President Trump used a primetime address Thursday night to demand Congress pass the SAVE America Act and end mail voting except for illness, disability, military service, or travel. That ban is on the White House website. It is not in the bill.
He spoke for 25 minutes from the White House on July 16, and as he spoke, the administration posted four collections of declassified documents at whitehouse.gov/election-integrity to prove the case. The documents are worth reading, because in several places they say less than the speech does.
The number is redacted in the document meant to prove it
The centerpiece: China "carried out what is believed to be the largest compromise of election data in history — resulting in China's illicit acquisition of 220 million U.S. voter files."
The intelligence document released to support the figure says this:
"…were aware in [REDACTED] 2020 [REDACTED] had [REDACTED] U.S.-origin databases, [REDACTED] contain the personally identifiable information (PII) of [REDACTED] million Americans."
The number is blacked out. They declassified the document and left the count classified.
A second document in the same collection describes what China actually held. Its title names the PRC (the People's Republic of China): "PRC Possesses List of Likely Leaked, Compromised Data that Included U.S. [redacted] Entities in 2019." The text says the list "included 97 entries that were explicitly identified as originating from U.S. … entities — though the majority of [the] list consisted of data from other countries," that "most of the data involved private companies, government organizations, and NGOs," and that it was "primarily dated from between 2009 and 2018."
Ninety-seven U.S. entries. Most of the data foreign, most of it not voter records, and years old. That is the material behind "220 million U.S. voter files."
What the intelligence establishes, and what it doesn't
Chinese intelligence analyzed voter registration data to conduct public opinion analysis. Analyzing is not stealing, and no intelligence assessment concludes any foreign power altered a vote, a ballot, or a count in 2020 or 2024.
The data isn't secret. Voter files are sold in all 50 states; most sell to anyone who asks, and North Carolina and Ohio post theirs online for free. The government said as much in a September 2020 bulletin from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA):
"In reality, much U.S. voter information can be purchased or acquired through publicly available sources."
The administration's own analysis, according to CNN's reporting, was built from commercially available databases — the same class of data it calls stolen.
There's a real point buried under the exaggeration, and it deserves saying plainly: the released assessments do warn that adversaries have the capability to compromise election infrastructure, and voter registration databases are a named target. That warning is legitimate. It is also years old, and it is a warning about capability — not a finding that anyone changed a result.
278,000 is two counts under one headline
The page says the Department of Homeland Security (DHS) "identified approximately 278,000 non-citizens who are registered to vote in federal elections."
The underlying documents describe two separate figures. One reports "over 250,000 non-citizens … illegally registered to vote in just the four states for which public data files have been reviewed." Another says DHS matching across 25 states found "over 28,000 non-citizens." The headline number appears to combine two different populations counted by two different methods; the arithmetic — 250,000 plus 28,000 — is the reason to suspect it.
The page adds: "Since Democrat states refused to share their voter files, the real number is actually much higher." But the four states that produced the 250,000 are California, Pennsylvania, New Jersey and Nevada. Their files were reviewed. They are the bulk of the number.
And these are flags from a screening database, not confirmed registrations — with no published methodology. Where local officials have actually checked the flags, they fall apart in one direction. In St. Louis County, roughly 35% of those flagged were naturalized citizens who had registered at their own naturalization ceremonies. In Boone County, Missouri, the clerk received 74 flags; more than half were citizens, and one flagged registration carried her own staff member's initials — that staffer had registered the man at his naturalization ceremony. The county's count fell from 74 to 33.
Nevada's Secretary of State, Francisco Aguilar: "These numbers are wildly speculative at best, and DHS has not shared anything that backs it up."
None of this is a claim that anyone voted. Registration is not a ballot.
The agency accused of the cover-up
The White House page doesn't only claim China took the data. It claims the government hid it: "Members of the Deep State in our intelligence agencies worked to actively suppress and downplay information … covering it up from both the President and the American People."
