Protecting Voter Registration Data
A County’s voter registration database is stored inside their election management system (EMS). This election system is located on a computer maintained by the Registrar of Voters (ROV). All EMS systems used in California must work with the statewide voter registration database, VoteCal, and EMS vendors are required to place their computer programs in a secure facility approved by the Secretary of State. For more information, see Chapter 7 of Division 2 of the California Elections Code.
Based on a recent study of the County’s security and infrastructure, the ROV upgraded firewalls and servers to better protect against threats and vulnerabilities and improve ROV’s overall security using guidelines from the National Institute of Standards and Technology (NIST). The County also uses tools that allow staff to monitor incoming and outgoing data and attempts to access.
The ROV works closely with the County’s Information Security Office, Privacy Office, and County Counsel to be sure staff has access to current guidelines for data security. The County’s “Defense in Depth” security plan includes different layers, such as physical (security fences and cameras) technical (data encryption), and administrative (policies and procedures). The ROV works with the County’s Information Security Office to train staff about data security and how to recognize and report any suspicious activity, social engineering and other potential cyber threats.
Accessing Voter Registration Data
In California, the law makes voter registration information confidential and unavailable to the general public. Most importantly, your signature nor your state identification number (driver’s license or social security number) cannot be given to anyone. It is also against the law to send voter registration information outside of the United States.
California law allows certain people and groups to access registration data, if they meet certain criteria and declare they will only use it for legal purposes. A key step to protecting voter registration data is to thoroughly evaluate all requests for access. The ROV must be sure applicants meet all requirements and that the data will only be used as allowed by law.
For more information about access to confidential voter information, please see our Voter Privacy Statement. Current Regulations regarding the statewide database and voter registration data that can be found in Chapters 1 and 2, Division 7, Title 2 of the California Administrative Code.
Click HERE to see a list of infrastructure and access security standards in place for protecting data held in the Election Management System.
Click HERE to read our list of Frequently Asked Questions about Election Security and Administration for more details.