Download Zipped Introduced WordPerfect HB0025.ZIP
[Status][Bill Documents][Fiscal Note][Bills Directory]
H.B. 25
1
2
3
4
5
6
7 LONG TITLE
8 General Description:
9 This bill modifies the Information Technology Act to enact the Governmental Internet
10 Information Privacy Act.
11 Highlighted Provisions:
12 This bill:
13 . enacts provisions governing privacy policies and the collection of personally
14 identifiable information by a governmental entity; and
15 . enacts provisions regulating the posting of personally identifiable information on a
16 court website.
17 Monies Appropriated in this Bill:
18 None
19 Other Special Clauses:
20 None
21 Utah Code Sections Affected:
22 ENACTS:
23 63D-2-101, Utah Code Annotated 1953
24 63D-2-102, Utah Code Annotated 1953
25 63D-2-103, Utah Code Annotated 1953
26 63D-2-104, Utah Code Annotated 1953
27
28 Be it enacted by the Legislature of the state of Utah:
29 Section 1. Section 63D-2-101 is enacted to read:
30
31 63D-2-101. Title.
32 This chapter is known as the "Governmental Internet Information Privacy Act."
33 Section 2. Section 63D-2-102 is enacted to read:
34 63D-2-102. Definitions.
35 As used in this chapter:
36 (1) (a) "Collect" means the gathering of personally identifiable information:
37 (i) from a user of a governmental website; or
38 (ii) about a user of the governmental website.
39 (b) "Collect" includes use of any identifying code linked to a user of a governmental
40 website.
41 (2) "Court website" means a website on the Internet that is operated by or on behalf of
42 any court created in Title 78, Judicial Code.
43 (3) "Governmental entity" means:
44 (a) an executive branch agency as defined in Section 63D-1a-102 ;
45 (b) the legislative branch;
46 (c) the judicial branch;
47 (d) the State Board of Education;
48 (e) the Board of Regents;
49 (f) an institution of higher education; and
50 (g) a political subdivision of the state:
51 (i) as defined in Section 17B-2-101 ; and
52 (ii) including a school district.
53 (4) (a) "Governmental website" means a website on the Internet that is operated by or
54 on behalf of a governmental entity.
55 (b) "Governmental website" includes a court website.
56 (5) "Governmental website operator" means a governmental entity or person acting on
57 behalf of the governmental entity that:
58 (a) operates a governmental website; and
59 (b) collects or maintains personally identifiable information from or about a user of
60 that website.
61 (6) "Personally identifiable information" means information that identifies:
62 (a) a user by:
63 (i) name;
64 (ii) account number;
65 (iii) physical address;
66 (iv) email address;
67 (v) telephone number;
68 (vi) Social Security number;
69 (vii) credit card information; or
70 (viii) bank account information;
71 (b) a user as having requested or obtained specific materials or services from a
72 governmental website;
73 (c) Internet sites visited by a user; or
74 (d) any of the contents of a user's data-storage device.
75 (7) "User" means a person who accesses a governmental website.
76 Section 3. Section 63D-2-103 is enacted to read:
77 63D-2-103. Collection of personally identifiable information.
78 (1) A governmental entity may not collect personally identifiable information related to
79 a user of the governmental entity's governmental website unless the governmental entity has
80 taken reasonable steps to ensure that on the day on which the personally identifiable
81 information is collected the governmental entity's governmental website complies with
82 Subsection (2).
83 (2) A governmental website shall contain a privacy policy statement that discloses:
84 (a) (i) the identity of the governmental website operator; and
85 (ii) how the governmental website operator may be contacted:
86 (A) by telephone; or
87 (B) electronically;
88 (b) the personally identifiable information collected by the governmental entity;
89 (c) a summary of how the personally identifiable information is used by:
90 (i) the governmental entity; or
91 (ii) the governmental website operator;
92 (d) the practices of the following related to disclosure of personally identifiable
93 information collected:
94 (i) the governmental entity; or
95 (ii) the governmental website operator;
96 (e) the procedures, if any, by which a user of a governmental entity may request:
97 (i) access to the user's personally identifiable information; and
98 (ii) access to correct the user's personally identifiable information; and
99 (f) without compromising the integrity of the security measures, a general description
100 of the security measures in place to protect a user's personally identifiable information from
101 unintended disclosure.
102 Section 4. Section 63D-2-104 is enacted to read:
103 63D-2-104. Posting certain information on a court website.
104 (1) Except as provided in Subsections (2) and (3), a court website:
105 (a) may not display personally identifiable information; and
106 (b) shall contain a conspicuous notice that includes a list of documents routinely posted
107 on the court website.
108 (2) This section does not prohibit access to any original document as provided by law.
109 (3) This section does not apply to:
110 (a) the Registry of Judgments created in Section 78-22-1.5 , if the Registry of
111 Judgments complies with Subsection (3)(b);
112 (b) remote access to a document through a network or system that:
113 (i) is secure; and
114 (ii) provides restricted access through security standards developed by the court,
115 including a registration requirement under which a prospective user must provide the
116 prospective user's:
117 (A) identity;
118 (B) business or residence address; and
119 (C) citizenship status;
120 (c) postings related to legitimate law enforcement purposes;
121 (d) postings of documents filed or recorded more than 100 years prior to the posting;
122 (e) postings of:
123 (i) historical information;
124 (ii) genealogical information;
125 (iii) interpretive information about historic persons and events; or
126 (iv) educational information about historic persons and events; or
127 (f) postings of information instructing a user how to contact a website operator,
128 employee, or other representative of the court.
Legislative Review Note
as of 9-22-03 10:37 AM
A limited legal review of this legislation raises no obvious constitutional or statutory concerns.
Office of Legislative Research and General Counsel
Interim Committee Note
as of 12-10-03 11:14 AM
The Public Utilities and Technology Interim Committee recommended this bill.
[Bill Documents][Bills Directory]