skip to main content

S. 2340: Daniel Anderl Judicial Security and Privacy Act of 2021


The text of the bill below is as of Dec 16, 2021 (Reported by Senate Committee).


II

Calendar No. 190

117th CONGRESS

1st Session

S. 2340

IN THE SENATE OF THE UNITED STATES

July 14, 2021

(for himself, Mr. Booker, Mr. Graham, Mr. Durbin, Mr. Kennedy, Mrs. Feinstein, Ms. Klobuchar, Mr. Coons, Mr. Blumenthal, Ms. Hirono, Mr. Padilla, Mr. Grassley, and Mr. Cruz) introduced the following bill; which was read twice and referred to the Committee on the Judiciary

December 16, 2021

Reported by , with an amendment

Strike out all after the enacting clause and insert the part printed in italic

A BILL

To improve the safety and security of the Federal judiciary.

1.

Short title

This Act may be cited as the Daniel Anderl Judicial Security and Privacy Act of 2021.

2.

Purpose; rules of construction

(a)

Purpose

The purpose of this Act is to improve the safety and security of Federal judges, including senior, recalled, or retired Federal judges, and their immediate family, to ensure Federal judges are able to administer justice fairly without fear of personal reprisal from individuals affected by the decisions they make in the course of carrying out their public duties.

(b)

Rules of construction

(1)

In general

Nothing in this Act shall be construed—

(A)

to prohibit, restrain, or limit—

(i)

the lawful investigation or reporting by the press of any unlawful activity or misconduct alleged to have been committed by an at-risk individual or their immediate family; or

(ii)

the reporting on an at-risk individual or their immediate family regarding matters of public concern;

(B)

to impair access to decisions and opinions from a Federal judge in the course of carrying out their public functions; or

(C)

to limit the publication or transfer of personally identifiable information that the at-risk individual or their immediate family member voluntarily publishes on the internet after the date of enactment of this Act.

(2)

Protection of personally identifiable information

This Act shall be broadly construed to favor the protection of the personally identifiable information of at-risk individuals and their immediate family.

3.

Findings

Congress finds the following:

(1)

Members of the Federal judiciary perform the important function of interpreting our Constitution and administering justice in a fair and impartial manner.

(2)

In recent years, partially as a result of the rise in the use of social media and online access to information, members of the Federal judiciary have been exposed to an increased number of personal threats in connection to their role. The ease of access to free or inexpensive sources of personally identifiable information has considerably lowered the effort required for malicious actors to discover where individuals live, where they spend leisure hours, and to find information about their family members. Such threats have included calling a judge a traitor with references to mass shootings and serial killings, calling for an angry mob to gather outside a judge’s home and, in reference to a United States courts of appeals judge, stating how easy it would be to get them.

(3)

Between 2015 and 2019, threats and other inappropriate communications against Federal judges and other judiciary personnel increased from 926 in 2015 to approximately 4,449 in 2019.

(4)

Over the past decade, several members of the Federal judiciary have experienced acts of violence against themselves or a family member in connection to their Federal judiciary role, including the murder of the family of United States District Judge for the Northern District of Illinois Joan Lefkow in 2005.

(5)

On Sunday July 19, 2020, an assailant went to the home of Esther Salas, a judge for the United States District Court for the District of New Jersey, impersonating a package delivery driver, opening fire upon arrival, and killing Daniel Anderl, the 20-year-old only son of Judge Salas, and seriously wounding Mark Anderl, her husband.

(6)

In the aftermath of the recent tragedy that occurred to Judge Salas and in response to the continuous rise of threats against members of the Federal judiciary, there is an immediate need for enhanced security procedures and increased availability of tools to protect Federal judges and their families.

4.

Definitions

In this Act:

(1)

At-risk individual

The term at-risk individual means—

(A)

a Federal judge; or

(B)

a senior, recalled, or retired Federal judge

(2)

Data broker

(A)

In general

The term data broker means a business or commercial entity when it is engaged in collecting, assembling, or maintaining personal information concerning an individual who is not a customer, client, or an employee of that entity in order to sell the information or otherwise profit from providing third party access to the information.

(B)

Exclusion

The following activities conducted by a business or commercial entity, and the collection and sale or licensing of personally identifiable information incidental to conducting these activities do not qualify the entity as a data broker:

(i)

Engaging in reporting, news­ga­ther­ing, speaking, or other activities intended to inform the public on matters of public interest or public concern.

(ii)

Providing 411 directory assistance or directory information services, including name, address, and telephone number, on behalf of or as a function of a telecommunications carrier.

(iii)

Utilizing personal information internally, providing access to businesses under common ownership or affiliated by corporate control, or selling or providing data for a transaction or service requested by or concerning the individual whose personal information is being transferred.

