BILL ANALYSIS
|
Senate Research Center |
C.S.H.B. 5081 |
|
89R32081 BCH-D |
By: Leach (Creighton) |
|
|
State Affairs |
|
|
5/22/2025 |
|
|
Committee Report (Substituted) |
AUTHOR'S / SPONSOR'S STATEMENT OF INTENT
With the current deluge of uninhibited data on the Internet, the nonconsensual sharing of personal identifying information can pose a security risk for judicial branch officers and court support staff, including through the collection and distribution of judicial personal identifying information by entities or groups that sell personal identifying information to interested parties, commonly referred to as "data brokers."
In response to increased threats aimed at the federal judiciary, the 117th Congress passed the Daniel Anderl Judicial Security and Privacy Act of 2022, which in part regulates the distribution of federal judges' personal identifying information by data brokers. There is currently no equivalent in Texas statute to limit the flow of the personal identifying information of state judicial branch officers and court support personnel or to remove this information from public websites.
H.B. 5081 seeks to address this gap by preventing the personal identifying information of state judicial branch officers and court support personnel from being sold, licensed, traded, transferred, or purchased by data brokers. The bill additionally extends these protections to the family members of these individuals and provides a framework for removing sensitive information.
(Original Author's/Sponsor's Statement of Intent)
C.S.H.B. 5081 amends current law relating to the protection of personal identifying information of certain persons in the judicial system and create a criminal offense.
RULEMAKING AUTHORITY
This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency.
SECTION BY SECTION ANALYSIS
SECTION 1. Amends the heading to Subtitle H, Title 2, Government Code, to read as follows:
SUBTITLE H. INFORMATION RESOURCES AND PRIVACY
SECTION 2. Amends Subtitle H, Title 2, Government Code, by adding Chapter 92, as follows:
CHAPTER 92. PROTECTION OF PERSONAL IDENTIFYING INFORMATION OF
AT-RISK INDIVIDUALS
Sec. 92.001. DEFINITIONS. Defines "at-risk individual," "court clerk," "covered information," "data broker," "immediate family member," "office," "person," "state agency," and "state court."
Sec. 92.002. PROHIBITED DISSEMINATION OF COVERED INFORMATION. (a) Prohibits a person, except as provided by Subsection (b), from knowingly selling, licensing, trading for consideration, transferring, purchasing, or otherwise disseminating covered information of an at-risk individual or an immediate family member of the individual if the individual, or the Office of Court Administration of the Texas Judicial System (OCA), acting on the individual's behalf, submits to the person a written request for the person not to sell, license, trade for consideration, transfer, purchase, or otherwise disseminate information.
(b) Provides that Subsection (a) does not apply to certain covered information.
Sec. 92.003. PROHIBITED DISPLAY OF COVERED INFORMATION. (a) Prohibits a person, including a data broker, except as provided by Subsection (b), from publicly posting or displaying on a publicly accessible Internet website covered information of an at-risk individual or an immediate family member of the individual if the at-risk individual, or OCA, acting on the individual's behalf, submits a written request to that person not to disclose or acquire the covered information subject to the request.
(b) Provides that Subsection (a) does not apply to certain covered information.
Sec. 92.004. DUTY TO REMOVE COVERED INFORMATION. Requires a data broker, after receiving a written request under Section 92.002 or 92.003, to:
(1) not later than the 10th business day after the date the request is received: remove from the Internet website the covered information identified in the request, ensure the information is not made available on any other publicly accessible Internet website or subsidiary website the person controls, and identify any other instances of the information that should be removed; and
(2) assist the sender in locating the covered information that may be posted on any publicly accessible Internet website or subsidiary website controlled by the person.
Sec. 92.005. OFFICE PROCEDURES. Requires the judicial security division of OCA to develop a process by which a judge can file a written request with the director of OCA to notify a person, including a data broker, on the judge's behalf, of a written request submitted by the judge to remove covered information posted or displayed by the person on a publicly accessible Internet website.
Sec. 92.006. TRANSFER. (a) Prohibits a person, including a data broker, except as provided by Subsection (b) and Section 92.002(b), after receiving a written request under Section 92.003, from transferring the covered information to any other person through any medium.
(b) Provides that Subsection (a) does not apply to certain covered information.
Sec. 92.007. CIVIL REMEDIES. (a) Authorizes an at-risk individual, if the covered information of the at-risk individual or an immediate family member of the individual is made public as a result of a violation of this chapter, to bring an action in a court seeking injunctive or declaratory relief.
(b) Authorizes the court, if the plaintiff prevails in an action brought under Subsection (a), in addition to issuing an order for injunctive or declaratory relief, to impose a fine of $500 for each day the covered information remains public after the date on which the order for injunctive or declaratory relief is issued and, if the defendant is not a state agency, award to the at-risk individual, or the individual's immediate family, exemplary damages, court costs, and reasonable attorney's fees.
Sec. 92.008. CRIMINAL OFFENSES. (a) Provides that a person commits an offense if:
(1) the person intentionally posts covered information of an at-risk individual or an immediate family member of the individual on a publicly accessible Internet website without first obtaining the consent of the individual or family member to whom the information refers;
(2) the information is posted with intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family; and
(3) under the circumstances, harm to or harassment of the at-risk individual or immediate family member is a probable consequence of the posting of the information.
(b) Provides that a person other than a data broker commits an offense if the person does not remove from a publicly accessible Internet website controlled by the person covered information identified in a written request submitted under Section 92.003 within 10 business days of receiving the request.
(c) Provides that an offense under this section is a Class B misdemeanor, except that the offense is a Class A misdemeanor if the offense results in the bodily injury of the at-risk individual whose covered information was posted on the Internet website or� an immediate family member of the individual.
SECTION 3. (a) Makes application of Chapter 92, Government Code, as added by this Act, prospective.
(b) Makes application of Sections 92.003 and 92.004, Government Code, as added by this Act, prospective.
(c) Provides that OCA is required to implement Section 92.005, Government Code, as added by this Act, only if the legislature appropriates money specifically for that purpose. Provides that, if the legislature does not appropriate money specifically for that purpose, OCA is authorized, but is not required, to implement Section 92.005 using other appropriations available for that purpose.
(d) Authorizes OCA to develop or procure a statewide technology system to automate the process described in Section 92.005, Government Code, as added by this Act.
(e) Makes application of Section 92.008, Government Code, as added by this Act, prospective.
SECTION 4. Provides that it is the intent of the 89th Legislature, Regular Session, 2025, that the amendments made by this Act to Section 92.001(4), Government Code, be harmonized with another Act of the 89th Legislature, Regular Session, 2025, relating to nonsubstantive additions to and corrections in enacted codes.
SECTION 5. Effective date: September 1, 2025.