The administration's answer to the obvious question — then why cut the agency? — is that it distrusts CISA precisely because it believes CISA politicized election security. That's a coherent position. It runs into one structural fact: CISA did not certify elections and had no authority to. Election administration belongs to the states. CISA offered voluntary services — assessments, scans, threat intelligence, training. There was no verdict for it to capture.
What CISA did say, in a November 12, 2020 joint statement signed by ten officials across two councils, was: "The November 3rd election was the most secure in American history." After 2024, then-director Jen Easterly said: "Importantly, we have no evidence of any malicious activity that had a material impact on the security or integrity of our election infrastructure." Note the qualifier — not that nothing happened, but that nothing that happened changed a result. Both statements are still on cisa.gov, both now under an "Archived Content" banner.
Here is the part that doesn't resolve into a cover-up. Beginning in February 2025, the administration froze CISA's election work and cut roughly 130 staff. In March it ended funding for the EI-ISAC (the federal hub that shared election-security threats with states), telling them it "no longer supports Department priorities." The remaining services thinned to the point that states turned to fusion centers, universities, and the National Guard. In April, the FY27 budget proposed eliminating CISA's election security program outright.
So the administration is making two claims at once: that American elections are dangerously insecure, and — through its own budget — that the federal government should stop helping secure them. Those aren't contradictory on their face. But they are a choice about priorities, made in public, and worth weighing against a speech devoted to the opposite claim.
Yes, the machines have real vulnerabilities
The speech's strongest ground is voting machines, and it's worth conceding what's true: independent researchers have documented genuine vulnerabilities in U.S. voting equipment. J. Alex Halderman demonstrated exploitable flaws in Georgia's Dominion ballot-marking devices, in an expert report for the Curling v. Raffensperger litigation; the DEF CON Voting Village breaks real machines open every year. And on June 3, 2022, CISA issued an advisory confirming those Dominion vulnerabilities — while stating, in the same document, that it had "no evidence that these vulnerabilities have been exploited in any elections." Anyone who says the machines are flawless is wrong. Anyone who says the flaws changed an election has, by the government's own account, no evidence for it — the documented exploits require physical access and live in lab conditions.
One more thing is true, and it's specific to what the White House actually released. The document it posted on machine "vulnerabilities" is about Smartmatic, a vendor used in exactly one U.S. jurisdiction — Los Angeles County — where the county owns the source code. The intelligence in it concerns a manipulation capability Venezuela was developing for machines used in Venezuela; a 2006 assessment in the same vein concluded the capability could not reach elections outside Venezuela, and where Venezuela rigged its own votes it did so through insider access, which has no path into a U.S. county's system.
Real vulnerabilities, no evidence of exploitation, and a headline example that doesn't touch the machines almost any American votes on.
The bill
The SAVE America Act had already failed in the Senate in June, short of the 60 votes it needed. Republicans then tried to attach it to the defense authorization bill; that failed too, when 14 Republicans joined Democrats to kill the rule, 198–224, on June 30.
So they moved it. On July 15 the House passed H.R. 8595 — a State Department appropriations bill — 217–209. A separate resolution instructs the Clerk to add the voting law's text "as new matter at the end of H.R. 8595" at engrossment: after the vote, on the way out the door. Read the appropriations bill itself and you'll find the U.S. foreign-aid agency (USAID) eliminated, UN contributions zeroed, a new $1.5 billion fund — and not one word about voting, because the words aren't in it yet.
Read the voting text — S. 1383, as the House passed it — and there is no ban. There is this:
"the appropriate State or local election official may not accept any ballot … provided by an individual who votes other than in person unless the individual submits with the ballot … a copy of a valid photo identification"
That's an identification requirement. It assumes mail voting continues — you don't write rules for accepting a ballot you intend to prohibit. The bill does carve out military and disabled voters, but from the ID requirement, not from a ban: those voters are excused from sending a photo-ID copy, not granted rare permission to vote by mail while everyone else is barred. "Illness" and "travel" appear nowhere in the 32-page text.
The likely source of the error is in the bill itself. Every other mention of "mail" refers to the national mail voter registration form — the postcard you register with, which the bill does tighten. Mail registration is not mail voting. Someone appears to have read carve-outs from an ID rule, called them exceptions to a prohibition, and added two categories that aren't there.