(iv)

Providing publicly available information via real-time or near-real-time alert services for health or safety purposes.

(v)

A consumer reporting agency to the extent that it is covered by the Federal Fair Credit Reporting Act (15 U.S.C. 1681 et seq.).

(vi)

A financial institution to the extent that it is covered by the Gramm-Leach-Bliley Act (Public Law 106–102) and implementing regulations.

(vii)

An entity to the extent that it is covered by the Health Insurance Portability and Accountability Act (Public Law 104–191).

(3)

Federal judge

The term Federal judge means—

(A)

a justice or judge of the United States, as those terms are defined in section 451 of title 28, United States Code;

(B)

a bankruptcy judge appointed under section 152 of title 28, United States Code;

(C)

a United States magistrate judge appointed under section 631 of title 28, United States Code;

(D)

a judge confirmed by the United States Senate and empowered by statute in any commonwealth, territory, or possession to perform the duties of a Federal judge; and

(E)

a judge of the United States Court of Federal Claims appointed under section 171 of title 28, United States Code.

(4)

Government agency

The term Government agency means any department enumerated in section 1 of title 5 of the United States Code, independent establishment, commission, administration, authority, board or bureau of the United States or any corporation in which the United States has a proprietary interest. The term includes all such institutions, offices, and any other bodies politic and corporate of the United States Government created by the constitution or statute, whether in the executive, judicial, or legislative branch; all units and corporate outgrowths created by Executive order of the President or any constitutional officer, by the Supreme Court of the United States, or by resolution of the United States Congress.

(5)

Immediate family

The term immediate family means a spouse, child, parent, or any other familial relative of an at-risk individual whose permanent residence is the same as the at-risk individual.

(6)

Personally identifiable information

The term personally identifiable information means—

(A)

a home address, including primary residence or secondary residences;

(B)

a home or personal mobile telephone number, or the direct telephone number of a Government-issued cell phone or private extension in the chambers of an at-risk individual;

(C)

a personal email address;

(D)

the social security number, driver’s license number, or home address displayed on voter registration information;

(E)

a bank account or credit or debit card information;

(F)

home or other address displayed on property tax records or held by a Federal, State, or local government agency of an at-risk individual, including a secondary residence and any investment property at which an at-risk individual resides for part of a year;

(G)

license plate number or home address displayed on vehicle registration information;

(H)

identification of children of an at-risk individual under the age of 18;

(I)

full date of birth;

(J)

a photograph of any vehicle that legibly displays the license plate or a photograph of a residence that legibly displays the residence address;

(K)

the name and address of a school or day care facility attended by immediate family; or

(L)

the name and address of an employer of immediate family.

(7)

Social media

The term social media means any online electronic medium, a live-chat system, or an electronic dating service—

(A)

that primarily serves as a medium for users to interact with content generated by other third-party users of the medium;

(B)

that enables users to create accounts or profiles specific to the medium or to import profiles from another medium; and

(C)

that enables one or more users to generate content that can be viewed by other third-party users of the medium.

(8)

Transfer

The term transfer means to sell, license, trade, or exchange for consideration the personally identifiable information of an at-risk individual or immediate family.

5.

Protecting personally identifiable information in public records

(a)

Government agencies

(1)

In general

Each at-risk individual may—

(A)

file written notice of the status of the individual as an at-risk individual, for themselves and immediate family, to each Government agency; and

(B)

ask each Government agency described in subparagraph (A) to mark as private their personally identifiable information and that of their immediate family.

(2)

No public posting

Government agencies shall not publicly post or display publicly available content that includes personally identifiable information of an at-risk individual or immediate family. Government agencies, upon receipt of a written request in accordance with subsection (a)(1)(A) of this section, shall remove the personally identifiable information of the at-risk individual or immediate family from publicly available content within 72 hours.

(3)

Exceptions

Nothing in this section shall prohibit a Government agency from providing access to records containing judges’ personally identifiable information to a third party if the third party possesses a signed release from the judge or a court order, the entity is already subject to the requirements of title V of the Gramm-Leach-Bliley Act (15 U.S.C. 6801 et seq.), or the third party executes a confidentiality agreement with the Government agency.

(b)

State and local governments

(1)

Grant program to prevent disclosure of personal information of at-risk individuals or immediate family

(A)

Authorization

The Attorney General shall make grants to prevent the release of personally identifiable information of at-risk individuals and immediate family (in this subsection referred to as judges’ personally identifiable information) to the detriment of such individuals or their families to an entity that—

(i)

is—

(I)

a State or unit of local government (as such terms are defined in section 901 of the Omnibus Crime Control and Safe Streets Act of 1968 (34 U.S.C. 10251)); or

(II)

an agency of a State or unit of local government; and

(ii)

operates a State or local database or registry that contains personally identifiable information.

