BILL ANALYSIS Senate Research Center S.B. 2459 89R11202 BCH-F By: Creighton State Affairs 4/29/2025 As Filed AUTHOR'S / SPONSOR'S STATEMENT OF INTENT According to the Office of Court Administration's Court Security Division, there were 1,080 reported court security incidents in Texas in FY24. Of these incidents, 146 were threats against judges, court staff, or court participants. Incidents are at a 10-year record high and there was a 142 percent increase in FY24 over FY23. In 2015, Texas' own District Judge Julie Kocurek was shot by a defendant-turned-gunman who had appeared before her in court only weeks earlier. More recently, in 2024, three people plotted out the attempted murder of a district judge in Williamson County. S.B. 2459 builds upon the Judge Julie Kocurek Judicial and Courthouse Security Act of 2017, which focused on the posting of "Personally Identifiable Information" (PII) posted by governmental bodies. In our age of free-flowing data on the Internet, the non-consensual sharing of PII can pose a very challenging security risk for judicial branch officers and court support staff. This includes the collection and distribution of judicial PII by "data brokers," which are entities or groups that sell PII to interested parties. In the simplest terms, S.B. 2459 would reduce opportunities for criminal defendants and other court participants who are dissatisfied with court outcomes from searching for the home address information of judges and court personnel with the stroke of a few keys on a cell phone. Responding to increased threats aimed at the federal judiciary, in late 2022, the U.S. Congress passed the Daniel Anderl Judicial Security and Privacy Act, which in part regulates the distribution of federal judges' PII by data brokers. The Act prohibits a "data broker" from knowingly selling, licensing, trading for consideration, transferring, or purchasing certain PII of federal judges and their family members. Currently, there is no state law equivalent in Texas to help protect judicial branch officers and court support personnel by limiting the flow of judicial PII or assisting judicial officers in seeking the removal of this information. S.B. 2459 is the solution to this problem. As proposed, S.B. 2459 amends current law relating to the protection of personal identifying information of certain persons in the judicial system and creates a criminal offense. RULEMAKING AUTHORITY This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency. SECTION BY SECTION ANALYSIS SECTION 1. Amends the heading to Subtitle H, Title 2, Government Code, to read as follows: SUBTITLE H. INFORMATION RESOURCES AND PRIVACY SECTION 2. Amends Subtitle H, Title 2, Government Code, by adding Chapter 92, as follows: CHAPTER 92. PROTECTION OF PERSONAL IDENTIFYING INFORMATION OF AT-RISK INDIVIDUALS COLLECTED AND STORED BY DATA BROKERS AND OTHER PERSONS Sec. 92.001. DEFINITIONS. Defines "at-risk individual," "court clerk," "covered information," "data broker," "immediate family member," "office," "state agency," and "state court." Sec. 92.002. DATA BROKER PROHIBITIONS. Prohibits a data broker, notwithstanding any other law, from knowingly selling, licensing, trading for consideration, transferring, or purchasing covered information of an at-risk individual or an immediate family member of the individual. Sec. 92.003. PROHIBITION ON BUSINESSES AND OTHER PERSONS. (a) Prohibits a person, except as provided by Subsection (b), from publicly posting or displaying on a publicly accessibly Internet website covered information of an at-risk individual or an immediate family member of the individual if the at-risk individual, or the Office of Court Administration of the Texas Judicial System (OCA), acting on the individual's behalf, submits a written request to that person not to disclose or acquire the covered information that is the subject of the request. (b) Provides that Subsection (a) does not apply to: (1) covered information of an at-risk individual or an immediate family member of the individual displayed on a publicly accessible Internet website if the information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern; (2) covered information that an at-risk individual voluntarily posts on the Internet; or (3) covered information received from a governmental entity or an employee or agent of a governmental entity. Sec. 92.004. REQUIRED CONDUCT. Requires a person, including a data broker, after receiving a written request under Section 92.003, to: (1) not later than 72 hours after receipt of the request: (A) remove from the Internet website the covered information identified in the request; (B) ensure the information is not made available on any other publicly accessible Internet website or subsidiary website the person controls; and (C) identify any other instances of the information that should be removed; and (2) assist the sender in locating the covered information that may be posted on any publicly accessible Internet website or subsidiary website controlled by the person. Sec. 92.005. OFFICE PROCEDURES. Requires the judicial security division of OCA to develop a process by which an at-risk individual can file a written request with the director of OCA to notify a data broker or other person, on the at-risk individual's behalf, of a written request submitted by the individual to remove covered information posted or displayed by the person on a publicly accessible Internet website. Sec. 92.006. TRANSFER. (a) Prohibits the person, except as provided by Subsection (b), after receiving a written request under Section 92.003, from transferring the covered information to any other person through any medium. (b) Provides that Subsection (a) does not apply to (1) the transfer of the covered information that is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern; (2) covered information the at-risk individual or the immediate family member of the individual voluntarily posts on the Internet; or (3) a transfer of the covered information at the request of the at-risk individual or as necessary to