the most basic of civic duties: voting. As of September 2018, 49 out of 50 states and the District of Columbia require their residents to pre-register before casting a ballot.16 Each state has their own guidelines and procedures for conducting elections and registering voters with some minimal federal guidance.17 Voters who fail to abide by their state’s registration procedures can be barred from participating in the ensuing election.18 This Section explores the long history of voter registration in America, the current voter registration system, and how voter registration data is stored and distributed.

A.     Voter Registration and the Constitution

In a quintessential example of federalism, the American founding fathers split the responsibility of governing elections between Congress and the individual states.19 The “elections clause,” found in Article I, Section 4 of the Constitution, gives both state and federal governments the power “to enact a complete code for . . . elections, including rules concerning public notices, voter registration, voter protection, fraud prevention, vote counting, and determination of election results.”20 Specifically, states determine the “Times, Places, and Manner” for conducting elections.21 This broad, sweeping statement of authority allows states to control almost every facet of the electoral process in whatever way they see fit. However, the founders “were concerned that states might establish unfair election procedures or attempt to undermine the national government,” so they reserved some authority to Congress “to ‘make or alter’” individual state election processes “as a self-defense mechanism.” 22 The result is that both Congress and the individual states can create voter registration laws and procedures, but Congress can ultimately override or preempt any state action.23 Despite having this authority, Congress has historically restrained itself and only passed election laws “[o]n occasion” with a tendency to defer to state law on matters like voter registration.24

B.     The History of Voter Registration and the States

American voter registration laws are traceable to the nation’s earliest days. 25 In 1821, the City of Boston wrote a law which required city officials to “make a list of all persons . . . eligible to vote.”26 People that did not appear on that list would not be allowed to vote.27 For reasons lost to history, Joseph Capen, a tax-paying resident of Boston, was left off of the voter roll and was not allowed to cast a ballot.28 Mr. Capen challenged the law, claiming it was a violation of his right to vote.29 Despite Mr. Capen’s best efforts and extensive litigation, the Massachusetts Supreme Court upheld the law as a legitimate exercise of legislative authority,30 and the legal foundation for voter registration was born. The decision in Capen v. Foster would pave the way for future regulatory actions and provide a legal defense for states wishing to enact their own registration laws.31 Unfortunately for early proponents of voter registration, the practice was heavily criticized in other states.32 In the early nineteenth century, registration laws and constitutional amendments were voted down in New York, Pennsylvania, Louisiana, and Iowa.33 For roughly half a century, voter registration laws would remain isolated to New England and would not emerge elsewhere until after the Civil War.34

Early voter registration laws were designed to combat voter fraud, yet, as Mr. Capen would attest to, “[they] rarely proved to be effective” and frequently discriminated against certain voters.35 Creating eligible voter rolls from scratch proved to be an arduous task.36 These rolls “were originally created by local government officials . . . based on their personal knowledge or on information learned by going door to door.”37 Unlike today, the government was entirely responsible for registering prospective voters, which meant errors made on the roll would probably go uncorrected.38 This inherently flawed system tended to disenfranchise poorer voters.39 When government officials would stop by the residence of a working-class person during the day, that individual would naturally be at their place of employment and would thus be kept off of the voter list.40 These early laws and procedures were often publicly challenged as overt attempts by the majority to silence the voices of their political opponents.41

“The rationale for requiring voters to register and have their eligibility certified . . . was straightforward: . . . eliminat[ing] fraud and also bring[ing] an end to disruptive election-day conflicts.”42 While these seem like sound reasons for passing voter registration measures, it quickly became clear some support for these new provisions was based on a more invidious purpose: disenfranchisement of new immigrants, African-Americans, Jews,43 and Catholics.44 Whether it was intentional or incidental, voter registration laws met both goals.45 States saw lower rates of voter fraud coupled with fewer eligible citizens exercising their right to vote.46

Despite their negative side effects, “[v]oter registration laws, already widespread by 1920, became nearly universal by 1940.”47 Voters, concerned about disenfranchisement, brought numerous legal challenges against registration laws, but were beaten back every time.48 In the 1960s and 70s, with the Vietnam War and civil rights movement lurking in the background, attitudes towards voting and voter registration began to change significantly.49 Nationally, voter turnout was steadily declining, and citizens partially blamed the registration system.50 In response, individual states undertook initiatives to make registration easier. These initiatives included registration by mail and “same-day” registration, which permitted voters to register on the day of the election.51 While these efforts were well-intentioned, their effects were relatively nominal.52

C.     Federal Intervention: The National Voter Registration Act and the Help America Vote Act

Congress, recognizing the limited effects of state action and the national sentiment about voter enfranchisement, slowly began to act. Throughout the 1970s and 1980s, Democrats introduced numerous bills to make voter registration easier and more uniform throughout the country.53 Unfortunately, these efforts to improve voter registration were thwarted for nearly 20 years.54

Finally, in 1993, the National Voter Registration Act (“NVRA”) passed both the House and Senate and was promptly signed into law by President Bill Clinton.55 The NVRA, also known as the “Motor Voter” bill, required states to reform major parts of their electoral systems in order “to establish procedures that will increase the number of eligible citizens who register to vote in elections.”56 Citizens could now register to vote through the mail or when they renewed their driver’s licenses.57 States were required to appoint certain agencies “as voter registration agencies,”58 maintain uniform voter rolls, and create procedures to remove ineligible voters.59 The NVRA was moderately successful and raised registration rates “by roughly 3 percentage points.”60

Seven years after the NVRA became law, the 2000 election would change the course of both American history and election law. The presidential contest pitted Vice President Albert “Al” Gore against the Governor of Texas, George W. Bush.61 The margin between the two candidates (both popularly and electorally) was razor-thin.62 The election came down to a recount of votes in Florida.63 With the fate of the presidency in the balance, the nation fixated on the recount and the court proceedings that followed. The candidates litigated the election all the way to the Supreme Court culminating with the Court’s famous opinion in Bush v. Gore.64

A great portion of the controversy surrounding the recount was focused around “punchcard” ballots.65 These ballots—and specifically the machines that read them—failed to properly count about two percent of the votes cast.66 The election would eventually be decided for President Bush, but one thing was abundantly clear—America’s electoral infrastructure was in a state of serious disrepair. As the Supreme Court correctly foreshadowed: “legislative bodies nationwide will [have to] examine ways to improve the mechanisms and machinery for voting.”67

Two years later, in response to the electoral controversy of 2000,68 Congress passed the bipartisan Help America Vote Act (“HAVA”).69 The law eliminated the old punchcard balloting system and created the Election Assistance Commission (“EAC”), which was designed to make voting and registering easier.70 The law also created voting outreach programs targeted at college students and active military members.71 For the first time, states would be required to create “a single, uniform, official, centralized, interactive computerized statewide voter registration list.”72 However, the maintenance and security of the voter list was left to each individual state: “The appropriate State . . . shall provide adequate technological security measures to prevent the unauthorized access to the computerized list.”73

D.     Contemporary Voter Registration

As with all things surrounding elections, each state has their own procedure for registering voters, storing voter information, and distributing voter data.74 Breaking down each state’s procedure is beyond the scope of this Note, but there are some wide-ranging characterizations that can be made about the process in every state. Generally, each potential voter must fill out a registration form and send it back to the state before they can vote.75 This form can be submitted by mail (pursuant to the NVRA) or filled out in person at several different state offices.76 As previously mentioned, to complete this voter registration form, the individual voter must disclose several highly personal pieces of information, which can include the voter’s name, residential address, mailing address, ethnicity, gender, birth date, phone number, and either a Social Security number or driver’s license number.77 Some states additionally require voters to register by party affiliation.78 Afterwards, the information is processed and verified by each individual state’s Secretary of State.79 Once the registration form is approved, the voter will be added to the voter roll and allowed to cast a ballot. The information from the registration form is added to the person’s voter record and stored electronically in a statewide database.80

State voter records are comprised of the information on an individual’s registration form, that individual’s election participation history, method of voting (absentee or in-person),81 and email address (if available).82 To be clear, who someone voted for is always secret, but whether they cast a ballot is not.83

Without federal restrictions on what can be done with that data, many states distribute this voter data to those that request it. In some states, the entire voter roll and the vital data within it can be purchased for little more than pocket change.84

E.     Voter Record Privacy: Individual State Policies

Despite the lack of federal protection for voter data, many states have enacted their own data protection measures. These measures include restrictions on who can access voter data, what purposes the data can be used for, and what specific pieces of voter information will be provided to those who request it. Every state’s individual protections are broken down in the Appendix. However, for the purposes of comparison, it is helpful to focus only on a few individual states.