(B)

Application

An eligible entity seeking a grant under this section shall submit to the Attorney General an application at such time, in such manner, and containing such information as the Attorney General may reasonably require.

(2)

Authorization of appropriations

There is authorized to be appropriated such sums as may be necessary to provide grants to entities described in paragraph (1) to create or expand programs designed to protect judges’ personally identifiable information, including through—

(A)

the creation of programs to redact or remove judges’ personally identifiable information, upon the request of an at-risk individual, from public records in state agencies; these efforts may include but are not limited to hiring a third party to redact or remove judges’ personally identifiable information from public records;

(B)

the expansion of existing programs that the State may have enacted in an effort to protect judges’ personally identifiable information;

(C)

the development or improvement of protocols, procedures, and policies to prevent the release of judges’ personally identifiable information;

(D)

the defrayment of costs of modifying or improving existing databases and registries to ensure that judges’ personally identifiable information is protected from release; and

(E)

the development of confidential opt out systems that will enable at-risk individuals to make a single request to keep judges’ personally identifiable information out of multiple databases or registries.

(3)

Report

(A)

In general

Not later than 1 year after the date of enactment of this Act, and biennially thereafter, the Comptroller General of the United States, shall submit to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives an annual report that includes—

(i)

a detailed amount spent by States and local governments on protection of judges’ personally identifiable information; and

(ii)

where the judges’ personally identifiable information was found.

(B)

States and local governments

States and local governments that receive funds under this section shall submit to the Comptroller General a report on data described in clauses (i) and (ii) of subparagraph (A) to be included in the report required under that subparagraph.

(c)

Data brokers and other businesses

(1)

Prohibition

(A)

Data brokers

It shall be unlawful for a data broker to knowingly sell, license, trade for consideration, or purchase personally identifiable information of an at-risk individual or immediate family.

(B)

Other businesses

No person, business, or association shall publicly post or publicly display on the internet personally identifiable information of an at-risk individual or immediate family if the at-risk individual has made a written request of that person, business, or association to not disclose the personally identifiable information of the at-risk individual or immediate family.

(C)

Exceptions

The restriction in subparagraph (B) shall not apply to—

(i)

the display on the internet of the personally identifiable information of an at-risk individual or immediate family if the information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern;

(ii)

personally identifiable information that the at-risk individual voluntarily publishes on the internet after the date of enactment of this Act; or

(iii)

personally identifiable information received from a Federal Government source (or from an employee or agent of the Federal Government).

(2)

Required conduct

(A)

In general

After a person, business, or association has received a written request from an at-risk individual to protect personally identifiable information of the at-risk individual or immediate family, that person, business, or association shall—

(i)

remove within 72 hours the personally identifiable information from the internet and ensure that the information is not made available on any website or subsidiary website controlled by that person, business, or association; and

(ii)

ensure that the personally identifiable information of the at-risk individual or immediate family is not made available on any website or subsidiary website controlled by that person, business, or association.

(B)

Transfer

After receiving an at-risk individual’s written request, no person, business, or association shall transfer the personally identifiable information of the at-risk individual or immediate family to any other person, business, or association through any medium, except where the at-risk individual’s or immediate family member’s personally identifiable information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern. The restriction on transfer shall also not apply to personally identifiable information that the at-risk individual or immediate family voluntarily publishes on the internet after the date of enactment of this Act.

(d)

Delegation of authority

(1)

In general

Upon written request of the at-risk individual, the Director of the Administrative Office of the United States Courts is authorized to make any notice or request required or authorized by this section on behalf of the at-risk individual. The Director may delegate this authority under section 602(d) of title 28, United States Code. Any notice or request made under this subsection shall be deemed to have been made by the at-risk individual and compliant with the notice and request requirements of this section.

(2)

List

In lieu of individual notices or requests, the Director may provide Government agencies, State and local governments, data brokers, persons, businesses, or associations with a list of at-risk individuals and their immediate family for the purpose of maintaining compliance with this section. Such list shall be deemed to comply with individual notice and request requirements of this section.

(e)

Redress and penalties

(1)

In general

An at-risk individual or immediate family member whose personally identifiable information is made public as a result of a violation of this Act may bring an action seeking injunctive or declaratory relief in any court of competent jurisdiction. If the court grants injunctive or declaratory relief, the person, business, or association responsible for the violation shall be required to pay the at-risk individual’s or immediate family member’s costs and reasonable attorney’s fees.

(2)

Penalties and damages

Upon a knowing and willful violation of any order granting injunctive or declarative relief obtained pursuant to this subsection, the court issuing such order may—

(A)

if the violator is a public entity, impose a fine not exceeding $4,000 and require the payment of court costs and reasonable attorney's fees;

(B)

if the violator is a person, business, association, or private agency, award damages to the affected at-risk individual or immediate family in an amount up to a maximum of 3 times the actual damages, but not less than $10,000, and require the payment of court costs and reasonable attorney's fees.

