[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[S. 2340 Reported in Senate (RS)]
<DOC>
Calendar No. 190
117th CONGRESS
1st Session
S. 2340
To improve the safety and security of the Federal judiciary.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
July 14, 2021
Mr. Menendez (for himself, Mr. Booker, Mr. Graham, Mr. Durbin, Mr.
Kennedy, Mrs. Feinstein, Ms. Klobuchar, Mr. Coons, Mr. Blumenthal, Ms.
Hirono, Mr. Padilla, Mr. Grassley, and Mr. Cruz) introduced the
following bill; which was read twice and referred to the Committee on
the Judiciary
December 16, 2021
Reported by Mr. Durbin, with an amendment
[Strike out all after the enacting clause and insert the part printed
in italic]
_______________________________________________________________________
A BILL
To improve the safety and security of the Federal judiciary.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
<DELETED>SECTION 1. SHORT TITLE.</DELETED>
<DELETED> This Act may be cited as the ``Daniel Anderl Judicial
Security and Privacy Act of 2021''.</DELETED>
<DELETED>SEC. 2. PURPOSE; RULES OF CONSTRUCTION.</DELETED>
<DELETED> (a) Purpose.--The purpose of this Act is to improve the
safety and security of Federal judges, including senior, recalled, or
retired Federal judges, and their immediate family, to ensure Federal
judges are able to administer justice fairly without fear of personal
reprisal from individuals affected by the decisions they make in the
course of carrying out their public duties.</DELETED>
<DELETED> (b) Rules of Construction.--</DELETED>
<DELETED> (1) In general.--Nothing in this Act shall be
construed--</DELETED>
<DELETED> (A) to prohibit, restrain, or limit--
</DELETED>
<DELETED> (i) the lawful investigation or
reporting by the press of any unlawful activity
or misconduct alleged to have been committed by
an at-risk individual or their immediate
family; or</DELETED>
<DELETED> (ii) the reporting on an at-risk
individual or their immediate family regarding
matters of public concern;</DELETED>
<DELETED> (B) to impair access to decisions and
opinions from a Federal judge in the course of carrying
out their public functions; or</DELETED>
<DELETED> (C) to limit the publication or transfer
of personally identifiable information that the at-risk
individual or their immediate family member voluntarily
publishes on the internet after the date of enactment
of this Act.</DELETED>
<DELETED> (2) Protection of personally identifiable
information.--This Act shall be broadly construed to favor the
protection of the personally identifiable information of at-
risk individuals and their immediate family.</DELETED>
<DELETED>SEC. 3. FINDINGS.</DELETED>
<DELETED> Congress finds the following:</DELETED>
<DELETED> (1) Members of the Federal judiciary perform the
important function of interpreting our Constitution and
administering justice in a fair and impartial manner.</DELETED>
<DELETED> (2) In recent years, partially as a result of the
rise in the use of social media and online access to
information, members of the Federal judiciary have been exposed
to an increased number of personal threats in connection to
their role. The ease of access to free or inexpensive sources
of personally identifiable information has considerably lowered
the effort required for malicious actors to discover where
individuals live, where they spend leisure hours, and to find
information about their family members. Such threats have
included calling a judge a traitor with references to mass
shootings and serial killings, calling for an ``angry mob'' to
gather outside a judge's home and, in reference to a United
States courts of appeals judge, stating how easy it would be to
``get them.''</DELETED>
<DELETED> (3) Between 2015 and 2019, threats and other
inappropriate communications against Federal judges and other
judiciary personnel increased from 926 in 2015 to approximately
4,449 in 2019.</DELETED>
<DELETED> (4) Over the past decade, several members of the
Federal judiciary have experienced acts of violence against
themselves or a family member in connection to their Federal
judiciary role, including the murder of the family of United
States District Judge for the Northern District of Illinois
Joan Lefkow in 2005.</DELETED>
<DELETED> (5) On Sunday July 19, 2020, an assailant went to
the home of Esther Salas, a judge for the United States
District Court for the District of New Jersey, impersonating a
package delivery driver, opening fire upon arrival, and killing
Daniel Anderl, the 20-year-old only son of Judge Salas, and
seriously wounding Mark Anderl, her husband.</DELETED>
<DELETED> (6) In the aftermath of the recent tragedy that
occurred to Judge Salas and in response to the continuous rise
of threats against members of the Federal judiciary, there is
an immediate need for enhanced security procedures and
increased availability of tools to protect Federal judges and
their families.</DELETED>
<DELETED>SEC. 4. DEFINITIONS.</DELETED>
<DELETED> In this Act:</DELETED>
<DELETED> (1) At-risk individual.--The term ``at-risk
individual'' means--</DELETED>
<DELETED> (A) a Federal judge; or</DELETED>
<DELETED> (B) a senior, recalled, or retired Federal
judge</DELETED>
<DELETED> (2) Data broker.--</DELETED>
<DELETED> (A) In general.--The term ``data broker''
means a business or commercial entity when it is
engaged in collecting, assembling, or maintaining
personal information concerning an individual who is
not a customer, client, or an employee of that entity
in order to sell the information or otherwise profit
from providing third party access to the
information.</DELETED>
<DELETED> (B) Exclusion.--The following activities
conducted by a business or commercial entity, and the
collection and sale or licensing of personally
identifiable information incidental to conducting these
activities do not qualify the entity as a data
broker:</DELETED>
<DELETED> (i) Engaging in reporting,
newsgathering, speaking, or other activities
intended to inform the public on matters of
public interest or public concern.</DELETED>
<DELETED> (ii) Providing 411 directory
assistance or directory information services,
including name, address, and telephone number,
on behalf of or as a function of a
telecommunications carrier.</DELETED>
<DELETED> (iii) Utilizing personal
information internally, providing access to
businesses under common ownership or affiliated
by corporate control, or selling or providing
data for a transaction or service requested by
or concerning the individual whose personal
information is being transferred.</DELETED>
<DELETED> (iv) Providing publicly available
information via real-time or near-real-time
alert services for health or safety
purposes.</DELETED>
<DELETED> (v) A consumer reporting agency to
the extent that it is covered by the Federal