produce a request to the person from the at-risk individual. Sec. 92.007. CIVIL REMEDIES. (a) Authorizes an at-risk individual or the individual's designee, if the covered information of the at-risk individual or an immediate family member of the individual is made public as a result of a violation of this chapter, to bring an action in a court seeking injunctive or declaratory relief. (b) Authorizes the court, if the plaintiff prevails in an action brought under Subsection (a), in addition to issuing an order for injunctive or declaratory relief, to: (1) impose a fine of $500 for each day the covered information remains public after the date on which the order for injunctive or declaratory relief is issued; and (2) if the defendant is not a state agency, award to the at-risk individual, or the individual's immediate family, exemplary damages, court costs, and reasonable attorney's fees. Sec. 92.008. CRIMINAL OFFENSE. (a) Provides that a person commits an offense if the person intentionally posts covered information of an at-risk individual or an immediate family member of the individual on a publicly accessible Internet website without first obtaining the consent of the individual whose information was posted and: (1) the information is posted with intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family; and (2) under the circumstances, harm to or harassment of the at-risk individual or immediate family member is a probable consequence of the posting of the information. (b) Provides that, for the purposes of Subsection (a), it is prima facie evidence of the intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family if the person: (1) receives a written request not to disclose the covered information for safety reasons; and (2) either fails to remove the covered information from the Internet website not later than 48 hours after receiving the request or before the fourth anniversary of the date the business receives the request, the person reposts the covered information on the same Internet website or another publicly accessible Internet website or makes the information publicly available through another medium. (c) Provides that an offense under this section is a Class B misdemeanor, except that the offense is a Class A misdemeanor if the offense results in the bodily injury of the at-risk individual whose covered information was posted on the Internet website or an immediate family member of the individual. SECTION 3. Makes application of Chapter 92, Government Code, as added by this Act, prospective. SECTION 4. Provides that it is the intent of the 89th Legislature, Regular Session, 2025, that the amendments made by this Act to Section 92.001(4), Government Code, be harmonized with another Act of the 89th Legislature, Regular Session, 2025, relating to nonsubstantive additions to and corrections in enacted codes. SECTION 5. Effective date: September 1, 2025.
BILL ANALYSIS
Senate Research Center S.B. 2459
89R11202 BCH-F By: Creighton
State Affairs
4/29/2025
As Filed
Senate Research Center
S.B. 2459
89R11202 BCH-F
By: Creighton
State Affairs
4/29/2025
As Filed
AUTHOR'S / SPONSOR'S STATEMENT OF INTENT
According to the Office of Court Administration's Court Security Division, there were 1,080 reported court security incidents in Texas in FY24. Of these incidents, 146 were threats against judges, court staff, or court participants. Incidents are at a 10-year record high and there was a 142 percent increase in FY24 over FY23.
In 2015, Texas' own District Judge Julie Kocurek was shot by a defendant-turned-gunman who had appeared before her in court only weeks earlier. More recently, in 2024, three people plotted out the attempted murder of a district judge in Williamson County.
S.B. 2459 builds upon the Judge Julie Kocurek Judicial and Courthouse Security Act of 2017, which focused on the posting of "Personally Identifiable Information" (PII) posted by governmental bodies. In our age of free-flowing data on the Internet, the non-consensual sharing of PII can pose a very challenging security risk for judicial branch officers and court support staff. This includes the collection and distribution of judicial PII by "data brokers," which are entities or groups that sell PII to interested parties. In the simplest terms, S.B. 2459 would reduce opportunities for criminal defendants and other court participants who are dissatisfied with court outcomes from searching for the home address information of judges and court personnel with the stroke of a few keys on a cell phone.
Responding to increased threats aimed at the federal judiciary, in late 2022, the U.S. Congress passed the Daniel Anderl Judicial Security and Privacy Act, which in part regulates the distribution of federal judges' PII by data brokers. The Act prohibits a "data broker" from knowingly selling, licensing, trading for consideration, transferring, or purchasing certain PII of federal judges and their family members.
Currently, there is no state law equivalent in Texas to help protect judicial branch officers and court support personnel by limiting the flow of judicial PII or assisting judicial officers in seeking the removal of this information. S.B. 2459 is the solution to this problem.
As proposed, S.B. 2459 amends current law relating to the protection of personal identifying information of certain persons in the judicial system and creates a criminal offense.
RULEMAKING AUTHORITY
This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency.
SECTION BY SECTION ANALYSIS
SECTION 1. Amends the heading to Subtitle H, Title 2, Government Code, to read as follows:
SUBTITLE H. INFORMATION RESOURCES AND PRIVACY
SECTION 2. Amends Subtitle H, Title 2, Government Code, by adding Chapter 92, as follows:
CHAPTER 92. PROTECTION OF PERSONAL IDENTIFYING INFORMATION OF
AT-RISK INDIVIDUALS COLLECTED AND STORED BY DATA BROKERS AND
OTHER PERSONS
Sec. 92.001. DEFINITIONS. Defines "at-risk individual," "court clerk," "covered information," "data broker," "immediate family member," "office," "state agency," and "state court."
