S.B. No. 1893

	AN ACT
	relating to prohibiting the use of certain social media
	applications and services on devices owned or leased by
	governmental entities.
	BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
	SECTION 1.  Subtitle A, Title 6, Government Code, is amended
	by adding Chapter 620 to read as follows:
	CHAPTER 620.  USE OF CERTAIN SOCIAL MEDIA APPLICATIONS AND SERVICES
	ON GOVERNMENTAL ENTITY DEVICES PROHIBITED
	Sec. 620.001.  DEFINITIONS. In this chapter:
	(1)  "Covered application" means:
	(A)  the social media service TikTok or any
	successor application or service developed or provided by ByteDance
	Limited or an entity owned by ByteDance Limited; or
	(B)  a social media application or service
	specified by proclamation of the governor under Section 620.005.
	(2)  "Governmental entity" means:
	(A)  a department, commission, board, office, or
	other agency that is in the executive or legislative branch of state
	government and that was created by the constitution or a statute,
	including an institution of higher education as defined by Section
	61.003, Education Code;
	(B)  the supreme court, the court of criminal
	appeals, a court of appeals, a district court, or the Texas Judicial
	Council or another agency in the judicial branch of state
	government; or
	(C)  a political subdivision of this state,
	including a municipality, county, or special purpose district.
	Sec. 620.002.  DEFINING SECURITY RISK TO THIS STATE.  For
	purposes of this chapter, a social media application or service
	poses a risk to this state if:
	(1)  the provider of the application or service may be
	required by a foreign government, or an entity associated with a
	foreign government, to provide confidential or private personal
	information collected by the provider through the application or
	service to the foreign government or associated entity without
	substantial due process rights or similar legal protections; or
	(2)  the application or service poses a similar risk to
	the security of this state's sensitive information, critical
	infrastructure, or both, as an application or service described by
	Section 620.001(1)(A).
	Sec. 620.003.  PROHIBITION; MODEL POLICY. (a)  Subject to
	Section 620.004, a governmental entity shall adopt a policy
	prohibiting the installation or use of a covered application on any
	device owned or leased by the governmental entity and requiring the
	removal of covered applications from those devices.
	(b)  The Department of Information Resources and the
	Department of Public Safety shall jointly develop a model policy
	for governmental entities to use in developing the policy required
	by Subsection (a).
	Sec. 620.004.  EXCEPTIONS; MITIGATING MEASURES.  (a)  A
	policy adopted under Section 620.003 may provide for the
	installation and use of a covered application to the extent
	necessary for:
	(1)  providing law enforcement; or
	(2)  developing or implementing information security
	measures.
	(b)  A policy allowing the installation and use of a covered
	application under Subsection (a) must require:
	(1)  the use of measures to mitigate risks posed to this
	state during the use of the covered application; and
	(2)  the documentation of those measures.
	Sec. 620.005.  APPLICATIONS IDENTIFIED BY GOVERNOR'S
	PROCLAMATION. The governor by proclamation may identify social
	media applications or services that pose a risk to this state as
	described by Section 620.002.
	Sec. 620.006.  APPLICATION IDENTIFIED BY DEPARTMENT OF
	INFORMATION RESOURCES AND DEPARTMENT OF PUBLIC SAFETY. (a)  The
	Department of Information Resources and the Department of Public
	Safety shall jointly identify social media applications or services
	that pose a risk to this state as described by Section 620.002.
	(b)  The Department of Information Resources shall:
	(1)  annually submit a list of applications and
	services identified under Subsection (a) to the governor;
	(2)  publish the list on the department's publicly
	accessible Internet website; and
	(3)  periodically update the list on that website.
	SECTION 2.  Not later than the 60th day after the date the
	Department of Information Resources and the Department of Public
	Safety make available the model policy required by Section
	620.003(b), Government Code, as added by this Act, each
	governmental entity shall adopt the policy required by Section
	620.003(a), Government Code, as added by this Act.
	SECTION 3.  This Act takes effect immediately if it receives
	a vote of two-thirds of all the members elected to each house, as
	provided by Section 39, Article III, Texas Constitution.  If this
	Act does not receive the vote necessary for immediate effect, this
	Act takes effect September 1, 2023.
	______________________________	______________________________
	President of the Senate	Speaker of the House
	I hereby certify that S.B. No. 1893 passed the Senate on
	April 18, 2023, by the following vote:  Yeas 31, Nays 0;
	May 16, 2023, Senate refused to concur in House amendments and
	requested appointment of Conference Committee; May 17, 2023, House
	granted request of the Senate; May 27, 2023, Senate adopted
	Conference Committee Report by the following vote:  Yeas 30,
	Nays 1.
	______________________________
	Secretary of the Senate
	I hereby certify that S.B. No. 1893 passed the House, with
	amendments, on May 9, 2023, by the following vote:  Yeas 144,
	Nays 0, two present not voting; May 17, 2023, House granted request
	of the Senate for appointment of Conference Committee;
	May 28, 2023, House adopted Conference Committee Report by the
	following vote:  Yeas 139, Nays 2, two present not voting.
	______________________________
	Chief Clerk of the House
	Approved:
	______________________________
	Date
	______________________________
	Governor