Fair Credit Reporting Act (15 U.S.C. 1681 et
seq.).</DELETED>
<DELETED> (vi) A financial institution to
the extent that it is covered by the Gramm-
Leach-Bliley Act (Public Law 106-102) and
implementing regulations.</DELETED>
<DELETED> (vii) An entity to the extent that
it is covered by the Health Insurance
Portability and Accountability Act (Public Law
104-191).</DELETED>
<DELETED> (3) Federal judge.--The term ``Federal judge''
means--</DELETED>
<DELETED> (A) a justice or judge of the United
States, as those terms are defined in section 451 of
title 28, United States Code;</DELETED>
<DELETED> (B) a bankruptcy judge appointed under
section 152 of title 28, United States Code;</DELETED>
<DELETED> (C) a United States magistrate judge
appointed under section 631 of title 28, United States
Code;</DELETED>
<DELETED> (D) a judge confirmed by the United States
Senate and empowered by statute in any commonwealth,
territory, or possession to perform the duties of a
Federal judge; and</DELETED>
<DELETED> (E) a judge of the United States Court of
Federal Claims appointed under section 171 of title 28,
United States Code.</DELETED>
<DELETED> (4) Government agency.--The term ``Government
agency'' means any department enumerated in section 1 of title
5 of the United States Code, independent establishment,
commission, administration, authority, board or bureau of the
United States or any corporation in which the United States has
a proprietary interest. The term includes all such
institutions, offices, and any other bodies politic and
corporate of the United States Government created by the
constitution or statute, whether in the executive, judicial, or
legislative branch; all units and corporate outgrowths created
by Executive order of the President or any constitutional
officer, by the Supreme Court of the United States, or by
resolution of the United States Congress.</DELETED>
<DELETED> (5) Immediate family.--The term ``immediate
family'' means a spouse, child, parent, or any other familial
relative of an at-risk individual whose permanent residence is
the same as the at-risk individual.</DELETED>
<DELETED> (6) Personally identifiable information.--The term
``personally identifiable information'' means--</DELETED>
<DELETED> (A) a home address, including primary
residence or secondary residences;</DELETED>
<DELETED> (B) a home or personal mobile telephone
number, or the direct telephone number of a Government-
issued cell phone or private extension in the chambers
of an at-risk individual;</DELETED>
<DELETED> (C) a personal email address;</DELETED>
<DELETED> (D) the social security number, driver's
license number, or home address displayed on voter
registration information;</DELETED>
<DELETED> (E) a bank account or credit or debit card
information;</DELETED>
<DELETED> (F) home or other address displayed on
property tax records or held by a Federal, State, or
local government agency of an at-risk individual,
including a secondary residence and any investment
property at which an at-risk individual resides for
part of a year;</DELETED>
<DELETED> (G) license plate number or home address
displayed on vehicle registration
information;</DELETED>
<DELETED> (H) identification of children of an at-
risk individual under the age of 18;</DELETED>
<DELETED> (I) full date of birth;</DELETED>
<DELETED> (J) a photograph of any vehicle that
legibly displays the license plate or a photograph of a
residence that legibly displays the residence
address;</DELETED>
<DELETED> (K) the name and address of a school or
day care facility attended by immediate family;
or</DELETED>
<DELETED> (L) the name and address of an employer of
immediate family.</DELETED>
<DELETED> (7) Social media.--The term ``social media'' means
any online electronic medium, a live-chat system, or an
electronic dating service--</DELETED>
<DELETED> (A) that primarily serves as a medium for
users to interact with content generated by other
third-party users of the medium;</DELETED>
<DELETED> (B) that enables users to create accounts
or profiles specific to the medium or to import
profiles from another medium; and</DELETED>
<DELETED> (C) that enables one or more users to
generate content that can be viewed by other third-
party users of the medium.</DELETED>
<DELETED> (8) Transfer.--The term ``transfer'' means to
sell, license, trade, or exchange for consideration the
personally identifiable information of an at-risk individual or
immediate family.</DELETED>
<DELETED>SEC. 5. PROTECTING PERSONALLY IDENTIFIABLE INFORMATION IN
PUBLIC RECORDS.</DELETED>
<DELETED> (a) Government Agencies.--</DELETED>
<DELETED> (1) In general.--Each at-risk individual may--
</DELETED>
<DELETED> (A) file written notice of the status of
the individual as an at-risk individual, for themselves
and immediate family, to each Government agency;
and</DELETED>
<DELETED> (B) ask each Government agency described
in subparagraph (A) to mark as private their personally
identifiable information and that of their immediate
family.</DELETED>
<DELETED> (2) No public posting.--Government agencies shall
not publicly post or display publicly available content that
includes personally identifiable information of an at-risk
individual or immediate family. Government agencies, upon
receipt of a written request in accordance with subsection
(a)(1)(A) of this section, shall remove the personally
identifiable information of the at-risk individual or immediate
family from publicly available content within 72
hours.</DELETED>
<DELETED> (3) Exceptions.--Nothing in this section shall
prohibit a Government agency from providing access to records
containing judges' personally identifiable information to a
third party if the third party possesses a signed release from
the judge or a court order, the entity is already subject to
the requirements of title V of the Gramm-Leach-Bliley Act (15
U.S.C. 6801 et seq.), or the third party executes a
confidentiality agreement with the Government agency.</DELETED>
<DELETED> (b) State and Local Governments.--</DELETED>
<DELETED> (1) Grant program to prevent disclosure of
personal information of at-risk individuals or immediate
family.--</DELETED>
<DELETED> (A) Authorization.--The Attorney General
shall make grants to prevent the release of personally
identifiable information of at-risk individuals and
immediate family (in this subsection referred to as
``judges' personally identifiable information'') to the
detriment of such individuals or their families to an
entity that--</DELETED>
<DELETED> (i) is--</DELETED>
<DELETED> (I) a State or unit of
local government (as such terms are
defined in section 901 of the Omnibus
Crime Control and Safe Streets Act of
1968 (34 U.S.C. 10251)); or</DELETED>
<DELETED> (II) an agency of a State
or unit of local government;
and</DELETED>
<DELETED> (ii) operates a State or local