Towards the bottom-end of the privacy scale is the state of Connecticut. Connecticut has minimal statutory protections for registration data; Social Security numbers are the only restricted piece of information.85 There are no codified limitations on who can purchase voter registration data. Nor are there any prohibitions on usage of the voter records. Lastly, there are no explicit provisions that restrain people from commercially exploiting information found in the voter records. While “driver-license numbers . . . and email addresses are exempt from disclosure,” this policy appears to be completely governed within the Secretary of State’s office.86 For $300, any individual can purchase the entire Connecticut voter roll and receive the names, addresses, birthdates, phone numbers, political party affiliations, and voting histories of thousands.87 While there has been a recent push to restrict some voter data, these efforts have not yet resulted in new statutory protections.88

West Virginia is towards the same end of the privacy spectrum as Connecticut and has minimal statutory protections for voter data. The state does restrict access to telephone numbers, email addresses, and identification numbers (including Social Security numbers). However, names, addresses, political parties, and registration status are all publicly available.89 Curiously, there are no codified requirements on what is done with other registration information collected on registration forms such as birth dates and gender identifications.90 West Virginia has also restricted the use of this data to non-commercial purposes.91

Ohio, North Carolina, and New York City (in its capacity as a municipality) join West Virginia and Connecticut at the bottom of the privacy scale. These three governments have made their registration data accessible for free online.92 Political “party affiliation, full name[s] and home address[es] down to the apartment number” can be readily accessed “all with a few mouse clicks.”93 While certain pieces of data are still restricted, the access is free to anyone who has a Wi-Fi connection.

On the other end of the privacy spectrum is Connecticut’s neighbor: Massachusetts. Massachusetts has removed almost all voter information from the public record.94 While Massachusetts collects the same voter data as any other state, the state legislature has protected citizens by keeping names and addresses out of the public record.95 Names and addresses can still be accessed by campaigns, political parties, and other parties deemed worthy by the Secretary of State,96 but they cannot be used by the general public or academic researchers.97 Additionally, there are ways for certain classes of voters to remove themselves from those protected lists for other security reasons such as living in a protective shelter.98

California’s voter registration information system falls towards the Massachusetts end of the privacy spectrum. California limits the usage of voter registration records to “election[s], political research, and governmental purposes”99 and strictly prohibits “personal, private, or commercial” usage including “harassment . . . advertising, solicitation, sale, . . . marketing . . . [and] [r]eproduction in print, broadcast . . . or display on the Internet.”100 California has also decided to keep a voter’s “home address, telephone number, [and] email address” as confidential information that “shall not be disclosed to any person.”101 All of this privatization is supplemental to the protections California already affords to identification and Social Security numbers.102

Every other state falls somewhere in between these two ends of the spectrum. For example, Minnesota lies towards the middle of the protection scale. Minnesota restricts usage of voter lists “for uses related to elections, political activities, or in response to a law enforcement inquiry.”103 These lists are “only available to registered Minnesota voters,”104 but there are no restrictions on Minnesota voters sharing the information with others as long as it is only used for statutorily permitted purposes.105 Additionally, unlike Massachusetts, Minnesota does not restrict much of the actual voter information. Whereas, driver’s license and Social Security numbers are restricted, a voter’s name, address, birth year, phone number, registration date, voter history, and voting method can all be accessed for $46.106 As each of the problems with voter data access is discussed in the next section, it is important to keep in mind that these issues are either reduced or exasperated, depending on the level of protection each state affords its individual voters.

III.     Contemporary Problems with Voter Registration Data

In the 2016 election, only 64 percent of eligible Americans registered to vote.107 This means roughly 100 million eligible American voters decided not to register.108 Pew Research conducted a poll to determine why these Americans chose not to register.109 According to their data, 11 percent of non-registered Americans decided “not . . . to register due to privacy or security reasons.”110 While it is unclear what specific privacy concern kept these Americans from registering,111 this Section examines and describes a number of the likely security issues behind these voters’ choice to withhold their registration.

A.     Domestic Violence

One of the greatest problems facing America today is an epidemic of domestic violence. “Domestic violence is prevalent in every community, and affects all people regardless of age, social status, sexual orientation, gender, race, religion, or nationality. . . . [It] can result in physical injury, psychological trauma, and even death.”112 Each year in the United States “more than 10 million” people are victims of some form of domestic violence.113 A major portion of this epidemic is stalking. “[One] in 7 women and 1 in 18 men” will be stalked over the course of their lifetime.114 To protect victims, many states have taken steps to hide the victim’s address and have even created relocation programs, so their assailants cannot find them.115 Unfortunately, when designing these programs, some states have forgotten to close one major loophole: voter registration data.

As previously discussed, public voter records, at a minimum, contain a person’s name and complete address.116 With such nominal costs for buying voter data, it is fairly easy for an assailant to buy their victim’s personal information if their victim is a registered voter.117 “[S]urvivors who have high privacy risks have few options and may . . . choos[e] not to register to vote to keep their address from becoming publicly available.”118 A domestic violence victim under some current systems must choose between having their data exposed or exercising their right to vote. As one victim put it: “Your choice: Vote OR stay alive.”119

Many states have taken incremental steps toward protecting victims in the form of “Address Confidentiality Programs also known as [ACPs].”120 “[ACPs] are programs administered by individual states enabling victims of domestic violence, and sometimes victims of sexual assault and/or stalking, to keep their current address hidden . . . .”121 Currently, 45 states have some sort of ACP program.122 Survivors in the other five states are forced to make a difficult decision about voting and potentially having their information exposed or opting out of the electoral process entirely.123

Having an ACP is an important first step towards protecting domestic violence victims from being disenfranchised, but it is not a perfect solution. There are still “significant challenges [in] effectively controlling this [voter registration] data . . . so [ACP participation] is not a guarantee of privacy.”124 One major problem with ACPs is that they are oftentimes difficult to get enrolled in and can significantly inconvenience the victim.125 Some states, such as Nevada, have an ACP, but require an individual to prove their assault through a “record of conviction, a temporary restraining order or other protective order.”126 North Carolina requires their ACP applicants to “obtain a protective order that indicates their physical safety would be jeopardized if a personal address was publicly available, and then submit [the order] to the local county board of elections.”127 Unfortunately, the victims of domestic violence sometimes do not get official records against their assailants.128 According to Fordham Professor Jessica Baldwin-Philippi: “requir[ing] proof, in the form of a court order in the county where the survivor is registered to vote . . . can be prohibitive.”129 Even if an ACP applicant obtains the requisite court order and is able to shield their address, other pieces of personal information may still be publicly available and create unwanted exposure.130

Another problem with ACPs is that they are oftentimes facilitated at the county level—creating several other administrative problems.131 Primarily, this subset of issues can be attributed to “a lack of good training” for local officials who run the ACPs.132 One Florida voter said she had to explain the existence of the program to numerous election and DMV officials making it “very difficult” to enroll in the state’s ACP.133 Furthermore, county officials install different levels of security to voter data collected as part of the ACP, meaning there are inconsistencies in protection which may expose victims in some counties, but not others.134 While ACPs are vitally important for protecting survivors, problems still linger that need to be resolved.

B.     Identity Theft

Whereas domestic violence victims are generally concerned with their data being exposed to their assailants, other voters should be alarmed with the data being exposed to other individuals, especially identity thieves. Identity thieves “wrongfully obtain[] and use[] another person’s personal data . . . for economic gain.”135 These criminals use personal data for any number of nefarious purposes, including fake loan and credit card applications, bank account withdrawals, and wrongful access into various online financial accounts.136

Today, “[a] birthdate, along with a name and hometown can be used in a formula to recreate your Social Security information” or driver’s license number—giving identity thieves all they need to commit financial crimes.137 In many states, these three pieces of personal data are distributed as part of the voter registration record and thus create unforeseen danger for individual voters. While it appears that a person’s identity cannot be stolen with simply a person’s name and address, that basic information can still “be used as a gateway” for identity thieves to get the rest of the data they need.138 This means that even voters located in states with broad voter data protection are still partially exposed. With such ease of access, identity thieves can buy all this essential information for little to no cost. As one researcher described: “A trove of all U.S. voter data could be valuable to criminals looking for lists of large numbers of targets for a variety of fraud schemes.”139 Thus, current voter registration data systems have created a new class of millions of identity theft targets: each and every registered voter.140

C.     Data Breaches

When data is electronically stored, there is always a risk of breach. As discussed earlier, states collect a lot of information that will not be sold as part of a person’s voting record including Social Security numbers and driver’s license numbers.141 Although it is beneficial for the state to collect this information to ensure the integrity of the election process, the current system of selling voter registration data sometimes unintentionally exposes even these vital pieces of information. Once exposed, this data can be used to commit identity theft or voter impersonation.