6.

Training and education

There is authorized to be appropriated to the Federal judiciary such sums as may be necessary for biannual judicial security training for active, senior, or recalled Federal judges and their immediate family, including—

(1)

best practices for using social media and other forms of online engagement and for maintaining online privacy;

(2)

home security program and maintenance;

(3)

understanding removal programs and requirements for personally identifiable information;

(4)

any other judicial security training that the United States Marshals Services and the Administrative Office of the United States Courts determines is relevant.

7.

Vulnerability management capability

(a)

Authorization

(1)

Vulnerability management capability

The Federal judiciary is authorized to perform all necessary functions consistent with the provisions of this Act, and to support existing threat management capabilities within the United States Marshals Service and other relevant Federal law enforcement and security agencies. Such functions may include—

(A)

monitor the protection of at-risk individuals and judiciary assets;

(B)

manage the monitoring of websites for personally identifiable information of at-risk individuals or immediate family and remove or limit the publication of such information; and

(C)

receive, review, and analyze complaints by at-risk individuals of threats, whether direct or indirect, and report to law enforcement partners.

(2)

Technical and conforming amendment

Section 604(a) of title 28, United States Code is amended—

(A)

in paragraph (23), by striking and at the end;

(B)

by redesignating paragraph (24) as paragraph (25);

(C)

by inserting after paragraph 23 the following:

(24)

Establish and administer a vulnerability management program in the judicial branch; and

.

(b)

Expansion of capabilities of office of protective intelligence

There is authorized to be appropriated such sums as may be necessary to the United States Marshals Service to expand the current capabilities of the Office of Protective Intelligence of the Judicial Security Division to increase the workforce of the Office of Protective Intelligence to include additional intelligence analysts, United States deputy marshals, and any other relevant personnel to ensure that the Office of Protective Intelligence is ready and able to perform all necessary functions, consistent with the provisions of this Act, in order to anticipate and deter threats to the judiciary, including—

(1)

assigning personnel to State and major urban area fusion and intelligence centers for the specific purpose of identifying potential threats against the judiciary, and coordination of responses to potential threats.

(2)

expanding the use of investigative analysts, physical security specialists, and intelligence analysts at the 94 judicial districts and territories to enhance the management of local and distant threats and investigations; and

(3)

increasing the number of United States Marshal Service personnel for the protection of the judicial function and assigned to protective operations and details for the judiciary.

(c)

Report

(1)

In general

Not later than one year after the date of enactment of this Act, the Department of Justice, in consultation with the Administrative Office of the United States Courts, shall submit to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives a report on the security of Federal judges arising from the Federal prosecutions and civil litigation.

(2)

Description

The report required under paragraph (1) shall describe—

(A)

the number and nature of threats and assaults against at-risk individuals handling prosecutions and other matters described in paragraph (1) and the reporting requirements and methods;

(B)

the security measures that are in place to protect the at-risk individuals handling prosecutions described in paragraph (1), including threat assessments, response procedures, availability of security systems and other devices, firearms licensing such as deputations, and other measures designed to protect the at-risk individuals and immediate family of an at-risk individual; and

(C)

for each requirement, measure, or policy described in subparagraphs (A) and (B), when the requirement, measure, or policy was developed and who was responsible for developing and implementing the requirement, measure, or policy.

8.

Severability

If any provision of this Act or the application of such provision to any person or circumstance is held to be unconstitutional, the remainder of this Act and the application of such provision to any person or circumstance shall not be affected thereby.

9.

Effective date

This Act shall take effect upon the date of enactment of this Act, except for subsections (b)(1), (c), and (e) of section 5, which shall take effect on the date that is 120 days after the date of enactment of this Act.

1.

Short title

This Act may be cited as the Daniel Anderl Judicial Security and Privacy Act of 2021.

2.

Findings and purpose

(a)

Findings

Congress finds the following:

(1)

Members of the Federal judiciary perform the important function of interpreting the Constitution of the United States and administering justice in a fair and impartial manner.

(2)

In recent years, partially as a result of the rise in the use of social media and online access to information, members of the Federal judiciary have been exposed to an increased number of personal threats in connection to their role. The ease of access to free or inexpensive sources of covered information has considerably lowered the effort required for malicious actors to discover where individuals live and where they spend leisure hours and to find information about their family members. Such threats have included calling a judge a traitor with references to mass shootings and serial killings, calling for an angry mob to gather outside a home of a judge and, in reference to a judge on the court of appeals of the United States, stating how easy it would be to get them.

(3)

Between 2015 and 2019, threats and other inappropriate communications against Federal judges and other judiciary personnel increased from 926 in 2015 to approximately 4,449 in 2019.