database or registry that contains personally
identifiable information.</DELETED>
<DELETED> (B) Application.--An eligible entity
seeking a grant under this section shall submit to the
Attorney General an application at such time, in such
manner, and containing such information as the Attorney
General may reasonably require.</DELETED>
<DELETED> (2) Authorization of appropriations.--There is
authorized to be appropriated such sums as may be necessary to
provide grants to entities described in paragraph (1) to create
or expand programs designed to protect judges' personally
identifiable information, including through--</DELETED>
<DELETED> (A) the creation of programs to redact or
remove judges' personally identifiable information,
upon the request of an at-risk individual, from public
records in state agencies; these efforts may include
but are not limited to hiring a third party to redact
or remove judges' personally identifiable information
from public records;</DELETED>
<DELETED> (B) the expansion of existing programs
that the State may have enacted in an effort to protect
judges' personally identifiable information;</DELETED>
<DELETED> (C) the development or improvement of
protocols, procedures, and policies to prevent the
release of judges' personally identifiable
information;</DELETED>
<DELETED> (D) the defrayment of costs of modifying
or improving existing databases and registries to
ensure that judges' personally identifiable information
is protected from release; and</DELETED>
<DELETED> (E) the development of confidential opt
out systems that will enable at-risk individuals to
make a single request to keep judges' personally
identifiable information out of multiple databases or
registries.</DELETED>
<DELETED> (3) Report.--</DELETED>
<DELETED> (A) In general.--Not later than 1 year
after the date of enactment of this Act, and biennially
thereafter, the Comptroller General of the United
States, shall submit to the Committee on the Judiciary
of the Senate and the Committee on the Judiciary of the
House of Representatives an annual report that
includes--</DELETED>
<DELETED> (i) a detailed amount spent by
States and local governments on protection of
judges' personally identifiable information;
and</DELETED>
<DELETED> (ii) where the judges' personally
identifiable information was found.</DELETED>
<DELETED> (B) States and local governments.--States
and local governments that receive funds under this
section shall submit to the Comptroller General a
report on data described in clauses (i) and (ii) of
subparagraph (A) to be included in the report required
under that subparagraph.</DELETED>
<DELETED> (c) Data Brokers and Other Businesses.--</DELETED>
<DELETED> (1) Prohibition.--</DELETED>
<DELETED> (A) Data brokers.--It shall be unlawful
for a data broker to knowingly sell, license, trade for
consideration, or purchase personally identifiable
information of an at-risk individual or immediate
family.</DELETED>
<DELETED> (B) Other businesses.--No person,
business, or association shall publicly post or
publicly display on the internet personally
identifiable information of an at-risk individual or
immediate family if the at-risk individual has made a
written request of that person, business, or
association to not disclose the personally identifiable
information of the at-risk individual or immediate
family.</DELETED>
<DELETED> (C) Exceptions.--The restriction in
subparagraph (B) shall not apply to--</DELETED>
<DELETED> (i) the display on the internet of
the personally identifiable information of an
at-risk individual or immediate family if the
information is relevant to and displayed as
part of a news story, commentary, editorial, or
other speech on a matter of public
concern;</DELETED>
<DELETED> (ii) personally identifiable
information that the at-risk individual
voluntarily publishes on the internet after the
date of enactment of this Act; or</DELETED>
<DELETED> (iii) personally identifiable
information received from a Federal Government
source (or from an employee or agent of the
Federal Government).</DELETED>
<DELETED> (2) Required conduct.--</DELETED>
<DELETED> (A) In general.--After a person, business,
or association has received a written request from an
at-risk individual to protect personally identifiable
information of the at-risk individual or immediate
family, that person, business, or association shall--
</DELETED>
<DELETED> (i) remove within 72 hours the
personally identifiable information from the
internet and ensure that the information is not
made available on any website or subsidiary
website controlled by that person, business, or
association; and</DELETED>
<DELETED> (ii) ensure that the personally
identifiable information of the at-risk
individual or immediate family is not made
available on any website or subsidiary website
controlled by that person, business, or
association.</DELETED>
<DELETED> (B) Transfer.--After receiving an at-risk
individual's written request, no person, business, or
association shall transfer the personally identifiable
information of the at-risk individual or immediate
family to any other person, business, or association
through any medium, except where the at-risk
individual's or immediate family member's personally
identifiable information is relevant to and displayed
as part of a news story, commentary, editorial, or
other speech on a matter of public concern. The
restriction on transfer shall also not apply to
personally identifiable information that the at-risk
individual or immediate family voluntarily publishes on
the internet after the date of enactment of this
Act.</DELETED>
<DELETED> (d) Delegation of Authority.--</DELETED>
<DELETED> (1) In general.--Upon written request of the at-
risk individual, the Director of the Administrative Office of
the United States Courts is authorized to make any notice or
request required or authorized by this section on behalf of the
at-risk individual. The Director may delegate this authority
under section 602(d) of title 28, United States Code. Any
notice or request made under this subsection shall be deemed to
have been made by the at-risk individual and compliant with the
notice and request requirements of this section.</DELETED>
<DELETED> (2) List.--In lieu of individual notices or
requests, the Director may provide Government agencies, State
and local governments, data brokers, persons, businesses, or
associations with a list of at-risk individuals and their
immediate family for the purpose of maintaining compliance with
this section. Such list shall be deemed to comply with
individual notice and request requirements of this
section.</DELETED>
<DELETED> (e) Redress and Penalties.--</DELETED>
<DELETED> (1) In general.--An at-risk individual or
immediate family member whose personally identifiable
