25 LC 56 0313
House Bill 886
By: Representatives Evans of the 57
th
, Bazemore of the 69
th
, Miller of the 62
nd
, Schofield of
the 63
rd
, and Cannon of the 58
th
A BILL TO BE ENTITLED
AN ACT
To amend Chapter 1 of Title 50 of the Official Code of Georgia Annotated, relating to
1
general provisions regarding state government, so as to prohibit state agencies and local2
government entities from responding to ransomware activity; to require that state agencies3
and local government entities report ransomware activity to the Georgia Technology4
Authority; to provide for definitions; to provide for related matters; to repeal conflicting5
laws; and for other purposes.6
BE IT ENACTED BY THE GENERAL ASSEMBLY OF GEORGIA:7
SECTION 1.8
Chapter 1 of Title 50 of the Official Code of Georgia Annotated, relating to general9
provisions regarding state government, is amended by adding a new Code section to read as10
follows:11
"50-1-14.
12
(a) As used in this Code section, the term:13
(1) 'Local government entity' means any political subdivision of this state, including any14
county, consolidated government, municipality, authority, school district, commission,15
H. B. 886
- 1 - 25 LC 56 0313
board, municipal corporation, governmental unit, sheriff’s office, law enforcement16
agency, or any other local public body.17
(2) 'Ransomware activity' means restricting access to a computer system or its data,18
typically by encrypting such data, with the demand for a ransom payment in exchange19
for access restoration.20
(3) 'State agency' means any department, agency, board, commission, institution, or other21
entity of the executive, legislative, or judicial branches of the state, including public22
universities, technical colleges, and other institutions under the state's authority.23
(b) No state agency or local government entity in this state shall submit payment to or24
otherwise communicate with an individual or organization engaging in ransomware activity25
against such state agency or local government entity.26
(c) Any state agency or local government entity experiencing ransomware activity27
immediately shall consult with the Georgia Technology Authority. The Georgia28
Technology Authority shall provide guidance and coordinate the response to such29
ransomware activity. The affected state agency or local government entity shall be30
required to provide the Georgia Technology Authority with any information required to31
appropriately address such response."32
SECTION 2.33
All laws and parts of laws in conflict with this Act are repealed.34
H. B. 886
- 2 -