In 2015, in one of the most egregious registration data breaches, over six million Georgians had their Social Security numbers, drivers’ license numbers, and personal information accidently distributed to 12 organizations that had purchased the voter registration data from the state.142 These organizations included members of the press, political parties, and a group of guns-rights advocates.143 Georgia Secretary of State, Brian Kemp, said “voters can rest assured their information is safe” based on the nature of the organizations that received these voter records—but it ultimately remained unclear who saw the data.144

While breaches caused by state negligence are a concern, data leaks can also come from the third parties who purchase the voter registration information. Over the last decade, voter registration records of millions have been exposed online after being purchased by partisan analytics firms,145 robocall companies,146 and other anonymous or unconfirmed sources.147 While states have restricted how third parties can use voter registration data, there appears to be little to no regulation on what or how these third parties secure this information. Thus, even in states where the legislature has enacted some voter protection, this vital data can still be exposed.

One of the most recent voter record data breaches occurred just weeks before the 2018 mid-term elections.148 The records of 35 million voters from 19 different states appeared on the “dark web,” where someone was attempting to sell them.149 It is unclear where the records came from, who distributed them, or who purchased the information.150 It is also unclear why this person wanted to distribute this voter information, but it is likely that breaches similar to this one will continue to occur until major security reforms are undertaken.

D.     Changing Election Results

It is undisputed that Russian agents attempted to affect the 2016 election by using voter data to wage a large online disinformation campaign.151 As part of that effort, Russian hackers gained access to voter registration data “[i]n a small number of states.”152 In those states, the hackers “were in a position to . . . alter or delete voter registration data.”153 Some states did such a poor job in protecting their voter data that a Senate Intelligence Committee report on election hacking redacted individual state names to protect individual election systems from further infiltration.154

While it is unclear if the Russians acted on this data in 2016, this information could be used to directly affect results in future elections.155 “[T]he availability and currency of . . . voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process . . . .”156 This manipulation occurs by using electronic voter registration in tandem with the readily accessible voter registration records.157

Online registration makes registering to vote easier and saves states large amounts of money.158 Currently, citizens in 37 states and the District of Columbia can change and update their voter registration information online.159 To keep this system of updating voter registration secure, states generally require voters to verify certain pieces of their personal information such as the last four digits of a Social Security number, birth date, or a driver’s license number.160 Unfortunately, as discussed earlier, these sensitive pieces of data can be easily accessed. Armed with this information, someone (e.g., a Russian hacker) who wanted to keep certain people from voting could change their registration information and prevent them from voting.161

There are three recognized “attacks” that can be executed using voter registration data and a state’s online registration system.162 The first “attack” is called a “change of address attack.”163 Simply put, someone who wanted to prevent someone else from voting could go online and change the address at which the voter is registered.164 On election day, when that voter shows up to his or her local precinct, he or she will be informed that they are no longer eligible to vote there and may now be registered at a different polling location hundreds of miles away.165 The second “attack” involves absentee ballots.166 In some states, when a voter requests an absentee ballot, he or she is no longer eligible to vote in person on election day.167 A manipulator could use voter registration data to request an absentee ballot to a different address.168 The manipulator could then try to “submit a false absentee ballot on behalf of the voter” or simply throw the ballot away and make the voter ineligible.169 The third and final potential “attack” involves changing a voter’s party affiliation online.170 Certain states have “closed party primaries” which require that voters be registered with a specific party in order to participate.171 By changing someone’s registered political party, an attacker could easily disenfranchise an individual voter.172

Any one of these three attacks could irreversibly change the course of an election. With cognizable party preferences based on certain demographics (e.g., younger people who tend to vote for Democrats or Caucasians who tend to vote for Republicans),173 it would be easy for an attacker to suppress the votes of their political enemies. Voters could be targeted based on their party affiliation, neighborhood, or even age demographic.

The most recent example of a registration-based attack occurred in the 2016 Republican primary in Riverside County, California.174 California has a closed primary system, meaning only registered party members can engage in the state’s primary.175 An attacker engaged in the third type of registration manipulation and “changed [voters’] party affiliations without their knowledge or consent.”176 Voters who had their registration changed were no longer able to participate in the election of their choosing.177 No one is quite sure who attacked the Riverside primary because the state’s voter registration website failed to track who visited the site,178 but there is some speculation the Russians may have been involved.179 With continued data exposure, it is possible an attack like this may occur again—on a much larger scale.

E.     Participation in American Democracy

Readily available voter registration records may also be having a negative effect on the health of American political life itself. Democracy is at its best when voter participation rates are high. Naturally, modern political campaigns with various registration and “Get Out the Vote” efforts serve as a primary driver of political participation.180 Armed with voter records, campaigns can now carefully target those with extensive voter histories and avoid those groups with lower turnout rates (i.e., poorer and younger voters).181 From the campaign’s prospective, this is a common-sense approach—those who have voted will vote again, hopefully, for their candidate. On the other hand, democracy itself may suffer from this type of selective targeting because there will likely be no outreach efforts made towards those that do not have extensive voter records—meaning that America’s participation rate could remain relatively steady at its current rates (roughly 60 percent in presidential elections and 40 percent in midterms).182 As one former presidential field director explained: “We have skipped many doors and missed entire families because the data experts didn’t have addresses or phone numbers for poor people, young people, people of color or people who moved a lot.”183 If campaigns were restricted from accessing voter data, they may be incentivized to target people without extensive voter histories because they will not know who had previously voted. In turn, these expanded voter turnout efforts could lead to more people voting and strengthen American democracy. While the proverbial cat may already be out of the bag because of the internal data records held by the major political parties, it is certainly an idea worth exploring.

Another problem with American democracy that may have been exasperated by voter registration data is the country’s deep political polarization, which is “at its worst since the Civil War.”184 Candidates who rely on voter data “talk only to voters disposed to agree with them, as opposed to persuading those who don’t.”185 When candidates for major offices and their staff simply avoid half of the population, it is readily inferable that partisanship may get worse. According to one study, certain voter turnout techniques based on targeted data “may . . . mak[e] the electorate more polarized and less representative of the greater population.”186 Even though it would be misleading to pretend something as large and complicated as polarization is entirely caused by public access to voter registration records, it may be a compounding factor to this partisan problem because “[b]ig data makes it easy for candidates to dismiss their opponents.”187

IV.     The Protect American Democracy Act

While the problems with the current voter registration system are numerous and sometimes complex, the solution, from a conceptual standpoint, is simpler: a federal statute. As discussed in Part II, Congress, pursuant to the Elections Clause, has the authority to enact a statute to resolve most of these problems.188 Of course, states also have the power to solve some of these data issues, but they can only govern their own state’s procedures. State protections “could be a useful interim stop-gap to mitigate the harms caused by computational politics while Congress is in legislative dysfunction.”189 However, a more concrete solution will have to come at the federal level. This Section explores what that law would look like and what provisions are necessary to protect individual voters.

Before advancing to the specific provisions of a potential federal statute, it is important to note that some scholars feel that restrictions on voter registration data might run afoul of the Constitution.190 One potential area of constitutional conflict is the First Amendment’s right to access doctrine.191 The First Amendment generally requires public access to government documents (e.g., lists of voting records), and restrictions on that access must be able to survive strict scrutiny. Relying on Globe Newspaper Co. v. Superior Court for County of Norfolk, one scholar has suggested that any restriction on voter registration data might have to survive strict scrutiny review.192 While this is an interesting argument, it misses the mark because “the right of access has only been applied to records from criminal proceedings.”193 In fact, Justice O’Connor’s concurrence in Globe Newspaper said “the Court’s decision today [carries no] implications outside the context of criminal trials.”194 Thus, restrictions on civil voter registration records would not implicate the right of access, and there would be no need for strict scrutiny review of this potential federal legislation. If strict scrutiny review were to be applied, the government could still regulate voter registration data, but its actions would have to be narrowly tailored and reforms may not be as broad as the ones recommended below.

It is also noteworthy that there have been some enforcement concerns with certain federal election laws including the NVRA.195 State violations of the NVRA have included “policies that improperly complicate voter registration” and “local offices . . . hav[ing] no voter registration forms.”196 Lawsuits can work to rectify some of these compliance issues, but the legal process takes up both time and resources. While figuring out enforcement concerns with federal election laws is beyond the scope of this Note, lawmakers will have to come up with better solutions to ensure compliance with any proposed electoral reform, including the one discussed below.

A.     General Restrictions on Accessibility

The first thing a new federal statute should do is place limits on voter registration data itself. As previously discussed, there are currently three types of general limitations on registration information being used by the states. The first category of restriction is based on who is attempting to access the data. The second category of restriction is based on what the data can be used for. The final category of restriction involves what type of data will be restricted. All three types of constraints on voter records can help prevent most of the problems enumerated in the previous section and are a fundamental part of any possible federal statute.

1.     Who Should Be Able to Access Voter Data

The first type of federal restriction should involve giving voter registration data only to political candidates and other non-profit groups. This is the approach currently used by Massachusetts.197 By taking access away from the general public, it will make it substantially more difficult for stalkers and identity thieves to get their hands on this compromising data. Political candidates should be allowed to access the data because they should know which citizens have chosen to vote in an upcoming election. In a democratic system where every Congressional district has almost 750,000 people,198 it would be a herculean task to reach out to each eligible voter. It would also ensure that incumbents would not have a distinct political advantage by using mailing addresses of constituents that they get access to as part of their job. With the electoral history and political party of voters moving into a restricted class of data (discussed below), this would provide candidates equal opportunity to talk to everyone who is registered to vote while eliminating the potential turnout biases mentioned above.