(4)

Over the past decade, several members of the Federal judiciary have experienced acts of violence against themselves or a family member in connection to their Federal judiciary role, including the murder in 2005 of the family of Joan Lefkow, a judge for the United States District Court for the Northern District of Illinois.

(5)

On Sunday July 19, 2020, an assailant went to the home of Esther Salas, a judge for the United States District Court for the District of New Jersey, impersonating a package delivery driver, opening fire upon arrival, and killing Daniel Anderl, the 20-year-old only son of Judge Salas, and seriously wounding Mark Anderl, her husband.

(6)

In the aftermath of the recent tragedy that occurred to Judge Salas and in response to the continuous rise of threats against members of the Federal judiciary, there is an immediate need for enhanced security procedures and increased availability of tools to protect Federal judges and their families.

(b)

Purpose

The purpose of this Act is to improve the safety and security of Federal judges, including senior, recalled, or retired Federal judges, and their immediate family to ensure Federal judges are able to administer justice fairly without fear of personal reprisal from individuals affected by the decisions they make in the course of carrying out their public duties.

3.

Definitions

In this Act:

(1)

At-risk individual

The term at-risk individual means—

(A)

a Federal judge; or

(B)

a senior, recalled, or retired Federal judge.

(2)

Covered information

The term covered information means—

(A)

a home address, including primary residence or secondary residences;

(B)

a home or personal mobile telephone number, or the direct telephone number of a Government-issued cell phone or private extension in the chambers of an at-risk individual;

(C)

a personal email address;

(D)

the social security number, driver’s license number, or home address displayed on voter registration information;

(E)

a bank account or credit or debit card information;

(F)

the home or other address displayed on property tax records or held by a Federal, State, or local government agency of an at-risk individual, including a secondary residence and any investment property at which an at-risk individual resides for part of a year;

(G)

a license plate number or home address displayed on vehicle registration information;

(H)

the identification of children of an at-risk individual under the age of 18;

(I)

the full date of birth;

(J)

a photograph of any vehicle that legibly displays the license plate or a photograph of a residence that legibly displays the address of the residence;

(K)

the name and address of a school or day care facility attended by immediate family; or

(L)

the name and address of an employer of immediate family.

(3)

Data broker

(A)

In general

The term data broker means a commercial entity engaged in collecting, assembling, or maintaining personal information concerning an individual who is not a customer, client, or an employee of that entity in order to sell the information or otherwise profit from providing third-party access to the information.

(B)

Exclusion

The term data broker does not include a commercial entity engaged in the following activities:

(i)

Engaging in reporting, news-gathering, speaking, or other activities intended to inform the public on matters of public interest or public concern.

(ii)

Providing 411 directory assistance or directory information services, including name, address, and telephone number, on behalf of or as a function of a telecommunications carrier.

(iii)

Using personal information internally, providing access to businesses under common ownership or affiliated by corporate control, or selling or providing data for a transaction or service requested by or concerning the individual whose personal information is being transferred.

(iv)

Providing publicly available information via real-time or near-real-time alert services for health or safety purposes.

(v)

A consumer reporting agency subject to the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.).

(vi)

A financial institution to subject to the Gramm-Leach-Bliley Act (Public Law 106–102) and regulations implementing that Act.

(vii)

A covered entity for purposes of the privacy regulations promulgated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d-2 note).

(viii)

The collection and sale or licensing of covered information incidental to conducting the activities described in clauses (i) through (vii).

(4)

Federal judge

The term Federal judge means—

(A)

a justice of the United States or a judge of the United States, as those terms are defined in section 451 of title 28, United States Code;

(B)

a bankruptcy judge appointed under section 152 of title 28, United States Code;

(C)

a United States magistrate judge appointed under section 631 of title 28, United States Code;

(D)

a judge confirmed by the United States Senate and empowered by statute in any commonwealth, territory, or possession to perform the duties of a Federal judge;

(E)

a judge of the United States Court of Federal Claims appointed under section 171 of title 28, United States Code;

(F)

a judge of the United States Court of Appeals for Veterans Claims appointed under section 7253 of title 38, United States Code;

(G)

a judge of the United States Court of Appeals for the Armed Forces appointed under section 942 of title 10, United States Code;

(H)

a judge of the United States Tax Court appointed under section 7443 of the Internal Revenue Code of 1986; and

(I)

a special trial judge of the United States Tax Court appointed under section 7443A of the Internal Revenue Code of 1986.

(5)

Government agency

The term Government agency includes—

(A)

an Executive agency, as defined in section 105 of title 5, United States Code; and

(B)

any agency in the judicial branch or legislative branch.

(6)

Immediate family

The term immediate family means a spouse, child, or parent of an at-risk individual or any other familial relative of an at-risk individual whose permanent residence is the same as the at-risk individual.