information is made public as a result of a violation of this
Act may bring an action seeking injunctive or declaratory
relief in any court of competent jurisdiction. If the court
grants injunctive or declaratory relief, the person, business,
or association responsible for the violation shall be required
to pay the at-risk individual's or immediate family member's
costs and reasonable attorney's fees.</DELETED>
<DELETED> (2) Penalties and damages.--Upon a knowing and
willful violation of any order granting injunctive or
declarative relief obtained pursuant to this subsection, the
court issuing such order may--</DELETED>
<DELETED> (A) if the violator is a public entity,
impose a fine not exceeding $4,000 and require the
payment of court costs and reasonable attorney's
fees;</DELETED>
<DELETED> (B) if the violator is a person, business,
association, or private agency, award damages to the
affected at-risk individual or immediate family in an
amount up to a maximum of 3 times the actual damages,
but not less than $10,000, and require the payment of
court costs and reasonable attorney's fees.</DELETED>
<DELETED>SEC. 6. TRAINING AND EDUCATION.</DELETED>
<DELETED> There is authorized to be appropriated to the Federal
judiciary such sums as may be necessary for biannual judicial security
training for active, senior, or recalled Federal judges and their
immediate family, including--</DELETED>
<DELETED> (1) best practices for using social media and
other forms of online engagement and for maintaining online
privacy;</DELETED>
<DELETED> (2) home security program and
maintenance;</DELETED>
<DELETED> (3) understanding removal programs and
requirements for personally identifiable information;</DELETED>
<DELETED> (4) any other judicial security training that the
United States Marshals Services and the Administrative Office
of the United States Courts determines is relevant.</DELETED>
<DELETED>SEC. 7. VULNERABILITY MANAGEMENT CAPABILITY.</DELETED>
<DELETED> (a) Authorization.--</DELETED>
<DELETED> (1) Vulnerability management capability.--The
Federal judiciary is authorized to perform all necessary
functions consistent with the provisions of this Act, and to
support existing threat management capabilities within the
United States Marshals Service and other relevant Federal law
enforcement and security agencies. Such functions may include--
</DELETED>
<DELETED> (A) monitor the protection of at-risk
individuals and judiciary assets;</DELETED>
<DELETED> (B) manage the monitoring of websites for
personally identifiable information of at-risk
individuals or immediate family and remove or limit the
publication of such information; and</DELETED>
<DELETED> (C) receive, review, and analyze
complaints by at-risk individuals of threats, whether
direct or indirect, and report to law enforcement
partners.</DELETED>
<DELETED> (2) Technical and conforming amendment.--Section
604(a) of title 28, United States Code is amended--</DELETED>
<DELETED> (A) in paragraph (23), by striking ``and''
at the end;</DELETED>
<DELETED> (B) by redesignating paragraph (24) as
paragraph (25);</DELETED>
<DELETED> (C) by inserting after paragraph 23 the
following:</DELETED>
<DELETED> ``(24) Establish and administer a vulnerability
management program in the judicial branch; and''.</DELETED>
<DELETED> (b) Expansion of Capabilities of Office of Protective
Intelligence.--There is authorized to be appropriated such sums as may
be necessary to the United States Marshals Service to expand the
current capabilities of the Office of Protective Intelligence of the
Judicial Security Division to increase the workforce of the Office of
Protective Intelligence to include additional intelligence analysts,
United States deputy marshals, and any other relevant personnel to
ensure that the Office of Protective Intelligence is ready and able to
perform all necessary functions, consistent with the provisions of this
Act, in order to anticipate and deter threats to the judiciary,
including--</DELETED>
<DELETED> (1) assigning personnel to State and major urban
area fusion and intelligence centers for the specific purpose
of identifying potential threats against the judiciary, and
coordination of responses to potential threats.</DELETED>
<DELETED> (2) expanding the use of investigative analysts,
physical security specialists, and intelligence analysts at the
94 judicial districts and territories to enhance the management
of local and distant threats and investigations; and</DELETED>
<DELETED> (3) increasing the number of United States Marshal
Service personnel for the protection of the judicial function
and assigned to protective operations and details for the
judiciary.</DELETED>
<DELETED> (c) Report.--</DELETED>
<DELETED> (1) In general.--Not later than one year after the
date of enactment of this Act, the Department of Justice, in
consultation with the Administrative Office of the United
States Courts, shall submit to the Committee on the Judiciary
of the Senate and the Committee on the Judiciary of the House
of Representatives a report on the security of Federal judges
arising from the Federal prosecutions and civil
litigation.</DELETED>
<DELETED> (2) Description.--The report required under
paragraph (1) shall describe--</DELETED>
<DELETED> (A) the number and nature of threats and
assaults against at-risk individuals handling
prosecutions and other matters described in paragraph
(1) and the reporting requirements and
methods;</DELETED>
<DELETED> (B) the security measures that are in
place to protect the at-risk individuals handling
prosecutions described in paragraph (1), including
threat assessments, response procedures, availability
of security systems and other devices, firearms
licensing such as deputations, and other measures
designed to protect the at-risk individuals and
immediate family of an at-risk individual;
and</DELETED>
<DELETED> (C) for each requirement, measure, or
policy described in subparagraphs (A) and (B), when the
requirement, measure, or policy was developed and who
was responsible for developing and implementing the
requirement, measure, or policy.</DELETED>
<DELETED>SEC. 8. SEVERABILITY.</DELETED>
<DELETED> If any provision of this Act or the application of such
provision to any person or circumstance is held to be unconstitutional,
the remainder of this Act and the application of such provision to any
person or circumstance shall not be affected thereby.</DELETED>
<DELETED>SEC. 9. EFFECTIVE DATE.</DELETED>
<DELETED> This Act shall take effect upon the date of enactment of
this Act, except for subsections (b)(1), (c), and (e) of section 5,
which shall take effect on the date that is 120 days after the date of
enactment of this Act.</DELETED>
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Daniel Anderl Judicial Security and
Privacy Act of 2021''.