The president votes by mail
There's a reason the distinction between requested absentee ballots and universal mail-out voting matters here: it's the distinction Trump himself draws. He objects to states mailing ballots to every voter unbidden; he treats a specifically requested absentee ballot as a different thing.
By that standard, his own vote was legitimate — which is the point. On March 24 he requested and cast a mail ballot in a Florida special election for House District 87, the district that contains Mar-a-Lago; Palm Beach County records show no standing vote-by-mail request on file, so he asked for that ballot deliberately. Weeks earlier he had called mail voting "mail-in cheating." Asked to square it: "because I'm president of the United States … I did a mail-in ballot for elections that took place in Florida." The exceptions he lives by are narrower than a ban — which is exactly what his own bill does, and the White House's description of it doesn't.
What's actually known about mail-voting fraud
Documented mail-voting fraud is vanishingly rare. A Brookings Institution analysis published in November 2025 — drawing on the Heritage Foundation's own fraud database, a conservative source — found about four proven cases per 10 million mail votes across the 2016, 2018, 2020 and 2022 general elections, a rate of 0.000043%. It's a count of adjudicated cases, not a measurement of everything undetected, and it doesn't include 2024. Even read as a floor, from the movement's own database, it is very close to the ground.
The practice is older than the fight over it. Pennsylvania authorized mail voting in 1813, for soldiers in the War of 1812. By 1864, nineteen Northern states let soldiers vote from the field, and more than 150,000 did.
It was contested then for the reason it's contested now: soldiers broke about 78% for Lincoln against 54% of civilians, and the parties knew it. Where Democrats controlled the legislature, soldier-voting bills mostly failed, argued down as unconstitutional and open to fraud. And the fraud that was actually prosecuted ran the other way — a New York ring forged ballots using, in one contemporary account, "active enlisted men, wounded and dead soldiers, and officers who never existed," votes cast for McClellan, the Democrat. They were caught because the totals were impossibly lopsided.
Why it's hard to steal
Trump's case pictures American elections as one system with one way in. There isn't one.
Elections here are run locally. The federal government's 2024 survey counted 6,461 reporting jurisdictions — and that undercounts the work, because it tallies who files paperwork, not who runs elections: Michigan reports 83 counties while some 1,520 cities and townships actually administer the vote. Count the administering bodies and the real number is closer to 8,000. Different machines, different ballots, different rules, different people, most of them neighbors, many of them volunteers.
That's what the speech asks you to set aside. A foreign government can buy every voter file in America — legally, from the states, for a fee — and still be nowhere near a vote count. As election expert David Becker put it: "I might have the entire class list for a college or university, but that doesn't mean I can go in and change the grades."
The defense isn't a single wall that has to hold. It's the absence of a single thing to break.
Receipts
- The White House — "Election Integrity" (the four declassified collections)
- The White House — SAVE America Act page
- S. 1383, Engrossed Amendment House — the SAVE Act text as the House passed it
- H.Res. 1423 — the rule adding S. 1383's text to H.R. 8595 at engrossment
- H.R. 8595 — National Security, Department of State, and Related Programs Appropriations Act, 2027
- U.S. House Clerk — Roll Call 247, passage of H.R. 8595, 217–209
- CISA — "The November 3rd election was the most secure in American history" (Nov. 12, 2020)
- CISA — Director Easterly on the security of the 2024 elections
- CISA — advisory ICSA-22-154-01 on the Dominion ImageCast X ("no evidence … exploited in any elections")
- Brookings Institution — mail-voting fraud analysis, Nov. 2025 (0.000043%)
- PBS NewsHour / AP — Trump casts a Florida ballot by mail
- ProPublica — flaws in the SAVE citizenship-matching tool
- J. Alex Halderman & Drew Springall — security analysis of Georgia's Dominion ImageCast X (Princeton CITP)
- U.S. Election Assistance Commission — 2024 Election Administration and Voting Survey
- Smithsonian Magazine — the Civil War origins of vote-by-mail