(7)

Social media

The term social media means any online electronic medium, a live-chat system, or an electronic dating service—

(A)

that primarily serves as a medium for users to interact with content generated by other third-party users of the medium;

(B)

that enables users to create accounts or profiles specific to the medium or to import profiles from another medium; and

(C)

that enables one or more users to generate content that can be viewed by other third-party users of the medium.

(8)

Transfer

The term transfer means to sell, license, trade, or exchange for consideration the covered information of an at-risk individual or immediate family.

4.

Protecting covered information in public records

(a)

Government agencies

(1)

In general

Each at-risk individual may—

(A)

file written notice of the status of the individual as an at-risk individual, for themselves and immediate family, with each Government agency that includes information necessary to ensure compliance with this section, as determined by the Administrative Office of the United States Courts; and

(B)

request that each Government agency described in subparagraph (A) mark as private their covered information and that of their immediate family.

(2)

No public posting

Government agencies shall not publicly post or display publicly available content that includes covered information of an at-risk individual or immediate family. Government agencies, upon receipt of a written request under paragraph (1)(A), shall remove the covered information of the at-risk individual or immediate family from publicly available content not later than 72 hours after such receipt.

(3)

Exceptions

Nothing in this section shall prohibit a Government agency from providing access to records containing the covered information of a Federal judge to a third party if the third party—

(A)

possesses a signed release from the Federal judge or a court order;

(B)

is subject to the requirements of title V of the Gramm-Leach-Bliley Act (15 U.S.C. 6801 et seq.); or

(C)

executes a confidentiality agreement with the Government agency.

(b)

Delegation of authority

(1)

In general

(A)

Administrative Office of the United States Courts

Upon written request of an at-risk individual, the Director of the Administrative Office of the United States Courts is authorized to make any notice or request required or authorized by this section on behalf of the at-risk individual. The notice or request shall include information necessary to ensure compliance with this section, as determined by the Administrative Office of the United States Courts. The Director may delegate this authority under section 602(d) of title 28, United States Code. Any notice or request made under this subsection shall be deemed to have been made by the at-risk individual and comply with the notice and request requirements of this section.

(B)

United States Court of Appeals for Veterans Claims

Upon written request of an at-risk individual described in section 3(4)(F), the chief judge of the United States Court of Appeals for Veterans Claims is authorized to make any notice or request required or authorized by this section on behalf of the at-risk individual. Any notice or request made under this subsection shall be deemed to have been made by the at-risk individual and comply with the notice and request requirements of this section.

(C)

United States Court of Appeals for the Armed Forces

Upon written request of an at-risk individual described in section 3(4)(G), the chief judge of the United States Court of Appeals for the Armed Forces is authorized to make any notice or request required or authorized by this section on behalf of the at-risk individual. Any notice or request made under this subsection shall be deemed to have been made by the at-risk individual and comply with the notice and request requirements of this section.

(D)

United States Tax Court

Upon written request of an at-risk individual described in subparagraph (H) or (I) of section 3(4), the chief judge of the United States Tax Court is authorized to make any notice or request required or authorized by this section on behalf of the at-risk individual. Any notice or request made under this subsection shall be deemed to have been made by the at-risk individual and comply with the notice and request requirements of this section.

(2)

List

In lieu of individual notices or requests, the Director of the Administrative Office of the United States Courts, or a Federal judge described in subparagraph (F), (G), (H), or (I) of section 3(4), as applicable, may provide Government agencies, State and local governments, data brokers, persons, businesses, or associations with a list of at-risk individuals and their immediate family that includes information necessary to ensure compliance with this section, as determined by the Administrative Office of the United States Courts for the purpose of maintaining compliance with this section. Such list shall be deemed to comply with individual notice and request requirements of this section.

(c)

State and local governments

(1)

Grant program to prevent disclosure of personal information of at-risk individuals or immediate family

(A)

Authorization

The Attorney General may make grants to prevent the release of covered information of at-risk individuals and immediate family (in this subsection referred to as judges’ covered information) to the detriment of such individuals or their families to an entity that—

(i)

is—

(I)

a State or unit of local government, as defined in section 901 of title I of the Omnibus Crime Control and Safe Streets Act of 1968 (34 U.S.C. 10251); or

(II)

an agency of a State or unit of local government; and

(ii)

operates a State or local database or registry that contains covered information.

(B)

Application

An entity seeking a grant under this section shall submit to the Attorney General an application at such time, in such manner, and containing such information as the Attorney General may reasonably require.