For additional security, the federal statute should also mandate disclosure of certain information about the requester of the voter registration data prior to disseminating the voter list. This could assist in preventing unauthorized or foreign access to the voter list. For example, in California, those wishing to purchase voter registration data must provide their name, address, telephone, driver’s license number, group association, and “[a] statement of the intended use.”199 This would give the government a better idea of who has this important information and might help prevent wrongful access and usage. Much of this information is already required by the states on their voter registration data request forms, but a uniform, codified set of mandatory disclosures would provide additional security for the American voter.

2.     What the Data Can Be Used for

Voter records that are disseminated should be restricted to non-commercial purposes. This restriction is already in place in many states but is not universal. Currently, political parties can buy individual consumer data from private companies.200 Newspapers, pharmacies, and lobbying groups all compile data from their customers and then sell it to political parties.201 It is easy to imagine why these same companies might want voter registration information from the state or a group that has purchased the data to run targeted advertising campaigns and harass unsuspecting citizenry. If companies were able to purchase this voter registration data and use it for commercial purposes, it would dramatically increase the number of people who can access registration records causing additional security concerns. With all of this in mind, voter registration data should only be used for non-commercial purposes and those who do purchase voter data should be restricted from reproducing it.

3.     What Data Should Be Included in the Voter File

For those entitled to access state voter files, there should be restrictions placed on what specific data they can access. Currently, driver’s license numbers and Social Security numbers remain protected information in virtually every state.202 However, almost every other piece of data may or may not be available depending on the individual state. Political party affiliation and election participation history should become protected information to avoid partisan polarization issues and prevent one of the recognized election “attacks” described earlier. Birthdates, which can be used to help steal identities and change registrations, should also be taken out of the public record. One expert has suggested that “redacting birth days and months” would be an “easy fix” to some of the voter registration data problems.203 Names, addresses, and birth years can remain accessible, so candidates will know who they are talking to when they go door-knocking or distribute literature. With the implementation of a new federally mandated ACP program (suggested below) and the aforementioned data restrictions, names, addresses, and birth years should not be particularly harmful as public record, especially if they are kept secure by the appropriate groups.

B.     The Establishment of a Mandatory Address Confidentiality Program

A new federal statute designed to battle voter registration problems should include the creation of a uniform ACP. First, states should be required to create an ACP that would remove domestic violence victims from public voter rolls entirely. Secondly, ACP applicants should be held to a low standard of proof to be eligible for the program. As previously discussed, victims of domestic violence sometimes lack the willingness or psychological ability to get necessary documentation for something like a restraining order. This does not mean that they should be ineligible to vote. Either the “good reason to believe” standard for eligibility used by Minnesota or Maryland’s “catch-all” provision could serve as a guidepost for those drafting a federal ACP.204 Both Minnesota and Maryland’s standards provide the necessary flexibility to victims by allowing them to apply for the program if they have good reason to believe that they might be in danger. This would ensure that a domestic violence victim’s right to vote would not compromise their right to life. The federal ACP should be well-advertised and state employees should be trained in how to enroll victims to make the application process less cumbersome.

The ACP should also cover certain law enforcement officials, judges, and others who have high privacy concerns due to the sensitive nature of their occupations as well as their families.205 This type of policy is already in place in numerous states and should be codified in federal law. Oklahoma’s restrictions on this sort of data serve as an excellent example for how this type of protection could be enacted on a national level.206 With protections enabled for both public officials and domestic violence victims, this statute will ensure that American citizens are not inadvertently disenfranchised through public voter rolls.

C.     Minimum Data Security Requirements for Voter Registration Data

While government agencies have made some suggestions on how to protect voter registration data,207 there are virtually no requirements on how voter data is electronically stored or protected by either the state or third parties. A new federal statute should provide more funding for states to upgrade their cybersecurity systems surrounding data storage to prevent data breaches. There should also be certain security minimums which both states and third parties who wish to purchase registration data must comply with. While certain federal security measures have already been discussed by certain legislative committees,208 Congress has failed to act on them. Some have suggested that, in order to protect voter data, “[s]tates could release voter lists on the condition that campaigns and political data firms adopt some privacy protections that will minimize harms caused by a loss of informational autonomy.”209 Alternatively, the European Union’s recent “General Data Protection Regulation” could be instructive.210 Under that law, companies have to appoint data protection officers who exclusively focus on data security and design optimal data security measures.211 These efforts could protect voter registration data from third parties who want to use voter records for less than legitimate purposes.

D.     Proposed Statutory Language

The following statutory language, if enacted, would go a long way towards achieving the goals listed in the previous section. It is largely drawn from current state models, previous federal legislation (mostly NVRA and HAVA) and is in no way comprehensive, but it could serve as a guidepost for legislators looking to enact meaningful change.

An Act

To provide additional security for voter registration data

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,


Section 1: Short Title

This Act may be cited as “The Protect American Democracy Act”.


Section 2: Findings and Purposes

(a) Findings – “The Congress finds that—

(1) the right to citizens of the United States to vote is a fundamental right;

(2) it is the duty of the Federal, State, and local governments to promote the exercise of that right; and,”212

(3) voter registration practices have led to new, unforeseen threats to both American voters and democracy.

(b) Purposes – “The purposes of this [Act] are”213

(1) to protect the American voter through restrictions on voter registration data;

(2) to establish a national Address Confidentiality Program to protect the nation’s domestic violence victims and other vulnerable members of society;

(3) “to protect the integrity of the electoral process; and,”214

(4) to encourage increased participation in federal elections.


Section 3: Definitions [omitted for the purposes of this Note]215


Section 4: Restrictions on Voter Registration Data Access

(a) Access to voter registration information stored in a state’s central registry, pursuant to the Help America Vote Act of 2003, shall be limited to the following parties:

(1) National party committees;

(2) Federal office candidate committees;

(3) “[S]tate party committees”;216

(4) “[S]tatewide candidate committees”;217

(5) “[S]tate ballot question committees”;218

(6) Certified non-profit, academic researchers; and,

(7) “[A]ny other individual, agency or entity that [the Federal Election Commission] shall designate by regulation consistent with the purposes of this [Act].”219

(b) For the purposes of ensuring electoral integrity, nothing in this Act will be construed to prohibit access of the entire voter registry to the following parties:

(1) The Secretaries of State of the fifty states and the District of Columbia as well as their staff members;

(2) The jury commissioners of the fifty states and the District of Columbia as well as their staff members;

(3) Law enforcement personnel; and

(4) The Members and Staff of the Federal Election Commission.

(c) State voter registration information “[s]hall be confidential and shall not appear on any computer terminal, list . . . or other medium routinely available to the public . . . .”220

(d) State voter registration information “[s]hall not be used for any personal, private, or commercial purpose, including, but not limited to . . .”221

(1) “The harassment of any voter or voter’s household”;222

(2) “The advertising, solicitation, sale, or marketing of products or services to any voter . . .”;223

(3) Collection of an outstanding debt of any kind;

(4) “Reproduction in print, broadcast visual or audio, or display on the Internet . . . .”224

(d) Nothing in Section 4(c) of this Act shall be construed to prohibit standard election outreach activities conducted by the parties listed in Section 4(a) of this Act or academic research.

(e) For the individuals and committees listed in Section 4(a) of this Act, access will be limited to the following pieces of voter information:

(1) Individual names;

(2) Addresses;

(3) Gender;

(4) Political party affiliation; and

(5) Race.

(f) Under no circumstances, except for the individuals listed in Section 4(b) of this Act, will access be permitted to the following pieces of information:

(1) Social security numbers;

(2) Driver’s license numbers;

(3) Birth dates; and,

(4) Election participation history.

(g) “[I]t shall be unlawful for any person to use, print, publish, or distribute any voter registration information acquired directly or indirectly from the voter registration affidavits or any list prepared therefrom.”225


Section 5: The National Address Confidentiality Program (NACP)

(a) Application procedures [omitted for the scope of this Note].

(b) To be eligible for the National Address Confidentiality Program, a person must make a statement that:

(1) “[T]he eligible person listed on the application is a victim of domestic violence, sexual assault, or harassment or stalking; or,”226

(2) “[T]he eligible person fears for [their] safety, the safety of another person who resides in the same household, or the safety of persons on whose behalf the application is made.”227

(c) Additionally, the applicant must swear, under penalty of perjury, that they are “not applying for certification as a program participant in order to avoid prosecution for a crime.”228

(d) Logistics [omitted for the purposes of this Note].229

(e) Law enforcement personnel, members of the federal judiciary, members of the state judiciary, and their families, as well as others who are appointed by the individual Secretaries of State, shall also be given a substitute address under this section for their protection.

