[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 4436 Introduced in House (IH)]
<DOC>
117th CONGRESS
1st Session
H. R. 4436
To improve the safety and security of the Federal judiciary.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
July 16, 2021
Ms. Sherrill (for herself and Mr. Fitzpatrick) introduced the following
bill; which was referred to the Committee on the Judiciary
_______________________________________________________________________
A BILL
To improve the safety and security of the Federal judiciary.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Daniel Anderl Judicial Security and
Privacy Act of 2021''.
SEC. 2. PURPOSE; RULES OF CONSTRUCTION.
(a) Purpose.--The purpose of this Act is to improve the safety and
security of Federal judges, including senior, recalled, or retired
Federal judges, and their immediate family, to ensure Federal judges
are able to administer justice fairly without fear of personal reprisal
from individuals affected by the decisions they make in the course of
carrying out their public duties.
(b) Rules of Construction.--
(1) In general.--Nothing in this Act shall be construed--
(A) to prohibit, restrain, or limit--
(i) the lawful investigation or reporting
by the press of any unlawful activity or
misconduct alleged to have been committed by an
at-risk individual or their immediate family;
or
(ii) the reporting on an at-risk individual
or their immediate family regarding matters of
public concern;
(B) to impair access to decisions and opinions from
a Federal judge in the course of carrying out their
public functions; or
(C) to limit the publication or transfer of
personally identifiable information that the at-risk
individual or their immediate family member voluntarily
publishes on the internet after the date of enactment
of this Act.
(2) Protection of personally identifiable information.--
This Act shall be broadly construed to favor the protection of
the personally identifiable information of at-risk individuals
and their immediate family.
SEC. 3. FINDINGS.
Congress finds the following:
(1) Members of the Federal judiciary perform the important
function of interpreting our Constitution and administering
justice in a fair and impartial manner.
(2) In recent years, partially as a result of the rise in
the use of social media and online access to information,
members of the Federal judiciary have been exposed to an
increased number of personal threats in connection to their
role. The ease of access to free or inexpensive sources of
personally identifiable information has considerably lowered
the effort required for malicious actors to discover where
individuals live, where they spend leisure hours, and to find
information about their family members. Such threats have
included calling a judge a traitor with references to mass
shootings and serial killings, calling for an ``angry mob'' to
gather outside a judge's home and, in reference to a United
States courts of appeals judge, stating how easy it would be to
``get them.''
(3) Between 2015 and 2019, threats and other inappropriate
communications against Federal judges and other judiciary
personnel increased from 926 in 2015 to approximately 4,449 in
2019.
(4) Over the past decade, several members of the Federal
judiciary have experienced acts of violence against themselves
or a family member in connection to their Federal judiciary
role, including the murder of the family of United States
District Judge for the Northern District of Illinois Joan
Lefkow in 2005.
(5) On Sunday July 19, 2020, an assailant went to the home
of Esther Salas, a judge for the United States District Court
for the District of New Jersey, impersonating a package
delivery driver, opening fire upon arrival, and killing Daniel
Anderl, the 20-year-old only son of Judge Salas, and seriously
wounding Mark Anderl, her husband.
(6) In the aftermath of the recent tragedy that occurred to
Judge Salas and in response to the continuous rise of threats
against members of the Federal judiciary, there is an immediate
need for enhanced security procedures and increased
availability of tools to protect Federal judges and their
families.
SEC. 4. DEFINITIONS.
In this Act:
(1) At-risk individual.--The term ``at-risk individual''
means--
(A) a Federal judge; or
(B) a senior, recalled, or retired Federal judge.
(2) Data broker.--
(A) In general.--The term ``data broker'' means a
business or commercial entity when it is engaged in
collecting, assembling, or maintaining personal
information concerning an individual who is not a
customer, client, or an employee of that entity in
order to sell the information or otherwise profit from
providing third party access to the information.
(B) Exclusion.--The following activities conducted
by a business or commercial entity, and the collection
and sale or licensing of personally identifiable
information incidental to conducting these activities
do not qualify the entity as a data broker:
(i) Engaging in reporting, newsgathering,
speaking, or other activities intended to
inform the public on matters of public interest
or public concern.
(ii) Providing 411 directory assistance or
directory information services, including name,
address, and telephone number, on behalf of or
as a function of a telecommunications carrier.
(iii) Utilizing personal information
internally, providing access to businesses
under common ownership or affiliated by
corporate control, or selling or providing data
for a transaction or service requested by or
concerning the individual whose personal
information is being transferred.
(iv) Providing publicly available
information via real-time or near-real-time
alert services for health or safety purposes.
(v) A consumer reporting agency to the
extent that it is covered by the Federal Fair
Credit Reporting Act (15 U.S.C. 1681 et seq.).