SEC. 2. FINDINGS AND PURPOSE.
(a) Findings.--Congress finds the following:
(1) Members of the Federal judiciary perform the important
function of interpreting the Constitution of the United States
and administering justice in a fair and impartial manner.
(2) In recent years, partially as a result of the rise in
the use of social media and online access to information,
members of the Federal judiciary have been exposed to an
increased number of personal threats in connection to their
role. The ease of access to free or inexpensive sources of
covered information has considerably lowered the effort
required for malicious actors to discover where individuals
live and where they spend leisure hours and to find information
about their family members. Such threats have included calling
a judge a traitor with references to mass shootings and serial
killings, calling for an ``angry mob'' to gather outside a home
of a judge and, in reference to a judge on the court of appeals
of the United States, stating how easy it would be to ``get
them''.
(3) Between 2015 and 2019, threats and other inappropriate
communications against Federal judges and other judiciary
personnel increased from 926 in 2015 to approximately 4,449 in
2019.
(4) Over the past decade, several members of the Federal
judiciary have experienced acts of violence against themselves
or a family member in connection to their Federal judiciary
role, including the murder in 2005 of the family of Joan
Lefkow, a judge for the United States District Court for the
Northern District of Illinois.
(5) On Sunday July 19, 2020, an assailant went to the home
of Esther Salas, a judge for the United States District Court
for the District of New Jersey, impersonating a package
delivery driver, opening fire upon arrival, and killing Daniel
Anderl, the 20-year-old only son of Judge Salas, and seriously
wounding Mark Anderl, her husband.
(6) In the aftermath of the recent tragedy that occurred to
Judge Salas and in response to the continuous rise of threats
against members of the Federal judiciary, there is an immediate
need for enhanced security procedures and increased
availability of tools to protect Federal judges and their
families.
(b) Purpose.--The purpose of this Act is to improve the safety and
security of Federal judges, including senior, recalled, or retired
Federal judges, and their immediate family to ensure Federal judges are
able to administer justice fairly without fear of personal reprisal
from individuals affected by the decisions they make in the course of
carrying out their public duties.
SEC. 3. DEFINITIONS.
In this Act:
(1) At-risk individual.--The term ``at-risk individual''
means--
(A) a Federal judge; or
(B) a senior, recalled, or retired Federal judge.
(2) Covered information.--The term ``covered information''
means--
(A) a home address, including primary residence or
secondary residences;
(B) a home or personal mobile telephone number, or
the direct telephone number of a Government-issued cell
phone or private extension in the chambers of an at-
risk individual;
(C) a personal email address;
(D) the social security number, driver's license
number, or home address displayed on voter registration
information;
(E) a bank account or credit or debit card
information;
(F) the home or other address displayed on property
tax records or held by a Federal, State, or local
government agency of an at-risk individual, including a
secondary residence and any investment property at
which an at-risk individual resides for part of a year;
(G) a license plate number or home address
displayed on vehicle registration information;
(H) the identification of children of an at-risk
individual under the age of 18;
(I) the full date of birth;
(J) a photograph of any vehicle that legibly
displays the license plate or a photograph of a
residence that legibly displays the address of the
residence;
(K) the name and address of a school or day care
facility attended by immediate family; or
(L) the name and address of an employer of
immediate family.
(3) Data broker.--
(A) In general.--The term ``data broker'' means a
commercial entity engaged in collecting, assembling, or
maintaining personal information concerning an
individual who is not a customer, client, or an
employee of that entity in order to sell the
information or otherwise profit from providing third-
party access to the information.
(B) Exclusion.--The term ``data broker'' does not
include a commercial entity engaged in the following
activities:
(i) Engaging in reporting, news-gathering,
speaking, or other activities intended to
inform the public on matters of public interest
or public concern.
(ii) Providing 411 directory assistance or
directory information services, including name,
address, and telephone number, on behalf of or
as a function of a telecommunications carrier.
(iii) Using personal information
internally, providing access to businesses
under common ownership or affiliated by
corporate control, or selling or providing data
for a transaction or service requested by or
concerning the individual whose personal
information is being transferred.
(iv) Providing publicly available
information via real-time or near-real-time
alert services for health or safety purposes.
(v) A consumer reporting agency subject to
the Fair Credit Reporting Act (15 U.S.C. 1681
et seq.).
(vi) A financial institution to subject to
the Gramm-Leach-Bliley Act (Public Law 106-102)
and regulations implementing that Act.
(vii) A covered entity for purposes of the
privacy regulations promulgated under section
264(c) of the Health Insurance Portability and
Accountability Act of 1996 (42 U.S.C. 1320d-2
note).