(2)

Scope of grants

Grants made under this subsection may be used to create or expand programs designed to protect judges’ covered information, including through—

(A)

the creation of programs to redact or remove judges’ covered information, upon the request of an at-risk individual, from public records in State agencies, including hiring a third party to redact or remove judges’ covered information from public records;

(B)

the expansion of existing programs that the State may have enacted in an effort to protect judges’ covered information;

(C)

the development or improvement of protocols, procedures, and policies to prevent the release of judges’ covered information;

(D)

the defrayment of costs of modifying or improving existing databases and registries to ensure that judges’ covered information is covered from release; and

(E)

the development of confidential opt out systems that will enable at-risk individuals to make a single request to keep judges’ covered information out of multiple databases or registries.

(3)

Report

(A)

In general

Not later than 1 year after the date of enactment of this Act, and biennially thereafter, the Comptroller General of the United States, shall submit to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives an annual report that includes—

(i)

a detailed amount spent by States and local governments on protecting judges’ covered information;

(ii)

where the judges’ covered information was found; and

(iii)

the collection of any new types of personal data found to be used to identify judges who have received threats, including prior home addresses, employers, and institutional affiliations such as nonprofit boards.

(B)

States and local governments

States and local governments that receive funds under this section shall submit to the Comptroller General of the United States a report on data described in clauses (i) and (ii) of subparagraph (A) to be included in the report required under that subparagraph.

(d)

Data brokers and other businesses

(1)

Prohibitions

(A)

Data brokers

It shall be unlawful for a data broker to knowingly sell, license, trade for consideration, or purchase covered information of an at-risk individual or immediate family.

(B)

Other businesses

(i)

In general

Except as provided in clause (ii), no person, business, or association shall publicly post or publicly display on the internet covered information of an at-risk individual or immediate family if the at-risk individual has made a written request to that person, business, or association to not disclose the covered information of the at-risk individual or immediate family.

(ii)

Exceptions

Clause (i) shall not apply to—

(I)

the display on the internet of the covered information of an at-risk individual or immediate family if the information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern;

(II)

covered information that the at-risk individual voluntarily publishes on the internet after the date of enactment of this Act; or

(III)

covered information received from a Federal Government source (or from an employee or agent of the Federal Government).

(2)

Required conduct

(A)

In general

After receiving a written request under paragraph (1)(B), the person, business, or association shall—

(i)

remove within 72 hours the covered information from the internet and ensure that the information is not made available on any website or subsidiary website controlled by that person, business, or association; and

(ii)

ensure that the covered information of the at-risk individual or immediate family is not made available on any website or subsidiary website controlled by that person, business, or association.

(B)

Transfer

(i)

In general

Except as provided in clause (ii), after receiving a written request under paragraph (1)(B), the person, business, or association shall not transfer the covered information of the at-risk individual or immediate family to any other person, business, or association through any medium.

(ii)

Exceptions

Clause (i) shall not apply to—

(I)

the transfer of the covered information of the at-risk individual or immediate family if the information is relevant to and displayed as part of a news story, commentary, editorial, or other speech on a matter of public concern;

(II)

covered information that the at-risk individual or immediate family voluntarily publishes on the internet after the date of enactment of this Act; or

(III)

a transfer made at the request of the at-risk individual or that is necessary to effectuate a request to the person, business, or association from the at-risk individual.

(e)

Redress and penalties

(1)

In general

An at-risk individual or their immediate family whose covered information is made public as a result of a violation of this Act may bring an action seeking injunctive or declaratory relief in any court of competent jurisdiction. If the court grants injunctive or declaratory relief, the person, business, or association responsible for the violation shall be required to pay the costs and reasonable attorney’s fees of the at-risk individual or immediate family, as applicable.

(2)

Penalties and damages

If a person, business, or association knowingly violates an order granting injunctive or declarative relief under paragraph (1), the court issuing such order may—

(A)

if the person, business, or association is a government agency—

(i)

impose a fine not greater than $4,000; and

(ii)

award to the at-risk individual or their immediate family, as applicable, court costs and reasonable attorney's fees; and

(B)

if the person, business, or association is not a government agency, award to the at-risk individual or their immediate family, as applicable—

(i)

an amount equal to the actual damages sustained by the at-risk individual or their immediate family; and

(ii)

court costs and reasonable attorney's fees.

5.

Training and education

Amounts appropriated to the Federal judiciary for fiscal year 2022, and each fiscal year thereafter, may be used for biannual judicial security training for active, senior, or recalled Federal judges described in subparagraph (A), (B), (C), (D), or (E) of section 3(4) and their immediate family, including—

(1)

best practices for using social media and other forms of online engagement and for maintaining online privacy;

(2)

home security program and maintenance;

(3)

understanding removal programs and requirements for covered information; and

(4)

any other judicial security training that the United States Marshals Services and the Administrative Office of the United States Courts determines is relevant.

6.