(vi) A financial institution to the extent
that it is covered by the Gramm-Leach-Bliley
Act (Public Law 106-102) and implementing
regulations.
(vii) An entity to the extent that it is
covered by the Health Insurance Portability and
Accountability Act (Public Law 104-191).
(3) Federal judge.--The term ``Federal judge'' means--
(A) a justice or judge of the United States, as
those terms are defined in section 451 of title 28,
United States Code;
(B) a bankruptcy judge appointed under section 152
of title 28, United States Code;
(C) a United States magistrate judge appointed
under section 631 of title 28, United States Code;
(D) a judge confirmed by the United States Senate
and empowered by statute in any commonwealth,
territory, or possession to perform the duties of a
Federal judge; and
(E) a judge of the United States Court of Federal
Claims appointed under section 171 of title 28, United
States Code.
(4) Government agency.--The term ``Government agency''
means any department enumerated in section 1 of title 5 of the
United States Code, independent establishment, commission,
administration, authority, board or bureau of the United States
or any corporation in which the United States has a proprietary
interest. The term includes all such institutions, offices, and
any other bodies politic and corporate of the United States
Government created by the constitution or statute, whether in
the executive, judicial, or legislative branch; all units and
corporate outgrowths created by Executive order of the
President or any constitutional officer, by the Supreme Court
of the United States, or by resolution of the United States
Congress.
(5) Immediate family.--The term ``immediate family'' means
a spouse, child, parent, or any other familial relative of an
at-risk individual whose permanent residence is the same as the
at-risk individual.
(6) Personally identifiable information.--The term
``personally identifiable information'' means--
(A) a home address, including primary residence or
secondary residences;
(B) a home or personal mobile telephone number, or
the direct telephone number of a government-issued cell
phone or private extension in the chambers of an at-
risk individual;
(C) a personal email address;
(D) the social security number, driver's license
number, or home address displayed on voter registration
information;
(E) a bank account or credit or debit card
information;
(F) home or other address displayed on property tax
records or held by a Federal, State, or local
government agency of an at-risk individual, including a
secondary residence and any investment property at
which an at-risk individual resides for part of a year;
(G) license plate number or home address displayed
on vehicle registration information;
(H) identification of children of an at-risk
individual under the age of 18;
(I) full date of birth;
(J) a photograph of any vehicle that legibly
displays the license plate or a photograph of a
residence that legibly displays the residence address;
(K) the name and address of a school or day care
facility attended by immediate family; or
(L) the name and address of an employer of
immediate family.
(7) Social media.--The term ``social media'' means any
online electronic medium, a live-chat system, or an electronic
dating service--
(A) that primarily serves as a medium for users to
interact with content generated by other third-party
users of the medium;
(B) that enables users to create accounts or
profiles specific to the medium or to import profiles
from another medium; and
(C) that enables one or more users to generate
content that can be viewed by other third-party users
of the medium.
(8) Transfer.--The term ``transfer'' means to sell,
license, trade, or exchange for consideration the personally
identifiable information of an at-risk individual or immediate
family.
SEC. 5. PROTECTING PERSONALLY IDENTIFIABLE INFORMATION IN PUBLIC
RECORDS.
(a) Government Agencies.--
(1) In general.--Each at-risk individual may--
(A) file written notice of the status of the
individual as an at-risk individual, for themselves and
immediate family, to each Government agency; and
(B) ask each Government agency described in
subparagraph (A) to mark as private their personally
identifiable information and that of their immediate
family.
(2) No public posting.--Government agencies shall not
publicly post or display publicly available content that
includes personally identifiable information of an at-risk
individual or immediate family. Government agencies, upon
receipt of a written request in accordance with subsection
(a)(1)(A) of this section, shall remove the personally
identifiable information of the at-risk individual or immediate
family from publicly available content within 72 hours.
(3) Exceptions.--Nothing in this section shall prohibit a
government agency from providing access to records containing
judges' personally identifiable information to a third party if
the third party possesses a signed release from the judge or a
court order, the entity is already subject to the requirements
of title V of the Gramm-Leach-Bliley Act (15 U.S.C. 6801 et
seq.), or the third party executes a confidentiality agreement
with the government agency.
(b) State and Local Governments.--
(1) Grant program to prevent disclosure of personal
information of at-risk individuals or immediate family.--
(A) Authorization.--The Attorney General shall make
grants to prevent the release of personally
identifiable information of at-risk individuals and
immediate family (in this subsection referred to as
``judges' personally identifiable information'') to the
detriment of such individuals or their families to an
entity that--
(i) is--
(I) a State or unit of local
government (as such terms are defined
in section 901 of the Omnibus Crime
Control and Safe Streets Act of 1968
(34 U.S.C. 10251)); or
(II) an agency of a State or unit
of local government; and
(ii) operates a State or local database or
registry that contains personally identifiable
information.
