For all the uncertainty surrounding the Trump campaign's associations with Russia, one thing remains clear: A foreign power interfered in the US presidential race, with hackers targeting the election systems of 21 states to do so. And yet the government has done precious little to keep it from happening again. The inaction stems not from laziness or ignorance but a deep, possibly unbridgeable divide between state and federal powers.

So far this year, a handful of special elections in the US have gone smoothly, but the threat from Russia still looms, especially as the 2018 midterm races approach. France recently saw Kremlin-led meddling in its own presidential contest, and Germany has expressed fears over its upcoming election as well. Alarmism may not be productive, but states do have reason to worry.

Local officials, though, have bristled at the Department of Homeland Security's move to designate election systems as "critical infrastructure," a move designed to unlock resources for system defense upgrades and improve state–federal communication. Everyone agrees that security matters; how to get there is another matter entirely.

Remote Control

The secretaries of state for each state (who, in most cases, act as the top election officials) argue that the move effectively federalizes elections, and imposes uniformity in a way that threatens the diversity and independence that makes the current US election system robust. It hasn't helped matters that DHS continues to keep them in the dark about information relevant to potential threats—including which 21 states Russia breached.

"How many elections have they run? That would be zero," says Maine Secretary of State Matt Dunlap about DHS. "The critical infrastructure designation gives me pause because it gives them significant control over how the states run their elections. While they say, 'We have no intention of taking this over,' the history of the relationship between the federal agencies and state governments is that they know better and they’re going to tell us what to do."

DHS claims that the designation simply makes security expertise and funding available, while also improving communication and threat information-sharing between federal and state groups. "The establishment of a subsector does not create federal regulatory authority," DHS cyberdivision special advisor Samuel Liles said in testimony before the Senate Select Committee on Intelligence, in June. "Elections continue to be governed by state and local officials, but with additional prioritized effort by the federal government to provide voluntary security assistance."

The National Association of Secretaries of State, which has vocally opposed the critical infrastructure designation from the start, remains skeptical. Many NASS members contend that DHS has already left states out of the loop about last year's election-meddling, despite the agency's promises of information-sharing. NASS spokesperson Kay Stimson also notes that despite repeated requests in the past seven months, secretaries still have no way to obtain security clearances so that they can directly discuss classified election system threats with federal officials. The Department of Homeland Security did not return a request from WIRED for comment.

An Urgent Threat

Experts say that spats between NASS and DHS groups have created problematic delays in efforts to secure electoral systems. "Nobody is feeling this urgency enough," says Lawrence Norden, who coauthored the a recent report, "Securing Elections From Foreign Interference," from New York University School of Law's Brennan Center. "There’s a collective action problem. In 2000 everyone looked at Florida and said, 'What a massive disaster these systems are. We need to replace them.' So even though you had the breaches this time, nobody can point to one terrible thing that happened to voters on Election Day, and I think that’s a big difference."