| |
|
|
A BILL TO BE ENTITLED
|
|
|
AN ACT
|
| |
|
|
relating to prohibiting the use of certain social media |
|
|
applications and services on devices owned or leased by |
|
|
governmental entities. |
|
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
|
SECTION 1. Subtitle A, Title 6, Government Code, is amended |
|
|
by adding Chapter 620 to read as follows: |
|
|
CHAPTER 620. USE OF CERTAIN SOCIAL MEDIA APPLICATIONS AND SERVICES |
|
|
ON GOVERNMENTAL ENTITY DEVICES PROHIBITED |
|
|
Sec. 620.001. DEFINITIONS. In this chapter: |
|
|
(1) "Covered application" means: |
|
|
(A) the social media service TikTok or any |
|
|
successor application or service developed or provided by ByteDance |
|
|
Limited or an entity owned by ByteDance Limited; or |
|
|
(B) a social media application or service |
|
|
specified by executive order of the governor under Section 620.005. |
|
|
(2) "Governmental entity" means: |
|
|
(A) a department, commission, board, office, or |
|
|
other agency that is in the executive or legislative branch of state |
|
|
government and that was created by the constitution or a statute, |
|
|
including an institution of higher education as defined by Section |
|
|
61.003, Education Code; |
|
|
(B) the supreme court, the court of criminal |
|
|
appeals, a court of appeals, or the Texas Judicial Council or |
|
|
another agency in the judicial branch of state government; or |
|
|
(C) a political subdivision of this state, |
|
|
including a municipality, county, or special purpose district. |
|
|
Sec. 620.002. DEFINING SECURITY RISK. For purposes of this |
|
|
chapter, a social media application poses a risk to the security of |
|
|
governmental entity information if the application's service |
|
|
provider may be required by a foreign government, or an entity |
|
|
associated with a foreign government, to provide confidential or |
|
|
private personal information collected by the service provider |
|
|
through the application to the foreign government or associated |
|
|
entity without substantial due process rights or similar legal |
|
|
protections. |
|
|
Sec. 620.003. PROHIBITION. Subject to Section 620.004, a |
|
|
governmental entity shall adopt a policy prohibiting the |
|
|
installation or use of a covered application on any device owned or |
|
|
leased by the governmental entity and requiring the removal of |
|
|
covered applications from those devices. |
|
|
Sec. 620.004. EXCEPTIONS; MITIGATING MEASURES. (a) A |
|
|
policy adopted under Section 620.003 may provide for the |
|
|
installation and use of a covered application to the extent |
|
|
necessary for: |
|
|
(1) providing law enforcement; or |
|
|
(2) developing or implementing information security |
|
|
measures. |
|
|
(b) A policy allowing the installation and use of a covered |
|
|
application under Subsection (a) must require: |
|
|
(1) the use of measures to mitigate risks to the |
|
|
security of governmental entity information during the use of the |
|
|
covered application; and |
|
|
(2) the documentation of those measures. |
|
|
Sec. 620.005. APPLICATIONS IDENTIFIED BY GOVERNOR'S ORDER. |
|
|
The governor by executive order may identify social media |
|
|
applications or services that pose a similar risk to the security of |
|
|
governmental entity information as the service described by Section |
|
|
620.001(1)(A). |
|
|
SECTION 2. Not later than the 60th day after the effective |
|
|
date of this Act, each governmental entity shall adopt the policy |
|
|
required by Chapter 620, Government Code, as added by this Act. |
|
|
SECTION 3. This Act takes effect immediately if it receives |
|
|
a vote of two-thirds of all the members elected to each house, as |
|
|
provided by Section 39, Article III, Texas Constitution. If this |
|
|
Act does not receive the vote necessary for immediate effect, this |
|
|
Act takes effect September 1, 2023. |
|
|
|
|
|
* * * * * |