(B) Application.--An eligible entity seeking a
grant under this section shall submit to the Attorney
General an application at such time, in such manner,
and containing such information as the Attorney General
may reasonably require.
(2) Authorization of appropriations.--There is authorized
to be appropriated such sums as may be necessary to provide
grants to entities described in paragraph (1) to create or
expand programs designed to protect judges' personally
identifiable information, including through--
(A) the creation of programs to redact or remove
judges' personally identifiable information, upon the
request of an at-risk individual, from public records
in state agencies; these efforts may include but are
not limited to hiring a third party to redact or remove
judges' personally identifiable information from public
records;
(B) the expansion of existing programs that the
State may have enacted in an effort to protect judges'
personally identifiable information;
(C) the development or improvement of protocols,
procedures, and policies to prevent the release of
judges' personally identifiable information;
(D) the defrayment of costs of modifying or
improving existing databases and registries to ensure
that judges' personally identifiable information is
protected from release; and
(E) the development of confidential opt out systems
that will enable at-risk individuals to make a single
request to keep judges' personally identifiable
information out of multiple databases or registries.
(3) Report.--
(A) In general.--Not later than 1 year after the
date of enactment of this Act, and biennially
thereafter, the Comptroller General of the United
States, shall submit to the Committee on the Judiciary
of the Senate and the Committee on the Judiciary of the
House of Representatives an annual report that
includes--
(i) a detailed amount spent by States and
local governments on protection of judges'
personally identifiable information; and
(ii) where the judges' personally
identifiable information was found.
(B) States and local governments.--States and local
governments that receive funds under this section shall
submit to the Comptroller General a report on data
described in clauses (i) and (ii) of subparagraph (A)
to be included in the report required under that
subparagraph.
(c) Data Brokers and Other Businesses.--
(1) Prohibition.--
(A) Data brokers.--It shall be unlawful for a data
broker to knowingly sell, license, trade for
consideration, or purchase personally identifiable
information of an at-risk individual or immediate
family.
(B) Other businesses.--No person, business, or
association shall publicly post or publicly display on
the internet personally identifiable information of an
at-risk individual or immediate family if the at-risk
individual has made a written request of that person,
business, or association to not disclose the personally
identifiable information of the at-risk individual or
immediate family.
(C) Exceptions.--The restriction in subparagraph
(B) shall not apply to--
(i) the display on the internet of the
personally identifiable information of an at-
risk individual or immediate family if the
information is relevant to and displayed as
part of a news story, commentary, editorial, or
other speech on a matter of public concern;
(ii) personally identifiable information
that the at-risk individual voluntarily
publishes on the internet after the date of
enactment of this Act; or
(iii) personally identifiable information
received from a Federal Government source (or
from an employee or agent of the Federal
Government).
(2) Required conduct.--
(A) In general.--After a person, business, or
association has received a written request from an at-
risk individual to protect personally identifiable
information of the at-risk individual or immediate
family, that person, business, or association shall--
(i) remove within 72 hours the personally
identifiable information from the internet and
ensure that the information is not made
available on any website or subsidiary website
controlled by that person, business, or
association; and
(ii) ensure that the personally
identifiable information of the at-risk
individual or immediate family is not made
available on any website or subsidiary website
controlled by that person, business, or
association.
(B) Transfer.--After receiving an at-risk
individual's written request, no person, business, or
association shall transfer the personally identifiable
information of the at-risk individual or immediate
family to any other person, business, or association
through any medium, except where the at-risk
individual's or immediate family member's personally
identifiable information is relevant to and displayed
as part of a news story, commentary, editorial, or
other speech on a matter of public concern. The
restriction on transfer shall also not apply to
personally identifiable information that the at-risk
individual or immediate family voluntarily publishes on
the internet after the date of enactment of this Act.
(d) Delegation of Authority.--
(1) In general.--Upon written request of the at-risk
individual, the Director of the Administrative Office of the
United States Courts is authorized to make any notice or
request required or authorized by this section on behalf of the
at-risk individual. The Director may delegate this authority
under section 602(d) of title 28, United States Code. Any
notice or request made under this subsection shall be deemed to
have been made by the at-risk individual and compliant with the
notice and request requirements of this section.
(2) List.--In lieu of individual notices or requests, the
Director may provide government agencies, State and local
governments, data brokers, persons, businesses, or associations
with a list of at-risk individuals and their immediate family
for the purpose of maintaining compliance with this section.
Such list shall be deemed to comply with individual notice and
request requirements of this section.
(e) Redress and Penalties.--
(1) In general.--An at-risk individual or immediate family
member whose personally identifiable information is made public
as a result of a violation of this Act may bring an action
seeking injunctive or declaratory relief in any court of
competent jurisdiction. If the court grants injunctive or
declaratory relief, the person, business, or association
responsible for the violation shall be required to pay the at-
risk individual's or immediate family member's costs and
reasonable attorney's fees.