(f) Each state and the District will receive an allocation of $2 million  per Congressional representative,230 voting or not, in their respective state for the purposes of:

(1) Implementing the program;

(2) Raising awareness about the ACP; and,

(3) Providing training for state employees to properly handle and administer the new ACP.


Section 6: Data Security

(a) Each state and the District of Columbia will receive up to $5 million per Congressional representative231 for the purposes of:

(1) Enacting new cyber security measures to protect voter data; and

(2) Investigating data leaks.


V.     Conclusion

The right to vote lies at the heart of what it means to be an American. From the streets of Yorktown to an overcrowded cell in Montgomery, it is a right that Americans have fought and died over for centuries. It is fundamental that Americans should be able to vote without placing their own security at risk. However, this is just what the distribution of voter registration data has done. To remedy this problem and secure the American voter, a new federal statute should be passed to secure voter data. This new statute would significantly impair those who attempt to collect this data for nefarious purposes by placing restrictions on who can access the data, what information is available, and what purposes the data can be used for. The statute would also create a new address confidentiality program to protect domestic violence victims from becoming exposed to their attackers. Lastly, the statute would create minimum security requirements for states who handle this data and for third parties who purchase the data.

At her best, America is more than a country. She is a beacon of hope clothed in the immutable belief that government must be run by and for the people. With faith, hard work, and eyes drawn to the horizon, millions of Americans have built on this idea of self-government and accomplished the impossible. The exposure of voter data has cracked this cornerstone, and without action, the bedrock may begin to give. With nothing less than the future of American democracy on the line, a federal statute is the least that can be done.


Appendix: Voter Data Restrictions by State









undefined undefined












  1. [1]. Donald J. Trump (@realDonaldTrump), Twitter (Jan. 25, 2017, 4:10 AM), https:// [].

  2. [2]. Michael Wines & Maggie Haberman, Trump Closes Voter Fraud Panel That Bickered More Than It Revealed, N.Y. Times (Jan. 4, 2018), [].

  3. [3]. Mythili Sampathkumar, Donald Trump Launches Official Investigation into Voter Fraud After Claiming It Cost Him Popular Vote, Indep. (May 11, 2017, 2:48 PM), https://www.independent. [].

  4. [4]. Press Release, The White House, President Announces Formation of Bipartisan Presidential Commission on Election Integrity (May 11, 2017),
    briefings-statements/president-announces-formation-bipartisan-presidential-commission-election-integrity []. Kris Kobach was the 2018 Republican Gubernatorial nominee for Kansas, and despite the “deep-red” nature of that state, he lost to Democrat Laura Kelly. Mark Joseph Stern, Notorious Vote Thief and Incompetent Gubernatorial Candidate Kris Kobach Loses in Kansas, Slate (Nov. 6, 2018, 10:44 PM),
    11/kris-kobach-loses-kansas-governors-race.html [].

  5. [5]. Wines & Haberman, supra note 2.

  6. [6]. Letter from Kris W. Kobach, Vice Chair, Presidential Advisory Comm’n on Election Integrity, to The Honorable Denise Merrill, Conn. Sec’y of State (June 28, 2017), available at [] [hereinafter Kobach Letter]; see also Liz Stark & Grace Hauck, Forty-Four States and DC Have Refused to Give Certain Voter Information to Trump Commission, CNN,
    2017/07/03/politics/kris-kobach-letter-voter-fraud-commission-information/index.html [] (last updated July 5, 2017, 5:49 AM) (explaining Kobach’s letter and the individual state responses to it).

  7. [7]. Del. Dep’t of State, Delaware Will Not Provide Voter Information to White House Commission, (July 3, 2017), [] (quoting the Delaware Secretary of State Jeffrey Bullock).

  8. [8]. Id.

  9. [9]. Tom Loftus, Grimes: ‘Not Enough Bourbon’ in Kentucky to Make Commission’s Voter Data Request Seem Sensible, Courier J.,
    06/30/grimes-says-she-wont-send-kentucky-voter-data-trump-commission/442751001 [https://] (last updated July 1, 2017, 12:45 PM) (quoting the Kentucky Secretary of State as saying “there is ‘not enough bourbon here in Kentucky to make this request seem sensible’”).

  10. [10]. Press Release, James C. Condos, Vt. Sec’y of State, Secretary Condos Issues Response to Letter from President Trump’s Election Integrity Commission Requesting Voter Information (June 30, 2017), available at []; see also Stark & Hauck, supra note 6 (describing how each individual state responded to the initial Commission request, including many responses that were less than cordial).

  11. [11]. Press Release, Delbert Hosemann, Miss. Sec’y of State, Secretary Hosemann’s Statement on Request for Voter Roll Information (June 30, 2017),
    Press-Release.aspx?pr=800 [].

  12. [12]. Stark & Hauck, supra note 6.

  13. [13]. Haley Hinds, Voter Registration Information Is Public Record, Fox 13 News (Nov. 2, 2016, 7:00 PM), [] (quoting a Florida voter saying “[i]t surprises me that they give anybody’s information out to anybody. It should be confidential”); Esteban Parra, Trump Voter Data Request May Limit Access in Del., Del. Online,
    story/news/local/2017/07/15/trump-voter-data-request-could-limit-access-delaware/476424001 [] (last updated July 15, 2017, 8:27 PM) (quoting the Delaware Election Commissioner saying “[t]he voter outcry was overwhelming”); Rachel Riley, Publicly Available Voter Information a Surprise to Some in Colorado, Gazette (July 15, 2017), https://
    article_e0651a8a-212c-5336-8ef9-deef05f390f4.html []; Gray Rohrer, Florida Sends Voter Info to Trump Panel, Orlando Sentinel (July 31, 2017, 11:20 AM), [] (explaining Florida voters’ response to their state’s cooperation with the Commission); James Eli Shiffer, Minnesota Voter List Is a Public Record, After All, Star Trib. (July 10, 2017, 9:15 AM),
    minnesota-voter-list-is-a-public-record-after-all/433338523 []; see Blair Miller, 5,300+ Colorado Voters Withdraw Registration as State Prepares to Send Info. to Trump Commission, Denver Channel, [
    9GHB-GGXW] (last updated July 31, 2017, 10:37 AM) (explaining how Colorado citizens attempted to hide their personal information after the Commission request); see also Deborah Fisher, Are Tennessee Voter Registration Records Public?, Tenn. Coalition for Open Gov’t, https:// [] (last updated July 5, 2017) (noting that some states are electing not to comply with the Commission’s request); see also Hillary Long, Data Privacy and Connecticut Voters, ctpost (Nov. 9, 2018, 12:26 PM), [] (arguing that states should not be able to sell voters’ private data without explicit consent). It may also be important to note that Americans are becoming increasingly concerned with how accessible their personal information is. It is certainly possible that if more people were aware their voter registration data was public and had knowledge about what it contained then there would be many more negative reactions. For more information on American feelings toward the privacy of their personal data, see Mary Madden & Lee Rainie, Americans’ Attitudes About Privacy, Security and Surveillance, Pew Res. Ctr. (May 20, 2015), http:// [].

  14. [14]. Michael Tackett & Michael Wines, Trump Disbands Commission on Voter Fraud, N.Y. Times (Jan. 3, 2018), []; see also Charles Stewart III, Trump’s Controversial Election Integrity Commission is Gone. Here’s What Comes Next., Wash. Post (Jan. 4, 2018, 10:27 AM), https:// [].

  15. [15]. A non-profit group, The New Data Project, even created a phone app called “Vote with Me,” which used publicly available registration data combined with your phone contacts to shame your friends and family who were not voting. This drew some online criticism with authors calling the app “creepy” and “weird.” Christina Cauterucci, The App That Tells You Your Friends’ Voting History Is Kind of Creepy and Really Dysfunctional, Slate (Nov. 6, 2018, 5:04 PM), https:// [
    7VCR-ANC4]; Katie Notopoulos, The Vote with Me App Looks Up Your Contacts’ Voting Records, BuzzFeed News (Oct. 29, 2018, 3:37 PM),
    notopoulos/vote-with-me-app-friends-registered-vote-privacy [].

  16. [16]. Register to Vote and Check or Change Registration,, [] (last updated Aug. 23, 2019) [hereinafter Register to Vote] (explaining that every state other than North Dakota requires some form of voter registration); Why Are Millions of Citizens Not Registered to Vote?, Pew Charitable Tr. (June 21, 2017), [] [hereinafter Millions Not Registered]; see also James MacPherson, No Voter Registration Point of Pride, Unease in North Dakota, Star Trib. (June 10, 2018, 12:00 PM), [] (explaining North Dakota’s lack of voter registration).

  17. [17]. See Register to Vote, supra note 16 (explaining state voter registration procedures generally).

  18. [18]. See id.

