wa-law.org > bill > 2023-24 > SB 5459 > Original Bill
The legislature finds that requests for records concerning voter registration information, election data, and systems and processes of election administration have increased exponentially over the last several years. The legislature further finds that public access to these requested records increases the public confidence in electoral processes through greater public transparency. The legislature intends to clarify responsibilities for producing records containing election information to improve the efficiency in which they are made available.
In compliance with the Help America Vote Act (P.L. 107-252), the centralized statewide voter registration list maintained by the secretary of state is the official list of eligible voters for all elections.
In all counties, the county auditor shall be the chief registrar of voters for every precinct within the county.
Requests for records from, or any existing standard reports generated by, the statewide voter registration database must be submitted to and fulfilled by the secretary of state per Title 42 RCW. If a county elections office receives a request for records from, or any existing standard reports generated by, the statewide voter registration database, the county elections office is not required to produce any records in response to the request, but shall, by the deadline set forth in RCW 42.56.520, direct the requestor to submit the request to the secretary of state.
The following information relating to security is exempt from disclosure under this chapter:
Those portions of records assembled, prepared, or maintained to prevent, mitigate, or respond to criminal terrorist acts, which are acts that significantly disrupt the conduct of government or of the general civilian population of the state or the United States and that manifest an extreme indifference to human life, the public disclosure of which would have a substantial likelihood of threatening public safety, consisting of:
Specific and unique vulnerability assessments or specific and unique response or deployment plans, including compiled underlying data collected in preparation of or essential to the assessments, or to the response or deployment plans; and
Records not subject to public disclosure under federal law that are shared by federal or international agencies, and information prepared from national security briefings provided to state or local government officials related to domestic preparedness for acts of terrorism;
Those portions of records containing specific and unique vulnerability assessments or specific and unique emergency and escape response plans at a city, county, or state adult or juvenile correctional facility, or secure facility for persons civilly confined under chapter 71.09 RCW, the public disclosure of which would have a substantial likelihood of threatening the security of a city, county, or state adult or juvenile correctional facility, secure facility for persons civilly confined under chapter 71.09 RCW, or any individual's safety;
Information compiled by school districts or schools in the development of their comprehensive safe school plans under RCW 28A.320.125, to the extent that they identify specific vulnerabilities of school districts and each individual school;
Information regarding the public and private infrastructure and security of computer and telecommunications networks, consisting of security passwords, security access codes and programs, access codes for secure software applications, security and service recovery plans, security risk assessments, and security test results to the extent that they identify specific system vulnerabilities, and other such information the release of which may increase risk to the confidentiality, integrity, or availability of security, information technology infrastructure, or assets;
The system security and emergency preparedness plan required under RCW 35.21.228, 35A.21.300, 36.01.210, 36.57.120, 36.57A.170, and 81.112.180; and
Personally identifiable information of employees, and other security information, of a private cloud service provider that has entered into a criminal justice information services agreement as contemplated by the United States department of justice criminal justice information services security policy, as authorized by 28 C.F.R. Part 20
.
The following information related to election security is exempt from disclosure under this chapter:
The continuity of operations plan for election operations and any security audits, security risk assessments, or security test results, relating to physical security or cybersecurity of election operations or infrastructure. These records are exempt from disclosure in their entirety;
Those portions of records, manuals, or documentation containing technical details and information regarding election infrastructure, which include the systems, software, and networks that support the election process, the public disclosure of which may increase risk to the integrity of election operations or infrastructure;
Voter signatures on ballot return envelopes, ballot declarations, and signature correction forms, including the original documents, copies, and electronic images; and a voter's phone number and email address contained on ballot return envelopes, ballot declarations, or signature correction forms. The secretary of state, by rule, may authorize in-person inspection of unredacted ballot return envelopes, ballot declarations, and signature correction forms in accordance with RCW 29A.04.260;
Records regarding the infrastructure of a private entity submitted to elections officials are exempt from disclosure for a period of 25 years after the creation of the record when accompanied by an express statement that the record contains information about the private entity's infrastructure and public disclosure may increase risk to the integrity of election operations or infrastructure; and
Voted ballots, voted ballot images, copies of voted ballots, photographs of voted ballots, facsimile images of voted ballots, or cast vote records of voted ballots, starting at the time of ballot return from the voter, during storage per RCW 29A.60.110, and through destruction following any retention period or litigation.
The exemptions specified in subsection (1) of this section do not include information or records pertaining to security breaches, except as prohibited from disclosure under RCW 29A.12.200.
The exemptions specified in subsection (1) of this section do not prohibit an audit authorized or required under Title 29A RCW from being conducted.
Requests for records from or any existing reports generated by the statewide voter registration database established under RCW 29A.08.105 must be submitted to and fulfilled by the secretary of state. If a county elections office receives a request for records from or any existing reports generated by the statewide voter registration database established under RCW 29A.08.105, the county elections office is not required to produce any records in response to the request, but shall, by the deadline set forth in RCW 42.56.520, direct the requestor to submit their request to the secretary of state.