(2) Penalties and damages.--Upon a knowing and willful
violation of any order granting injunctive or declarative
relief obtained pursuant to this subsection, the court issuing
such order may--
(A) if the violator is a public entity, impose a
fine not exceeding $4,000 and require the payment of
court costs and reasonable attorney's fees;
(B) if the violator is a person, business,
association, or private agency, award damages to the
affected at-risk individual or immediate family in an
amount up to a maximum of 3 times the actual damages,
but not less than $10,000, and require the payment of
court costs and reasonable attorney's fees.
SEC. 6. TRAINING AND EDUCATION.
There is authorized to be appropriated to the Federal judiciary
such sums as may be necessary for biannual judicial security training
for active, senior, or recalled Federal judges and their immediate
family, including--
(1) best practices for using social media and other forms
of online engagement and for maintaining online privacy;
(2) home security program and maintenance;
(3) understanding removal programs and requirements for
personally identifiable information;
(4) any other judicial security training that the United
States Marshals Services and the Administrative Office of the
United States Courts determines is relevant.
SEC. 7. VULNERABILITY MANAGEMENT CAPABILITY.
(a) Authorization.--
(1) Vulnerability management capability.--The Federal
judiciary is authorized to perform all necessary functions
consistent with the provisions of this Act, and to support
existing threat management capabilities within the United
States Marshals Service and other relevant Federal law
enforcement and security agencies. Such functions may include--
(A) monitor the protection of at-risk individuals
and judiciary assets;
(B) manage the monitoring of websites for
personally identifiable information of at-risk
individuals or immediate family and remove or limit the
publication of such information; and
(C) receive, review, and analyze complaints by at-
risk individuals of threats, whether direct or
indirect, and report to law enforcement partners.
(2) Technical and conforming amendment.--Section 604(a) of
title 28, United States Code is amended--
(A) in paragraph (23), by striking ``and'' at the
end;
(B) by redesignating paragraph (24) as paragraph
(25);
(C) by inserting after paragraph 23 the following:
``(24) Establish and administer a vulnerability management
program in the judicial branch; and''.
(b) Expansion of Capabilities of Office of Protective
Intelligence.--There is authorized to be appropriated such sums as may
be necessary to the United States Marshals Service to expand the
current capabilities of the Office of Protective Intelligence of the
Judicial Security Division to increase the workforce of the Office of
Protective Intelligence to include additional intelligence analysts,
United States deputy marshals, and any other relevant personnel to
ensure that the Office of Protective Intelligence is ready and able to
perform all necessary functions, consistent with the provisions of this
Act, in order to anticipate and deter threats to the judiciary,
including--
(1) assigning personnel to State and major urban area
fusion and intelligence centers for the specific purpose of
identifying potential threats against the judiciary, and
coordination of responses to potential threats;
(2) expanding the use of investigative analysts, physical
security specialists, and intelligence analysts at the 94
judicial districts and territories to enhance the management of
local and distant threats and investigations; and
(3) increasing the number of United States Marshal Service
personnel for the protection of the judicial function and
assigned to protective operations and details for the
judiciary.
(c) Report.--
(1) In general.--Not later than one year after the date of
enactment of this Act, the Department of Justice, in
consultation with the Administrative Office of the United
States Courts, shall submit to the Committee on the Judiciary
of the Senate and the Committee on the Judiciary of the House
of Representatives a report on the security of Federal judges
arising from the Federal prosecutions and civil litigation.
(2) Description.--The report required under paragraph (1)
shall describe--
(A) the number and nature of threats and assaults
against at-risk individuals handling prosecutions and
other matters described in paragraph (1) and the
reporting requirements and methods;
(B) the security measures that are in place to
protect the at-risk individuals handling prosecutions
described in paragraph (1), including threat
assessments, response procedures, availability of
security systems and other devices, firearms licensing
such as deputations, and other measures designed to
protect the at-risk individuals and immediate family of
an at-risk individual; and
(C) for each requirement, measure, or policy
described in subparagraphs (A) and (B), when the
requirement, measure, or policy was developed and who
was responsible for developing and implementing the
requirement, measure, or policy.
SEC. 8. SEVERABILITY.
If any provision of this Act or the application of such provision
to any person or circumstance is held to be unconstitutional, the
remainder of this Act and the application of such provision to any
person or circumstance shall not be affected thereby.
SEC. 9. EFFECTIVE DATE.
This Act shall take effect upon the date of enactment of this Act,
except for subsections (b)(1), (c), and (e) of section 5, which shall
take effect on the date that is 120 days after the date of enactment of
this Act.
<all>