This bill mandates the secretary of state to establish a vulnerability disclosure program for specific election systems. It amends RSA 652:23, designating the secretary of state as the chief election officer responsible for providing comprehensive information on voter registration and absentee ballot procedures. The new provisions include a requirement for the secretary to implement a public vulnerability disclosure program within 180 days of the bill's effective date. This program must align with the recommendations from the "Guide to Vulnerability Reporting for America's Election Administrators," published by the Cybersecurity and Infrastructure Security Agency, to facilitate the reporting of security vulnerabilities by security researchers and the public.

The bill also emphasizes collaboration with the cybersecurity advisory committee established in RSA 21-R:16 to ensure the program's effectiveness. The insertion of these provisions aims to enhance the security of election systems by promoting transparency and encouraging proactive reporting of vulnerabilities. There are no deletions from the current law noted in this bill. The act is set to take effect immediately upon its passage.

Statutes affected:
Introduced: 652:23, 21-R:16
As Amended by the House: 652:23, 21-R:16
As Amended by the Senate: 652:23