(viii) The collection and sale or licensing
of covered information incidental to conducting
the activities described in clauses (i) through
(vii).
(4) Federal judge.--The term ``Federal judge'' means--
(A) a justice of the United States or a judge of
the United States, as those terms are defined in
section 451 of title 28, United States Code;
(B) a bankruptcy judge appointed under section 152
of title 28, United States Code;
(C) a United States magistrate judge appointed
under section 631 of title 28, United States Code;
(D) a judge confirmed by the United States Senate
and empowered by statute in any commonwealth,
territory, or possession to perform the duties of a
Federal judge;
(E) a judge of the United States Court of Federal
Claims appointed under section 171 of title 28, United
States Code;
(F) a judge of the United States Court of Appeals
for Veterans Claims appointed under section 7253 of
title 38, United States Code;
(G) a judge of the United States Court of Appeals
for the Armed Forces appointed under section 942 of
title 10, United States Code;
(H) a judge of the United States Tax Court
appointed under section 7443 of the Internal Revenue
Code of 1986; and
(I) a special trial judge of the United States Tax
Court appointed under section 7443A of the Internal
Revenue Code of 1986.
(5) Government agency.--The term ``Government agency''
includes--
(A) an Executive agency, as defined in section 105
of title 5, United States Code; and
(B) any agency in the judicial branch or
legislative branch.
(6) Immediate family.--The term ``immediate family'' means
a spouse, child, or parent of an at-risk individual or any
other familial relative of an at-risk individual whose
permanent residence is the same as the at-risk individual.
(7) Social media.--The term ``social media'' means any
online electronic medium, a live-chat system, or an electronic
dating service--
(A) that primarily serves as a medium for users to
interact with content generated by other third-party
users of the medium;
(B) that enables users to create accounts or
profiles specific to the medium or to import profiles
from another medium; and
(C) that enables one or more users to generate
content that can be viewed by other third-party users
of the medium.
(8) Transfer.--The term ``transfer'' means to sell,
license, trade, or exchange for consideration the covered
information of an at-risk individual or immediate family.
SEC. 4. PROTECTING COVERED INFORMATION IN PUBLIC RECORDS.
(a) Government Agencies.--
(1) In general.--Each at-risk individual may--
(A) file written notice of the status of the
individual as an at-risk individual, for themselves and
immediate family, with each Government agency that
includes information necessary to ensure compliance
with this section, as determined by the Administrative
Office of the United States Courts; and
(B) request that each Government agency described
in subparagraph (A) mark as private their covered
information and that of their immediate family.
(2) No public posting.--Government agencies shall not
publicly post or display publicly available content that
includes covered information of an at-risk individual or
immediate family. Government agencies, upon receipt of a
written request under paragraph (1)(A), shall remove the
covered information of the at-risk individual or immediate
family from publicly available content not later than 72 hours
after such receipt.
(3) Exceptions.--Nothing in this section shall prohibit a
Government agency from providing access to records containing
the covered information of a Federal judge to a third party if
the third party--
(A) possesses a signed release from the Federal
judge or a court order;
(B) is subject to the requirements of title V of
the Gramm-Leach-Bliley Act (15 U.S.C. 6801 et seq.); or
(C) executes a confidentiality agreement with the
Government agency.
(b) Delegation of Authority.--
(1) In general.--
(A) Administrative office of the united states
courts.--Upon written request of an at-risk individual,
the Director of the Administrative Office of the United
States Courts is authorized to make any notice or
request required or authorized by this section on
behalf of the at-risk individual. The notice or request
shall include information necessary to ensure
compliance with this section, as determined by the
Administrative Office of the United States Courts. The
Director may delegate this authority under section
602(d) of title 28, United States Code. Any notice or
request made under this subsection shall be deemed to
have been made by the at-risk individual and comply
with the notice and request requirements of this
section.
(B) United states court of appeals for veterans
claims.--Upon written request of an at-risk individual
described in section 3(4)(F), the chief judge of the
United States Court of Appeals for Veterans Claims is
authorized to make any notice or request required or
authorized by this section on behalf of the at-risk
individual. Any notice or request made under this
subsection shall be deemed to have been made by the at-
risk individual and comply with the notice and request
requirements of this section.
(C) United states court of appeals for the armed
forces.--Upon written request of an at-risk individual
described in section 3(4)(G), the chief judge of the
United States Court of Appeals for the Armed Forces is
authorized to make any notice or request required or
authorized by this section on behalf of the at-risk
individual. Any notice or request made under this
subsection shall be deemed to have been made by the at-
risk individual and comply with the notice and request
requirements of this section.
(D) United states tax court.--Upon written request
of an at-risk individual described in subparagraph (H)
or (I) of section 3(4), the chief judge of the United
States Tax Court is authorized to make any notice or
request required or authorized by this section on
behalf of the at-risk individual. Any notice or request
made under this subsection shall be deemed to have been
made by the at-risk individual and comply with the
notice and request requirements of this section.
(2) List.--In lieu of individual notices or requests, the
Director of the Administrative Office of the United States
Courts, or a Federal judge described in subparagraph (F), (G),
(H), or (I) of section 3(4), as applicable, may provide
Government agencies, State and local governments, data brokers,
persons, businesses, or associations with a list of at-risk
individuals and their immediate family that includes
information necessary to ensure compliance with this section,
as determined by the Administrative Office of the United States
Courts for the purpose of maintaining compliance with this
section. Such list shall be deemed to comply with individual
notice and request requirements of this section.