  19. [19]. U.S. Const. art. I, §§ 2–4; id. art. II, § 1; Michael T. Morley & Franita Tolson, Common Interpretation: Elections Clause, Nat’l Const. Ctr., [].

  20. [20]. Morley & Tolson, supra note 19.

  21. [21]. U.S. Const. art. I, § 4.

  22. [22]. Morley & Tolson, supra note 19.

  23. [23]. Id.

  24. [24]. Id. Congress did not take any action under the Elections Clause until 1842. In Ex Parte Yarbrough, the Supreme Court explained this inaction was a result of Congress wanting to show “deference and respect to the states,” but Congress never actually relinquished the Constitutional authority to govern elections. Ex Parte Yarbrough, 110 U.S. 651, 662 (1884). While Congress has taken some action to regulate elections since the 1800s, states remain responsible for many of the intricate details surrounding elections. See generally Robert G. Natelson, The Original Scope of the Congressional Power to Regulate Elections, 13 U. Pa. J. Const. L. 1 (2010) (explaining the historical and Constitutional background of the Elections Clause and congressional action).

  25. [25]. Joseph P. Harris, Registration of Voters in the United States 65 (The Brookings Inst. Wash. ed., 1929).

  26. [26]. Howard Gillman et al., American Constitutionalism: Volume II: Rights and Liberties: Supplementary Material 1 (Oxford Univ. Press 2013), available at http://global. []; see also Lily Rothman, For National Voter Registration Day, Here’s How Registering to Vote Became a Thing, Time, [] (last updated Sept. 18, 2019, 2:39 PM) (noting that the Boston law made it “no longer possible for polling officials to just recognize the voters by sight”).

  27. [27]. Gillman et al., supra note 26, at 1.

  28. [28]. Id.

  29. [29]. Id.

  30. [30]. Capen v. Foster, 29 Mass. (12 Pick.) 485, 497–99 (1832); see Alexander Keyssar, The Right to Vote: The Contested History of Democracy in the United States 52 (Basic Books rev. ed. 2000) (explaining the story of Capen); see also Gillman et al., supra note 26, at 1 (“The Supreme Judicial Court of Massachusetts declared that the voting registration law was consistent with the right to vote.”).

  31. [31]. Capen, 29 Mass. (12 Pick.) at 497–99; Keyssar, supra note 30, at 65.

  32. [32]. Keyssar, supra note 30, at 65.

  33. [33]. Harris, supra note 25, at 65–72.

  34. [34]. Id. at 72.

  35. [35]. Id. at 65.

  36. [36]. Daniel P. Tokaji, Voter Registration and Election Reform, 17 Wm. & Mary Bill Rts. J. 453, 456–57 (2008).

  37. [37]. Id.

  38. [38]. Id. at 457.

  39. [39]. Id. at 469–70.

  40. [40]. Id. at 457.

  41. [41]. Keyssar, supra note 30, at 65­–66; see also Harris, supra note 25, at 67–68; Tokaji, supra note 36, at 457–58.

  42. [42]. Keyssar, supra note 30, at 152.

  43. [43]. Id. at 153, 157. In 1908, New York City registered voters on Jewish high holidays to keep them from the polls. Id. at 157.

  44. [44]. Id. at 65–66; Tokaji, supra note 36, at 458–61.

  45. [45]. Keyssar, supra note 30, at 151.

  46. [46]. Id.

  47. [47]. Id. at 230.

  48. [48]. Blue v. State ex rel. Brown, 188 N.E. 583, 592 (Ind. 1934); see also Keyssar, supra note 30, at 158 (explaining an Ohio Court upholding that state’s registration law).

  49. [49]. Keyssar, supra note 30, at 318.

  50. [50]. Id. at 231–32.

  51. [51]. Id. at 312.

  52. [52]. Id.

  53. [53]. Id. at 313–14; see About the National Voter Registration Act, U.S. Dep’t of Justice, [] (last updated May 21, 2019).

  54. [54]. Keyssar, supra note 30, at 312–14.

  55. [55]. See About the National Voter Registration Act, supra note 53.

  56. [56]. 52 U.S.C. § 20501(b) (2012).

  57. [57]. Id. §§ 20504–20505.

  58. [58]. Id. § 20506.

  59. [59]. Id. § 20507.

  60. [60]. Joseph Lawler, Motor Voter and Turnout 15 Years After the NVRA 3 (2008) (unpublished manuscript) (on file with the University of Notre Dame Department of Economics).

  61. [61]. Michael Levy, United States Presidential Election of 2000, Encyc. Britannica, https:// [
    GSX7-NGGA] (last updated Oct. 31, 2019).

  62. [62]. Samantha Levine, Hanging Chads: As the Florida Recount Implodes, the Supreme Court Decides Bush v. Gore, U.S. News (Jan. 17, 2008),
    the-legacy-of-hanging-chads []; Levy, supra note 61.

  63. [63]. Levy, supra note 61.

  64. [64]. See Bush v. Gore, 531 U.S. 98, 98–111 (2000).

  65. [65]. Id. at 103–04.

  66. [66]. Id. at 103.

  67. [67]. Id. at 104.

  68. [68]. Help America Vote Act, U.S. Election Assistance Commission,
    about/help-america-vote-act [].

  69. [69]. Eric A. Fischer & Kevin J. Coleman, Cong. Research Serv., Election Reform: The Help America Vote Act and Issues for Congress 1 (2008), available at https://www.every []; David Margolick, The Path to Florida, Vanity Fair (Mar. 19, 2014), [
    6QHP-XVAU]; Kim Zetter, The Crisis of Election Security, N.Y. Times (Sept. 26, 2018), https:// [https://]; see also Help America Vote Act of 2002 (HAVA): An Overview, Cornell L. Sch.: Legal Info. Inst., [https://] (explaining a general overview of HAVA and its effects).

  70. [70]. 52 U.S.C. § 20921 (2012); Fischer & Coleman, supra note 69, at 2–6.

  71. [71]. 52 U.S.C. §§ 21121, 20982.

  72. [72]. Id. § 21083.

  73. [73]. Id.

  74. [74]. See Register to Vote, supra note 16 (discussing different state registration procedures); see also National Mail Voter Registration Form, U.S. Election Assistance Commission, https:// [] [hereinafter National Registration Form] (describing the different information that states require voters to disclose).

  75. [75]. See National Registration Form, supra note 74 (describing different instructions each state requires in order to vote); see also Register to Vote, supra note 16 (explaining individual state voting procedures).

  76. [76]. National Registration Form, supra note 74; Register to Vote, supra note 16.

  77. [77]. Mass. Gen. Laws Ann. ch. 51, § 66 (West Supp. 2018); National Registration Form, supra note 74; Register to Vote, supra note 16; see also The Biggest Known Breach Ever: If You’re a Registered Voter, Your Information Was Exposed in a Massive Data Breach, Digg,
    registered-voter-data-breach [] (last updated June 27, 2019, 9:04 PM) (explaining the voter registration information exposed during a recent data breach).

  78. [78]. National Registration Form, supra note 74.

  79. [79]. See generally Nat’l Ass’n of Sec’ys of State, Maintenance of State Voter Registration Lists: A Review of Relevant Policies and Procedures (2017), available at [] (describing what Secretary of States do with voter registration lists in their individual states).

  80. [80]. 52 U.S.C. § 21083 (2012); see Nat’l Ass’n of Sec’ys of State, supra note 79.

  81. [81]. Registered Voter List Requests, Off. Minn. Secretary St.: Steve Simon, https://www.sos. [https://].

  82. [82]. Meta S. Brown, Voter Data: What’s Public, What’s Private., Forbes (Dec. 28, 2015, 9:30 PM), []; David Perera, Researcher: Voter Registration Data of 191 Million Exposed Online, Politico, [] (last updated Dec. 28, 2015, 4:59 PM).

  83. [83]. Brown, supra note 82.

  84. [84]. See Arkansas Voter Registration Data Request Policies and Instructions, Ark. Secretary St., available at [] (explaining that voter registration records for the entire state of Arkansas can be purchased for $2.50); see also infra Appendix (detailing the purchase price of data per state).

  85. [85]. See Conn. Gen. Stat. § 9-23 (2019) (providing that “name, residence, date of birth and date of admission” shall be entered into the state-wide registration system); see also id. § 9-19j (governing election day registration). See generally id. § 9-19k (governing online registration).

  86. [86]. Ken Dixon, Connecticut Secretary of State Moves to Shield Voter Data, Gov’t Tech. (Feb. 15, 2018), [].

  87. [87]. See id.

  88. [88]. Id.; Emilie Munson, Bills Focus on Protecting Voter Rolls; I.D. Theft a Potential Issue, ctpost, [] (last updated Feb. 26, 2018, 5:16 PM); see Christine Stuart, Connecticut Goes on Offensive to Protect Electoral System, CT News Junkie (Sept. 24, 2018, 4:17 PM), [].

