A Marion Superior judge has ordered Indiana Secretary of State Connie Lawson to produce documents to back up her claim that the public should not see emails and other communications about the reliability and security of voting machines because they could jeopardize cyberterrorism security.
Judge Heather Welch ruled Tuesday that Lawson did not provide adequate justification for withholding the materials and ordered her to produce some of the documents for inspection in chambers.
In a 27-page ruling, the judge ordered Lawson to submit the materials that she had withheld based on the counterterrorism exception so that she may examine them in private.
A spokesman for Lawson declined comment on Wednesday.
The matter arose after a national group of cybersecurity experts sued Lawson last year, saying she has refused to turn over emails and other communications about the reliability and security of voting machines, despite numerous requests.
The experts, known as the National Election Defense Coalition, claimed she unlawfully denied access to public records regarding election security.
Lawson was recently president of the National Association of Secretaries of State, and, in that position, issued statements about the security and trustworthiness of U.S. voting systems. The cybersecurity group said some of Lawson’s statements were “inaccurate and potentially detrimental” to election security efforts.
As an example, it pointed to Lawson’s testimony in June 2017 to the U.S. Senate Select Committee’s investigation into Russian interference in the 2016 election, in which she said it was “very important to underscore that voting machines are not connected to the Internet or networked in any way.”
The coalition disputed that statement, saying many voting machines certified for use in Florida, Illinois, Michigan, and Wisconsin contained wireless modems that connect to the Internet and expose voting machines to online attacks. It added that some voting systems were found to be configured with remote-access software.
The cybersecurity group said it repeatedly tried to ascertain the sources of information used in Lawson’s public statements.
It submitted a records request under the Indiana Access to Public Records Act in September 2018, seeking copies of communications between Lawson’s office and the national association, and later amended its request to cover only specific email domains and communications containing specific election security-related keywords.
“After nine months of fruitless exchanges and Secretary Lawson’s repeatedly evolving explanations for denial and delay, NEDC still hasn’t received the vast majority of public records that it requested from the Secretary,” Ron Fein, Legal Director of Free Speech For People, said in a statement Wednesday. “The ruling today is an important victory in ensuring that the public have access to essential information regarding the reliability and security of voting machines.”
Lawson’s office argued the information was exempt from public disclosure.
Free Speech For People is representing the cybersecurity group pro bono in this matter, with the assistance of William Groth of Macey Swanson LLP. He said in a statement Lawson’s claims that no voting devices were connected to the Internet are not accurate.
“Many voting machines certified for use in states such as Florida, Illinois, Michigan, and Wisconsin contain wireless modems which connect to the Internet and expose voting systems to online attacks. In addition, there have been multiple jurisdictions (in states such as Pennsylvania) whose voting systems were found to be configured with remote-access software installed. Remote-access software facilitates remote control of the system over the Internet. In many cases, the vendor sold systems with deliberately installed off-the-shelf ‘pcAnywhere’ remote-access software on voting system devices,” Groth said.
The case is National Election Defense Coalition v. Connie Lawson, 49D01-1906-PL-024866.
Indiana Lawyer contributed to this report.