BILL ANALYSIS
|
Senate Research Center |
H.B. 5081 |
|
|
By: Leach (Creighton) |
|
|
State Affairs |
|
|
5/20/2025 |
|
|
Engrossed |
AUTHOR'S / SPONSOR'S STATEMENT OF INTENT
With the current deluge of uninhibited data on the Internet, the nonconsensual sharing of personal identifying information can pose a security risk for judicial branch officers and court support staff, including through the collection and distribution of judicial personal identifying information by entities or groups that sell personal identifying information to interested parties, commonly referred to as "data brokers."
In response to increased threats aimed at the federal judiciary, the 117th Congress passed the Daniel Anderl Judicial Security and Privacy Act of 2022, which in part regulates the distribution of federal judges' personal identifying information by data brokers. There is currently no equivalent in Texas statute to limit the flow of the personal identifying information of state judicial branch officers and court support personnel or to remove this information from public websites.
H.B. 5081 seeks to address this gap by preventing the personal identifying information of state judicial branch officers and court support personnel from being sold, licensed, traded, transferred, or purchased by data brokers. The bill additionally extends these protections to the family members of these individuals and provides a framework for removing sensitive information.
H.B. 5081 amends current law relating to the protection of personal identifying information of certain persons in the judicial system and creates criminal offenses.
RULEMAKING AUTHORITY
This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency.
SECTION BY SECTION ANALYSIS
SECTION 1. Amends the heading to Subtitle H, Title 2, Government Code, to read as follows:
SUBTITLE H. INFORMATION RESOURCES AND PRIVACY
SECTION 2. Amends Subtitle H, Title 2, Government Code, by adding Chapter 92, as follows:
CHAPTER 92. PROTECTION OF PERSONAL IDENTIFYING INFORMATION OF AT-RISK INDIVIDUALS COLLECTED AND STORED BY DATA BROKERS AND OTHER PERSONS
Sec. 92.001. DEFINITIONS. Defines "at-risk individual," "court clerk," "covered information," "data broker," "immediate family member," "office," "state agency," and "state court."
Sec. 92.002. DATA BROKER PROHIBITIONS. Prohibits a data broker, notwithstanding any other law, from knowingly selling, licensing, trading for consideration, transferring, or purchasing covered information of an at-risk individual or an immediate family member of the individual.
Sec. 92.003. PROHIBITED DISPLAY OF COVERED INFORMATION. (a) Prohibits a person, including a data broker, except as provided by Subsection (b), from publicly posting or displaying on a publicly accessible Internet website covered information of an at-risk individual or an immediate family member of the individual if the at-risk individual, or the Office of Court Administration of the Texas Judicial System (OCA), acting on the individual's behalf, submits a written request to that person not to disclose or acquire the covered information that is the subject of the request.
(b) Provides that Subsection (a) does not apply to certain covered information.
Sec. 92.004. DUTY OF DATA BROKER TO REMOVE COVERED INFORMATION. Requires a data broker, after receiving a written request under Section 92.003, to:
(1) not later than 72 hours after receipt of the request: remove from the Internet website the covered information identified in the request, ensure the information is not made available on any other publicly accessible Internet website or subsidiary website the data broker controls, and identify any other instances of the information that should be removed; and
(2) assist the sender in locating the covered information that may be posted on any publicly accessible Internet website or subsidiary website controlled by the data broker.
Sec. 92.005. OFFICE PROCEDURES. Requires the judicial security division of OCA to develop a process by which a judge can file a written request with the director of OCA to notify a data broker or other person, on the judge's behalf, of a written request submitted by the judge to remove covered information posted or displayed by the person on a publicly accessible Internet website.
Sec. 92.006. TRANSFER. (a) Prohibits the person, except as provided by Subsection (b), after receiving a written request under Section 92.003, from transferring the covered information to any other person through any medium.
(b) Provides that Subsection (a) does not apply to certain covered information.
Sec. 92.007. CIVIL REMEDIES. (a) Authorizes an at-risk individual or the individual's designee, if the covered information of the at-risk individual or an immediate family member of the individual is made public as a result of a violation of this chapter, to bring an action in a court seeking injunctive or declaratory relief.
(b) Authorizes the court, if the plaintiff prevails in an action brought under Subsection (a), in addition to issuing an order for injunctive or declaratory relief, to impose a fine of $500 for each day the covered information remains public after the date on which the order for injunctive or declaratory relief is issued and, if the defendant is not a state agency, award to the at-risk individual, or the individual's immediate family, exemplary damages, court costs, and reasonable attorney's fees.
Sec. 92.008. CRIMINAL OFFENSES. (a) Provides that a person commits an offense if:
(1) the person intentionally posts covered information of an at-risk individual or an immediate family member of the individual on a publicly accessible Internet website without first obtaining the consent of the individual whose information was posted;
(2) the information is posted with intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family; and
(3) under the circumstances, harm to or harassment of the at-risk individual or immediate family member is a probable consequence of the posting of the information.
(b) Provides that a person other than a data broker commits an offense if the person does not remove from a publicly accessible Internet website controlled by the person covered information identified in a written request submitted under Section 92.003 within 48 hours of receiving the request.
(c) Provides that, for purposes of Subsection (a), it is prima facie evidence of the intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family if the person:
(1) receives a written request not to disclose the covered information for safety reasons; and
(2) either fails to remove the covered information from the Internet website within 48 hours of receiving the request or, before the fourth anniversary of the date the business receives the request, reposts the covered information on the same Internet website or another publicly accessible Internet website or makes the information publicly available through another medium.
(d) Provides that an offense under this section is a Class B misdemeanor, except that the offense is a Class A misdemeanor if the offense results in the bodily injury of the at-risk individual whose covered information was posted on the Internet website or� an immediate family member of the individual.
SECTION 3. (a) Makes application of Chapter 92, Government Code, as added by this Act, prospective.
(b) Makes application of Sections 92.003 and 92.004, Government Code, as added by this Act, prospective.
(c) Provides that OCA is required to implement Section 92.005, Government Code, as added by this Act, only if the legislature appropriates money specifically for that purpose. Provides that, if the legislature does not appropriate money specifically for that purpose, OCA is authorized, but is not required, to implement Section 92.005 using other appropriations available for that purpose.
(d) Authorizes OCA to develop or procure a statewide technology system to automate the process described in Section 92.005, Government Code, as added by this Act.
(e) Makes application of Section 92.008, Government Code, as added by this Act, prospective.
SECTION 4. Provides that it is the intent of the 89th Legislature, Regular Session, 2025, that the amendments made by this Act to Section 92.001(4), Government Code, be harmonized with another Act of the 89th Legislature, Regular Session, 2025, relating to nonsubstantive additions to and corrections in enacted codes.
SECTION 5. Effective date: September 1, 2025.