  89. [89]. W. Va. Code Ann. § 3-2-30 (West 2014).

  90. [90]. West Virginia Voter Registration Application, W. Va. Secretary St., available at https:// [].

  91. [91]. W. Va. Code Ann. § 3-2-30.

  92. [92]. Vivian Wang, Public Records: Personal Information on New York City Voters Is Now Available for All to See, N.Y. Times (Apr. 26, 2019),
    voter-registration-nyc-online.html []; see also Voter Files Download Page, Frank LaRose: Ohio Secretary St., [] (demonstrating how to look up Ohio voter registration data for free online).

  93. [93]. Wang, supra note 92.

  94. [94]. Mass. Gen. Laws Ann. ch. 51, § 47C (West Supp. 2018).

  95. [95]. Id.

  96. [96]. Id. (“The names and addresses contained in said central registry shall not be a matter of public record; provided however, that they shall be available to state party committees, statewide candidate committees, state ballot question committees, the jury commissioner, adjutant general and any other individual, agency or entity that the state secretary shall designate by regulation ... .”).

  97. [97]. Massachusetts, Voter List Info., [].

  98. [98]. Mass. Gen. Laws Ann. ch. 51, § 37.

  99. [99]. Cal. Elec. Code § 17001 (West 2018).

  100. [100]. Id. § 2194(a)(2)(A)–(C).

  101. [101]. Cal. Gov’t Code § 6254.4(a) (West 2015).

  102. [102]. Cal. Elec. Code § 2194(b)(1).

  103. [103]. Minn. Stat. Ann. § 201.091(4) (West Supp. 2019).

  104. [104]. Office of the Minn. Sec’y of State, Registered Voter List Request (2018), available at [https://] [hereinafter Minnesota Voter List Form].

  105. [105]. Shiffer, supra note 13.

  106. [106]. Id.; see Minnesota Voter List Form, supra note 104 (describing the information that can be bought from the Secretary of State’s office).

  107. [107]. Voting and Registration in the Election of November 2016, U.S. Census Bureau, [] (last updated Apr. 2, 2019).

  108. [108]. Drew DeSilver, U.S. Trails Most Developed Countries in Voter Turnout, Pew Res. Ctr. (May 21, 2018), [].

  109. [109]. Millions Not Registered, supra note 16.

  110. [110]. Id.

  111. [111]. Id. Unfortunately, the poll done by PEW did not ask what specific data privacy concern voters had when they chose not to register.

  112. [112]. Nat’l Coal. Against Domestic Violence, Domestic Violence, available at https:// [] [hereinafter Domestic Violence Statistics].

  113. [113]. Id. Domestic violence is defined to include “willful intimidation, physical assault, battery sexual assault, and/or other abusive behavior.” Id.

  114. [114]. Id. (“Stalking causes the target to fear she/he/they or someone close to her/him/them will be harmed or killed.”).

  115. [115]. Help for Victims, Stalking Resource Ctr.,
    stalking-resource-center/help-for-victims [].

  116. [116]. See supra Part II.

  117. [117]. Voter Registration & Privacy, Tech. Safety, [].

  118. [118]. Id.

  119. [119]. eb, Victim: Address Confidentiality Program Not Working, SAVE (Dec. 2, 2011), http:// [https://].

  120. [120]. Id.

  121. [121]. Voter Registration & Privacy, supra note 117. Additionally, victims will “use an alternate ... address for a variety of public and official processes.” Id.

  122. [122]. See infra Appendix.

  123. [123]. See Voter Registration & Privacy, supra note 117.

  124. [124]. Id.; see also Mary Jo Pitzl, Some Using AZ’s ‘Confidentiality’ Program Find They Can’t Hide, azcentral., [] (last updated Dec. 1, 2016, 10:18 AM) (explaining some problems with the Arizona ACP).

  125. [125]. Greater Bos. Legal Servs. & Nat’l Network to End Domestic Violence, Address Confidentiality Laws by State (2016), available at
    51dc541ce4b03ebab8c5c88c/t/5a611cfa53450a0bfbecff8b/1516313850795/ACP+Chart+Sept+2016_Final.pdf [] [hereinafter Address Confidentiality Laws].

  126. [126]. Nev. Rev. Stat. Ann. § 217.462(4) (West 2017).

  127. [127]. Aki Peritz, Registered to Vote? Your State May Be Posting Personal Information About You Online., Wash. Post (Apr. 9, 2019, 5:00 AM),
    04/09/registered-vote-your-state-is-posting-personal-information-about-you-online [https://].

  128. [128]. April Zeoli & Shannon Frattaroli, Johns Hopkins Bloomberg Sch. Pub. Health, Fact Sheet: Domestic Violence Restraining Orders, available at
    Sheet_DVRO.pdf [].

  129. [129]. Wang, supra note 92.

  130. [130]. Peritz, supra note 127. Under North Carolina’s system, a “voter’s name, precinct and other data remains in the public record, even if” that person is enrolled in the ACP program. Id. A stalker or abuser could use that data to target their victim “because [they] will know where and when that person is likely to show up.” Id.

  131. [131]. Adrianna Iwasinski, Second Woman Says Changes Must Be Made to Florida Address Confidentiality Program,, [https://] (last updated Dec. 11, 2017, 7:56 PM).

  132. [132]. Id.

  133. [133]. Id.

  134. [134]. Id.

  135. [135]. Identity Theft, U.S. Dep’t of Just., [] (last updated Feb. 7, 2017).

  136. [136]. Id.

  137. [137]. Lyneka Little, What Can Thieves Find Using Your Zip Code?, ABC News (Feb. 23, 2011), []. A researcher at the University of Wisconsin-Madison was able “to predict the driver’s license numbers of 11 states: Florida, Illinois, Maryland, Michigan, Minnesota, Nevada, New Hampshire, New Jersey, New York, Washington, and Wisconsin” using a person’s full name and date of birth. Latanya Sweeney et al., Voter Identity Theft: Submitting Changes to Voter Registrations Online to Disrupt Elections, Tech. Sci. (Sept. 6, 2017), https:// [].

  138. [138]. Kim Porter, Can Your Identity Be Stolen with Only a Name and Address?, Norton LifeLock, [].

  139. [139]. Jim Finkle & Dustin Volz, Database of 191 Million U.S. Voters Exposed on Internet: Researcher, Reuters (Dec. 28, 2015, 6:23 PM), [].

  140. [140]. James Dawson, Here’s Who Really Has Access to Idaho’s Voter Data, Boise St. Pub. Radio (Nov. 7, 2017), [] (“While public voter databases don’t boast as much sensitive information as health records, for instance, [an expert] notes identity thieves can still piece together someone’s life through them.”).

  141. [141]. See supra Section II.D.

  142. [142]. Kristina Torres, Georgia: ‘Clerical Error’ in Data Breach Involving 6 Million Voters, Atlanta J.-Const. (Nov. 18, 2015),—regional-govt—politics/georgia-clerical-error-data-breach-involving-million-voters/pf3GlsIFyuF5ifgRYy5GAJ [

  143. [143]. Id.; see also Update on Georgia’s Voter Registration Database Security, Ga. Secretary St., [] [hereinafter Georgia Update] (alerting public to accidental distribution of media and political party data).

  144. [144]. Georgia Update, supra note 143.

  145. [145]. See Selena Larson, Data of Almost 200 Million Voters Leaked Online by GOP Analytics Firm, CNN: Bus. (June 19, 2017, 11:32 PM),
    voter-data-leaked-online-gop/index.html []; see also Zack Whittaker, Millions of Texas Voter Records Exposed Online, TechCrunch (Aug. 23, 2018, 4:16 PM), https:// [
    TR5A-3PDY] (discussing data breach at data-driven political firm).

  146. [146]. See Jason Murdock, U.S. Voter Data Was Leaked Online, Exposing Citizen Information, Newsweek (July 19, 2018, 10:54 AM), []; see also Zach Whittaker, Thousands of US Voters’ Data Exposed by Robocall Firm, ZDNet (July 18, 2018, 2:30 PM), [https://] (stating robocall firm gathered personal identification of voters including “name, address, and . . . political affiliation”).

  147. [147]. Finkle & Volz, supra note 139.

  148. [148]. Brooke Crothers, 35 Million Voter Records up for Sale on the Dark Web, N.Y. Post (Oct. 19, 2018, 9:21 AM), [].

  149. [149]. Id.

  150. [150]. Id.

  151. [151]. 2016 Presidential Campaign Hacking Fast Facts, CNN,
    2016/12/26/us/2016-presidential-campaign-hacking-fast-facts/index.html [
    7CSE-T5ST] (last updated May 2, 2019, 2:40 PM).

  152. [152]. U.S. Senate Select Comm. on Intelligence, Russian Targeting of Election Infrastructure During the 2016 Election: Summary of Initial Findings and Recommendations 1 (2018), available at
    russia-inquiry [] [hereinafter Russian Senate Report].