Sec. 92.002. DATA BROKER PROHIBITIONS. Prohibits a data broker, notwithstanding any other law, from knowingly selling, licensing, trading for consideration, transferring, or purchasing covered information of an at-risk individual or an immediate family member of the individual.
Sec. 92.003. PROHIBITION ON BUSINESSES AND OTHER PERSONS. (a) Prohibits a person, except as provided by Subsection (b), from publicly posting or displaying on a publicly accessibly Internet website covered information of an at-risk individual or an immediate family member of the individual if the at-risk individual, or the Office of Court Administration of the Texas Judicial System (OCA), acting on the individual's behalf, submits a written request to that person not to disclose or acquire the covered information that is the subject of the request.
(b) Provides that Subsection (a) does not apply to:
(1) covered information of an at-risk individual or an immediate family member of the individual displayed on a publicly accessible Internet website if the information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern;
(2) covered information that an at-risk individual voluntarily posts on the Internet; or
(3) covered information received from a governmental entity or an employee or agent of a governmental entity.
Sec. 92.004. REQUIRED CONDUCT. Requires a person, including a data broker, after receiving a written request under Section 92.003, to:
(1) not later than 72 hours after receipt of the request:
(A) remove from the Internet website the covered information identified in the request;
(B) ensure the information is not made available on any other publicly accessible Internet website or subsidiary website the person controls; and
(C) identify any other instances of the information that should be removed; and
(2) assist the sender in locating the covered information that may be posted on any publicly accessible Internet website or subsidiary website controlled by the person.
Sec. 92.005. OFFICE PROCEDURES. Requires the judicial security division of OCA to develop a process by which an at-risk individual can file a written request with the director of OCA to notify a data broker or other person, on the at-risk individual's behalf, of a written request submitted by the individual to remove covered information posted or displayed by the person on a publicly accessible Internet website.
Sec. 92.006. TRANSFER. (a) Prohibits the person, except as provided by Subsection (b), after receiving a written request under Section 92.003, from transferring the covered information to any other person through any medium.
(b) Provides that Subsection (a) does not apply to
(1) the transfer of the covered information that is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern;
(2) covered information the at-risk individual or the immediate family member of the individual voluntarily posts on the Internet; or
(3) a transfer of the covered information at the request of the at-risk individual or as necessary to produce a request to the person from the at-risk individual.
Sec. 92.007. CIVIL REMEDIES. (a) Authorizes an at-risk individual or the individual's designee, if the covered information of the at-risk individual or an immediate family member of the individual is made public as a result of a violation of this chapter, to bring an action in a court seeking injunctive or declaratory relief.
(b) Authorizes the court, if the plaintiff prevails in an action brought under Subsection (a), in addition to issuing an order for injunctive or declaratory relief, to:
(1) impose a fine of $500 for each day the covered information remains public after the date on which the order for injunctive or declaratory relief is issued; and
(2) if the defendant is not a state agency, award to the at-risk individual, or the individual's immediate family, exemplary damages, court costs, and reasonable attorney's fees.
Sec. 92.008. CRIMINAL OFFENSE. (a) Provides that a person commits an offense if the person intentionally posts covered information of an at-risk individual or an immediate family member of the individual on a publicly accessible Internet website without first obtaining the consent of the individual whose information was posted and:
(1) the information is posted with intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family; and
(2) under the circumstances, harm to or harassment of the at-risk individual or immediate family member is a probable consequence of the posting of the information.
(b) Provides that, for the purposes of Subsection (a), it is prima facie evidence of the intent to cause or threaten to cause harm to or harassment of an at-risk individual or a member of the individual's immediate family if the person:
(1) receives a written request not to disclose the covered information for safety reasons; and
(2) either fails to remove the covered information from the Internet website not later than 48 hours after receiving the request or before the fourth anniversary of the date the business receives the request, the person reposts the covered information on the same Internet website or another publicly accessible Internet website or makes the information publicly available through another medium.
(c) Provides that an offense under this section is a Class B misdemeanor, except that the offense is a Class A misdemeanor if the offense results in the bodily injury of the at-risk individual whose covered information was posted on the Internet website or an immediate family member of the individual.
SECTION 3. Makes application of Chapter 92, Government Code, as added by this Act, prospective.
SECTION 4. Provides that it is the intent of the 89th Legislature, Regular Session, 2025, that the amendments made by this Act to Section 92.001(4), Government Code, be harmonized with another Act of the 89th Legislature, Regular Session, 2025, relating to nonsubstantive additions to and corrections in enacted codes.
SECTION 5. Effective date: September 1, 2025.