Vulnerability management capability

(a)

Authorization

(1)

Vulnerability management capability

The Federal judiciary is authorized to perform all necessary functions consistent with the provisions of this Act and to support existing threat management capabilities within the United States Marshals Service and other relevant Federal law enforcement and security agencies for Federal judges described in subparagraphs (A), (B), (C), (D), and (E) of section 3(4), including—

(A)

monitoring the protection of at-risk individuals and judiciary assets;

(B)

managing the monitoring of websites for covered information of at-risk individuals or immediate family and remove or limit the publication of such information;

(C)

receiving, reviewing, and analyzing complaints by at-risk individuals of threats, whether direct or indirect, and report such threats to law enforcement partners; and

(D)

providing training described in section 5.

(2)

Vulnerability management for certain article I courts

The functions and support authorized in paragraph (1) shall be authorized as follows:

(A)

The chief judge of the United States Court of Appeals for Veterans Claims is authorized to perform such functions and support for the Federal judges described in section 3(4)(F).

(B)

The United States Court of Appeals for the Armed Forces is authorized to perform such functions and support for the Federal judges described in section 3(4)(G).

(C)

The United States Tax Court is authorized to perform such functions and support for the Federal judges described in subparagraphs (H) and (I) of section 3(4).

(3)

Technical and conforming amendment

Section 604(a) of title 28, United States Code is amended—

(A)

in paragraph (23), by striking and at the end;

(B)

by redesignating paragraph (24) as paragraph (25); and

(C)

by inserting after paragraph (23) the following:

(24)

Establish and administer a vulnerability management program in the judicial branch; and

.

(b)

Expansion of capabilities of office of protective intelligence

The United States Marshals Service is authorized to expand the current capabilities of the Office of Protective Intelligence of the Judicial Security Division to increase the workforce of the Office of Protective Intelligence to include additional intelligence analysts, United States deputy marshals, and any other relevant personnel to ensure that the Office of Protective Intelligence is ready and able to perform all necessary functions, consistent with the provisions of this Act, in order to anticipate and deter threats to the judiciary, including—

(1)

assigning personnel to State and major urban area fusion and intelligence centers for the specific purpose of identifying potential threats against the judiciary and coordinating responses to such potential threats;

(2)

expanding the use of investigative analysts, physical security specialists, and intelligence analysts at the 94 judicial districts and territories to enhance the management of local and distant threats and investigations; and

(3)

increasing the number of United States Marshal Service personnel for the protection of the judicial function and assigned to protective operations and details for the judiciary.

(c)

Report

(1)

In general

Not later than 1 year after the date of enactment of this Act, the Department of Justice, in consultation with the Administrative Office of the United States Courts, the United States Court of Appeals for Veterans Claims, the United States Court of Appeals for the Armed Forces, and the United States Tax Court, shall submit to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives a report on the security of Federal judges arising from Federal prosecutions and civil litigation.

(2)

Description

The report required under paragraph (1) shall describe—

(A)

the number and nature of threats and assaults against at-risk individuals handling prosecutions and other matters described in paragraph (1) and the reporting requirements and methods;

(B)

the security measures that are in place to protect at-risk individuals handling prosecutions described in paragraph (1), including threat assessments, response procedures, the availability of security systems and other devices, firearms licensing such as deputations, and other measures designed to protect the at-risk individuals and their immediate family; and

(C)

for each requirement, measure, or policy described in subparagraphs (A) and (B), when the requirement, measure, or policy was developed and who was responsible for developing and implementing the requirement, measure, or policy.

7.

Rules of construction

(a)

In general

Nothing in this Act shall be construed—

(1)

to prohibit, restrain, or limit—

(A)

the lawful investigation or reporting by the press of any unlawful activity or misconduct alleged to have been committed by an at-risk individual or their immediate family; or

(B)

the reporting on an at-risk individual or their immediate family regarding matters of public concern;

(2)

to impair access to decisions and opinions from a Federal judge in the course of carrying out their public functions;

(3)

to limit the publication or transfer of covered information that the at-risk individual or their immediate family member voluntarily publishes on the internet after the date of enactment of this Act; or

(4)

to prohibit information sharing by a data broker to a Federal, State, Tribal, or local government, or any unit thereof.

(b)

Protection of covered information

This Act shall be broadly construed to favor the protection of the covered information of at-risk individuals and their immediate family.

8.

Severability

If any provision of this Act, an amendment made by this Act, or the application of such provision or amendment to any person or circumstance is held to be unconstitutional, the remainder of this Act and the amendments made by this Act, and the application of the remaining provisions of this Act and amendments to any person or circumstance shall not be affected.

9.

Effective date

(a)

In general

Except as provided in subsection (b), this Act shall take effect on the date of enactment of this Act.

(b)

Exception

Subsections (c)(1), (d), and (e) of section 4 shall take effect on the date that is 120 days after the date of enactment of this Act.

December 16, 2021

Reported with an amendment