  153. [153]. Id.

  154. [154]. David E. Sanger & Catie Edmondson, Russia Targeted Election Systems in All 50 States, Report Finds, N.Y. Times (July 25, 2019),
    russian-hacking-elections.html [].

  155. [155]. Sweeney et al., supra note 137.

  156. [156]. Estimated 35 Million Voter Records for Sale on Popular Hacking Forum, Anomali (Oct. 15, 2018), [].

  157. [157]. Id.

  158. [158]. Online Voter Registration, Nat’l Conference of State Legislatures (Oct. 25, 2019), [].

  159. [159]. Id.

  160. [160]. Id.

  161. [161]. Id.

  162. [162]. Sweeney et al., supra note 137.

  163. [163]. Id.

  164. [164]. Id.

  165. [165]. Id.

  166. [166]. Id.

  167. [167]. Id. Florida, California, and Virginia all have absentee ballot systems that would make them vulnerable to this form of attack. Id.

  168. [168]. Id.

  169. [169]. Id.

  170. [170]. Id.

  171. [171]. See id.

  172. [172]. See id.

  173. [173]. Wide Gender Gap, Growing Educational Divide in Voters’ Party Identification: 1. Trends in Party Affiliation Among Demographic Groups, Pew Res. Ctr. (Mar. 20, 2018), [https://].

  174. [174]. Jeff Horseman, Riverside County: District Attorney Claims Voters’ Party Affiliations Purposely Changed Without Consent, Press-Enterprise (July 7, 2016, 1:10 AM),
    07/07/riverside-county-district-attorney-claims-voters-party-affiliations-purposely-changed-without-consent [].

  175. [175]. Id.

  176. [176]. Id.

  177. [177]. See id.

  178. [178]. Id.

  179. [179]. Massimo Calabresi, Inside the Secret Plan to Stop Vladimir Putin’s U.S. Election Plot, Time (July 20, 2017), [https://].

  180. [180]. See generally Donald P. Green & Alan S. Gerber, Get Out the Vote: How to Increase Voter Turnout (Brookings Inst. Press 3d ed. 2015) (discussing data from studies on the effectiveness of voter mobilization through various messaging tactics, including by email, phone calls, and door-to-door canvassing).

  181. [181]. Brown, supra note 82; Ruth Igielnik et al., Commercial Voter Files and the Study of U.S. Politics: Demystifying the Digital Databases Widely Used by Political Campaigns, Pew Res. Ctr. (Feb. 15, 2018), []; see also Joy Cushman, The Trump Campaign Knows Why Obama Won. Do Democrats?: More Democratic Elites Should Get Back to Organizing, N.Y. Times (Aug. 26, 2019), [] (“We must abandon flawed ‘voter propensity scores,’ assigned before the election to predict a person’s likelihood to cast a ballot. These scores are like party invitations. If you weren’t invited to or didn’t show up to the last party, you don’t get invited again.”).

  182. [182]. Voter Turnout, FairVote, [].

  183. [183]. Cushman, supra note 181.

  184. [184]. Laura Paisley, Political Polarization at Its Worst Since the Civil War: Data Scientists Try to Explain the U.S. Government’s Shifting Ideologies over the Past Four Decades, USC News (Nov. 8, 2016), [https://].

  185. [185]. Sean Illing, A Political Scientist Explains How Big Data is Transforming Politics, Vox (Mar. 16, 2017, 10:50 AM), [].

  186. [186]. Ryan D. Enos et al., Increasing Inequality: The Effect of GOTV Mobilization on the Composition of the Electorate, 76 J. Pol. 273, 286 (2014).

  187. [187]. Illing, supra note 185.

  188. [188]. See supra Part II.

  189. [189]. Kwame N. Akosah, Note, Cracking the One-Way Mirror: How Computational Politics Harms Voter Privacy, and Proposed Regulatory Solutions, 25 Fordham Intell. Prop. Media & Ent. L.J. 1007, 1047 (2015).

  190. [190]. Id. at 1049.

  191. [191]. Id.

  192. [192]. Id. at 1049–50.

  193. [193]. Id. at 1049.

  194. [194]. Globe Newspaper Co. v. Superior Court for Norfolk, 457 U.S. 596, 611 (1982) (O’Connor, J., concurring).

  195. [195]. Douglas R. Hess, States Are Ignoring Federal Law About Voter Registration. Here’s Why., Wash. Post (July 4, 2015),
    states-are-ignoring-federal-law-about-voter-registration-heres-why [].

  196. [196]. Id.

  197. [197]. Mass. Gen. Laws Ann. ch. 51, § 47C (West Supp. 2018).

  198. [198]. Drew DeSilver, U.S. Population Keeps Growing, but House of Representatives Is Same Size as in Taft Era, Pew Res. Ctr. (May 31, 2018), [https://].

  199. [199]. Cal. Elec. Code § 2188 (West 2018).

  200. [200]. Thanks to Big Data, US Parties Know All About Voters, Phys.Org (Jan. 24, 2016), [].

  201. [201]. Id.

  202. [202]. While each state does have this restriction in place, it is important to note that this restriction comes from different sources. Some states have explicitly prohibited it via statute while others simply rely on the internal policy workings of the Secretary of State’s office. Thus, a federal statute would provide a uniform source of authority for protecting this information.

  203. [203]. Is There a Federal Factor in the Voter Records Leak?, FCW (Jan. 6, 2016),
    articles/2016/01/06/voter-records-feds-noble.aspx [].

  204. [204]. Minn. Stat. Ann. § 5B.03 subdiv. 1(2) (West Supp. 2019); Md. Code Regs.
    § (2018).

  205. [205]. Using publicly available registration data, a former C.I.A. agent was able to determine the addresses of numerous state governors and other famous politicians. Peritz, supra note 127. While it is intuitive why these politicians should have their data protected, they are still tragically exposed in some states.

  206. [206]. Okla. Stat. tit. 26, § 4-115.2 (2019).

  207. [207]. Nat’l Prots. & Programs Directorate, Dep’t of Homeland Sec., Securing
    Voter Registration Data 2–3 (2018), available at
    publications/Securing%20Voter%20Registration%20Data_0.pdf [].

  208. [208]. See generally Russian Senate Report, supra note 152 (discussing potential security precautions to take in light of Russia’s attempt to interfere with the 2016 election).

  209. [209]. Akosah, supra note 189, at 1048–49.

  210. [210]. Data Protection: Rules for the Protection of Personal Data Inside and Outside the EU, Eur. Commission, [

  211. [211]. General Data Protection Regulation 2019: Data Protection Compliance for Your Organisation, ecanvasser, [

  212. [212]. 52 U.S.C. § 20501 (2012). This statutory language is drawn directly from the National Voter Registration Act of 1993. These general, broad-sweeping findings are common in new federal statutes.

  213. [213]. Id. This type of language is also fairly universal in federal statutes.

  214. [214]. Id. § 20501(b)(3).

  215. [215]. The definitional section is being omitted because it would likely involve complicated cross-references to other federal statutes and take up additional space that would likely not be beneficial. For an example of a definitional section in an election law, see id. § 20502.

  216. [216]. Mass. Gen. Laws Ann. ch. 51, § 47C (West Supp. 2018).

  217. [217]. Id.

  218. [218]. Id.

  219. [219]. Id.

  220. [220]. Cal. Elec. Code § 2194 (West 2018). This provision is drawn from the California election code and provides the previously described use restriction protection.

  221. [221]. Id. § 2194(a)(2).

  222. [222]. Id. § 2194(a)(2)(A).

  223. [223]. Id. § 2194(a)(2)(B).

  224. [224]. Id. § 2194(a)(2)(C).

  225. [225]. Haw. Rev. Stat. § 11-14(d) (Supp. 2016).

  226. [226]. Minn. Stat. § 5B.03 subdiv. 1(2) (2019).

  227. [227]. Id.

  228. [228]. Id.

  229. [229]. Much of the logistical information surrounding an ACP, while certainly important, is excessively long and not necessarily beneficial for understanding the importance of having a flexible ACP which was my true purpose in providing this section. For an example of the multiple chapters of logistical information that can surround an ACP, consult any one of the state statutes cited in the Appendix.

  230. [230]. This figure is simply a placeholder and should certainly not be taken any sort of guidepost. Without information about the current status of state ACPs, nor information about actual costs, it would be incredibly difficult to make an accurate price estimate in this Note.

  231. [231]. This figure is also a placeholder. It is difficult to estimate the true cost of implementing some of these data privacy reforms without having additional information that is well beyond the scope of this Note.


J.D. Candidate, The University of Iowa College of Law, 2020; B.A., St. John’s University (MN), 2017.

I would like to personally thank Professor Chris Liebig, Emma Russ, Derek Miller, and the rest of the editorial board for the many hours of work they put into this piece. I’d also like to thank my parents, Don and Tina, for their constant love and support.