Emerging Tech: The Future of State Local & Higher ED IT – A StateScoop and EdScoop Special Report
Data and Analytics – A StateScoop and EdScoop Special Report
Cyber Protection Starts With Workforce – Presented by Proofpoint
Nominations are now open for the 2024 StateScoop 50 Awards.
By
Missouri Auditor Scott Fitzpatrick released an audit report on Monday that alleges Missouri Secretary of State Jay Ashcroft refused to provide him with copies of the cybersecurity reviews of Missouri’s 116 local election authorities, which he said violates state law.
House bill 1878, passed by the Missouri General Assembly in 2022, requires the Missouri Secretary of State’s office and local election authorities to receive cybersecurity reviews every two years and submit those reviews to the state auditor’s office.
“The law clearly provides our audit staff with the authority to receive and review this information, and it’s disappointing the Secretary of State’s Office stood in the way of our efforts to perform a thorough analysis of how the new cyber security reviews have been implemented,” Fitzpatrick said in a statement.
Ashcroft’s office issued a formal response, which is included in the audit report and disputes its findings, arguing that sharing the cybersecurity reports with Fitzpatrick’s office risks revealing confidential information.
The audit also criticized the secretary’s decision to end Missouri’s participation in the Electronic Information Registration Information Center, or ERIC, a national system designed to improve the accuracy of voting rolls, without consulting stakeholders or planning its replacement, which, the report says, impacts the state’s local election authorities’ ability to correct inaccurate voter records.
“I can respect why Secretary Ashcroft felt it was necessary to end the relationship with ERIC, but that doesn’t negate the responsibility to have a plan to replace that data so the office has a reliable way to ensure we don’t have dead voters registered in Missouri as we enter a major election year,” Fitzpatrick said, citing an example in St. Louis County, the state’s largest election jurisdiction, where the audit found that election authorities used ERIC to remove thousands of deceased voters from their voter rolls.
Last year, Ashcroft alleged that ERIC failed to recruit states to address voter fraud and had instead focused on adding names to voter rolls by targeting people who already had the ability to register. Ashcroft’s formal response, cited in the audit report, defends his decision to leave the program, and follows ERIC’s refusal to update its system.
However, the audit found that Ashcroft’s office did not fully evaluate the benefits of the system before ending the state’s membership. Fitzpatrick said in the report that the state’s exit made the process of maintaining accurate voting rolls less efficient for county clerks.
The Kansas City Star reported that Ashcroft spokesperson JoDonn Chaney said in an email that the audit was purely based on Fitzpatrick’s opinions and that Ashcroft’s office did not violate state law.
“This is the first time in the seven years that the auditor’s office has made any kind of evaluation of our office,” Chaney wrote in the email. “Though we appreciate their perspective, we believe the opinion-based conclusions have little to do with the overall lawful performance of the secretary of state’s office.”
Fitzpatrick’s audit gave the secretary’s office a rating of “fair,” the second-lowest, raising questions about Ashcroft’s tenure in the Missouri Secretary of State’s Office. The audit’s release also comes amid Ashcroft’s 2024 gubernatorial campaign for governor of Missouri.
The state auditor’s office is not seeking legal action against Ashcroft or his office.