(c) State and Local Governments.--
(1) Grant program to prevent disclosure of personal
information of at-risk individuals or immediate family.--
(A) Authorization.--The Attorney General may make
grants to prevent the release of covered information of
at-risk individuals and immediate family (in this
subsection referred to as ``judges' covered
information'') to the detriment of such individuals or
their families to an entity that--
(i) is--
(I) a State or unit of local
government, as defined in section 901
of title I of the Omnibus Crime Control
and Safe Streets Act of 1968 (34 U.S.C.
10251); or
(II) an agency of a State or unit
of local government; and
(ii) operates a State or local database or
registry that contains covered information.
(B) Application.--An entity seeking a grant under
this section shall submit to the Attorney General an
application at such time, in such manner, and
containing such information as the Attorney General may
reasonably require.
(2) Scope of grants.--Grants made under this subsection may
be used to create or expand programs designed to protect
judges' covered information, including through--
(A) the creation of programs to redact or remove
judges' covered information, upon the request of an at-
risk individual, from public records in State agencies,
including hiring a third party to redact or remove
judges' covered information from public records;
(B) the expansion of existing programs that the
State may have enacted in an effort to protect judges'
covered information;
(C) the development or improvement of protocols,
procedures, and policies to prevent the release of
judges' covered information;
(D) the defrayment of costs of modifying or
improving existing databases and registries to ensure
that judges' covered information is covered from
release; and
(E) the development of confidential opt out systems
that will enable at-risk individuals to make a single
request to keep judges' covered information out of
multiple databases or registries.
(3) Report.--
(A) In general.--Not later than 1 year after the
date of enactment of this Act, and biennially
thereafter, the Comptroller General of the United
States, shall submit to the Committee on the Judiciary
of the Senate and the Committee on the Judiciary of the
House of Representatives an annual report that
includes--
(i) a detailed amount spent by States and
local governments on protecting judges' covered
information;
(ii) where the judges' covered information
was found; and
(iii) the collection of any new types of
personal data found to be used to identify
judges who have received threats, including
prior home addresses, employers, and
institutional affiliations such as nonprofit
boards.
(B) States and local governments.--States and local
governments that receive funds under this section shall
submit to the Comptroller General of the United States
a report on data described in clauses (i) and (ii) of
subparagraph (A) to be included in the report required
under that subparagraph.
(d) Data Brokers and Other Businesses.--
(1) Prohibitions.--
(A) Data brokers.--It shall be unlawful for a data
broker to knowingly sell, license, trade for
consideration, or purchase covered information of an
at-risk individual or immediate family.
(B) Other businesses.--
(i) In general.--Except as provided in
clause (ii), no person, business, or
association shall publicly post or publicly
display on the internet covered information of
an at-risk individual or immediate family if
the at-risk individual has made a written
request to that person, business, or
association to not disclose the covered
information of the at-risk individual or
immediate family.
(ii) Exceptions.--Clause (i) shall not
apply to--
(I) the display on the internet of
the covered information of an at-risk
individual or immediate family if the
information is relevant to and
displayed as part of a news story,
commentary, editorial, or other speech
on a matter of public concern;
(II) covered information that the
at-risk individual voluntarily
publishes on the internet after the
date of enactment of this Act; or
(III) covered information received
from a Federal Government source (or
from an employee or agent of the
Federal Government).
(2) Required conduct.--
(A) In general.--After receiving a written request
under paragraph (1)(B), the person, business, or
association shall--
(i) remove within 72 hours the covered
information from the internet and ensure that
the information is not made available on any
website or subsidiary website controlled by
that person, business, or association; and
(ii) ensure that the covered information of
the at-risk individual or immediate family is
not made available on any website or subsidiary
website controlled by that person, business, or
association.
(B) Transfer.--
(i) In general.--Except as provided in
clause (ii), after receiving a written request
under paragraph (1)(B), the person, business,
or association shall not transfer the covered
information of the at-risk individual or
immediate family to any other person, business,
or association through any medium.
(ii) Exceptions.--Clause (i) shall not
apply to--
(I) the transfer of the covered
information of the at-risk individual
or immediate family if the information
is relevant to and displayed as part of
a news story, commentary, editorial, or
other speech on a matter of public
concern;
(II) covered information that the
at-risk individual or immediate family
voluntarily publishes on the internet
after the date of enactment of this
Act; or
(III) a transfer made at the
request of the at-risk individual or
that is necessary to effectuate a
request to the person, business, or
association from the at-risk
individual.
(e) Redress and Penalties.--
(1) In general.--An at-risk individual or their immediate
family whose covered information is made public as a result of
a violation of this Act may bring an action seeking injunctive
or declaratory relief in any court of competent jurisdiction.
If the court grants injunctive or declaratory relief, the
person, business, or association responsible for the violation
shall be required to pay the costs and reasonable attorney's
fees of the at-risk individual or immediate family, as
applicable.
(2) Penalties and damages.--If a person, business, or
association knowingly violates an order granting injunctive or
declarative relief under paragraph (1), the court issuing such
order may--
(A) if the person, business, or association is a
government agency--
(i) impose a fine not greater than $4,000;
and
(ii) award to the at-risk individual or
their immediate family, as applicable, court
costs and reasonable attorney's fees; and
(B) if the person, business, or association is not
a government agency, award to the at-risk individual or
their immediate family, as applicable--
(i) an amount equal to the actual damages
sustained by the at-risk individual or their
immediate family; and
(ii) court costs and reasonable attorney's
fees.
SEC. 5. TRAINING AND EDUCATION.
Amounts appropriated to the Federal judiciary for fiscal year 2022,
and each fiscal year thereafter, may be used for biannual judicial
security training for active, senior, or recalled Federal judges
described in subparagraph (A), (B), (C), (D), or (E) of section 3(4)
and their immediate family, including--
(1) best practices for using social media and other forms
of online engagement and for maintaining online privacy;
(2) home security program and maintenance;
(3) understanding removal programs and requirements for
covered information; and
(4) any other judicial security training that the United
States Marshals Services and the Administrative Office of the
United States Courts determines is relevant.
