The bill would require that certain personal information--social security numbers, bank account information, computer password/network information--are confidential.  The bill further states that a governmental body that receives a request for the three categories of information need not release the personal information about an individual or request a ruling from the Office of the Attorney General (OAG) under the Public Information Act (the "PIA").  The bill requires the OAG to adopt new administrative rules and legal analyses for this type of information. The bill states that a decision by the OAG under this process may be challenged in court in the same manner that an open records ruling may be challenged.  Subchapter C requires the OAG to establish additional guidelines for local entities to follow when responding to open records requests.

The bill would prohibit a governmental body from storing a biometric identifier of an individual in a database, which would include fingerprints.

The bill would require governmental agencies to develop a privacy policy setting out guidelines for agency use relating to collection and disclosure of personal information of individuals. 

The Office of the Attorney General (OAG) projects that the provisions of the bill would require a two-step review process for public information requests.  Requests first would be reviewed under the existing Public Information Act, then in cases that involve social security numbers, bank account information, computer password/network information; those requests would be reviewed under the provisions outlined in the bill.  It is estimated that the OAG would need 4 additional attorneys and 2 support staff to comply with the provisions of the bill at a cost of $438,962 in fiscal year 2006 and $402,700 each fiscal year thereafter out of the General Revenue Fund.

The State Auditor estimates that the cost to update existing audit guidelines to comply with the requirements of the bill would total approximately 250 hours or $16,500 in fiscal year 2006. The cost would be approximately 100 hours, or $6,600, to update the guidelines in each subsequent fiscal year. Overall, the costs would not be significant and could be absorbed within the existing resources.

The methodology for estimating costs for the Department of Public Safety (DPS) assumes that no one within the state of Texas would be able to maintain biometric identifiers in databases.  DPS currently uses an Automated Fingerprint Information System (AFIS).  Since fiscal year 2001, DPS has received $13,520,445 for AFIS.  Under the provisions of the bill, the data currently stored by automated means within DPS would have to revert back to manual storage, comparison, and search.  In order to accommodate a manual system, additional FTEs and storage would be required.  It would also result in a lag in the time required to complete a background search/check.  Amounts estimated for DPS include 166 FTEs, with costs ranging from $4.9 million in 2006 to $5.5 million in 2010.  In addition, fiscal years 2006 through 2008 include computer programming costs of $1.3 million each year.  And, $1.3 million each fiscal year is included for rent and storage costs.  Other incidental costs are also included for DPS.

There is a one-time cost of $12,222 for technology needs (network stations) at the OAG.  In addition, $1.3 million is included each fiscal year for programming costs at DPS.