SEC. 6. VULNERABILITY MANAGEMENT CAPABILITY.
(a) Authorization.--
(1) Vulnerability management capability.--The Federal
judiciary is authorized to perform all necessary functions
consistent with the provisions of this Act and to support
existing threat management capabilities within the United
States Marshals Service and other relevant Federal law
enforcement and security agencies for Federal judges described
in subparagraphs (A), (B), (C), (D), and (E) of section 3(4),
including--
(A) monitoring the protection of at-risk
individuals and judiciary assets;
(B) managing the monitoring of websites for covered
information of at-risk individuals or immediate family
and remove or limit the publication of such
information;
(C) receiving, reviewing, and analyzing complaints
by at-risk individuals of threats, whether direct or
indirect, and report such threats to law enforcement
partners; and
(D) providing training described in section 5.
(2) Vulnerability management for certain article i
courts.--The functions and support authorized in paragraph (1)
shall be authorized as follows:
(A) The chief judge of the United States Court of
Appeals for Veterans Claims is authorized to perform
such functions and support for the Federal judges
described in section 3(4)(F).
(B) The United States Court of Appeals for the
Armed Forces is authorized to perform such functions
and support for the Federal judges described in section
3(4)(G).
(C) The United States Tax Court is authorized to
perform such functions and support for the Federal
judges described in subparagraphs (H) and (I) of
section 3(4).
(3) Technical and conforming amendment.--Section 604(a) of
title 28, United States Code is amended--
(A) in paragraph (23), by striking ``and'' at the
end;
(B) by redesignating paragraph (24) as paragraph
(25); and
(C) by inserting after paragraph (23) the
following:
``(24) Establish and administer a vulnerability management
program in the judicial branch; and''.
(b) Expansion of Capabilities of Office of Protective
Intelligence.--The United States Marshals Service is authorized to
expand the current capabilities of the Office of Protective
Intelligence of the Judicial Security Division to increase the
workforce of the Office of Protective Intelligence to include
additional intelligence analysts, United States deputy marshals, and
any other relevant personnel to ensure that the Office of Protective
Intelligence is ready and able to perform all necessary functions,
consistent with the provisions of this Act, in order to anticipate and
deter threats to the judiciary, including--
(1) assigning personnel to State and major urban area
fusion and intelligence centers for the specific purpose of
identifying potential threats against the judiciary and
coordinating responses to such potential threats;
(2) expanding the use of investigative analysts, physical
security specialists, and intelligence analysts at the 94
judicial districts and territories to enhance the management of
local and distant threats and investigations; and
(3) increasing the number of United States Marshal Service
personnel for the protection of the judicial function and
assigned to protective operations and details for the
judiciary.
(c) Report.--
(1) In general.--Not later than 1 year after the date of
enactment of this Act, the Department of Justice, in
consultation with the Administrative Office of the United
States Courts, the United States Court of Appeals for Veterans
Claims, the United States Court of Appeals for the Armed
Forces, and the United States Tax Court, shall submit to the
Committee on the Judiciary of the Senate and the Committee on
the Judiciary of the House of Representatives a report on the
security of Federal judges arising from Federal prosecutions
and civil litigation.
(2) Description.--The report required under paragraph (1)
shall describe--
(A) the number and nature of threats and assaults
against at-risk individuals handling prosecutions and
other matters described in paragraph (1) and the
reporting requirements and methods;
(B) the security measures that are in place to
protect at-risk individuals handling prosecutions
described in paragraph (1), including threat
assessments, response procedures, the availability of
security systems and other devices, firearms licensing
such as deputations, and other measures designed to
protect the at-risk individuals and their immediate
family; and
(C) for each requirement, measure, or policy
described in subparagraphs (A) and (B), when the
requirement, measure, or policy was developed and who
was responsible for developing and implementing the
requirement, measure, or policy.
SEC. 7. RULES OF CONSTRUCTION.
(a) In General.--Nothing in this Act shall be construed--
(1) to prohibit, restrain, or limit--
(A) the lawful investigation or reporting by the
press of any unlawful activity or misconduct alleged to
have been committed by an at-risk individual or their
immediate family; or
(B) the reporting on an at-risk individual or their
immediate family regarding matters of public concern;
(2) to impair access to decisions and opinions from a
Federal judge in the course of carrying out their public
functions;
(3) to limit the publication or transfer of covered
information that the at-risk individual or their immediate
family member voluntarily publishes on the internet after the
date of enactment of this Act; or
(4) to prohibit information sharing by a data broker to a
Federal, State, Tribal, or local government, or any unit
thereof.
(b) Protection of Covered Information.--This Act shall be broadly
construed to favor the protection of the covered information of at-risk
individuals and their immediate family.
SEC. 8. SEVERABILITY.
If any provision of this Act, an amendment made by this Act, or the
application of such provision or amendment to any person or
circumstance is held to be unconstitutional, the remainder of this Act
and the amendments made by this Act, and the application of the
remaining provisions of this Act and amendments to any person or
circumstance shall not be affected.
SEC. 9. EFFECTIVE DATE.
(a) In General.--Except as provided in subsection (b), this Act
shall take effect on the date of enactment of this Act.
(b) Exception.--Subsections (c)(1), (d), and (e) of section 4 shall
take effect on the date that is 120 days after the date of enactment of
this Act.
Calendar No. 190
117th CONGRESS
1st Session
S. 2340
_______________________________________________________________________
A BILL
To improve the safety and security of the Federal judiciary.
_______________________________________________________________________
December 16, 2021
Reported with an amendment