Relating to investigations of certain cybercrimes.
CriticalImmediate action required
Low Cost
Effective:2025-06-20
Enforcing Agencies
Office of the Prosecuting Attorney (District Attorneys, County Attorneys) • Texas Civil Courts (for motions to quash)
01
Compliance Analysis
Key implementation requirements and action items for compliance with this legislation
Implementation Timeline
Effective Date: June 20, 2025 (Immediate effect due to supermajority vote).
Compliance Deadline:Immediate. Protocols must be active now; prosecutors may issue subpoenas for active investigations immediately.
Agency Rulemaking: None. This is a statute governing criminal procedure, not a regulatory framework. Clarification will come through judicial rulings on Motions to Quash, not agency guidance.
Immediate Action Plan
1.Segregate Data Queries: Immediately configure IT systems to separate Subscriber/Transactional Data (Disclosable) from Content Data (Protected).
2.Update Intake Checklists: Distribute a new legal review checklist to verify that incoming subpoenas do *not* request passwords or message content.
3.Review Insurance: Confirm your Cyber/D&O insurance covers defense costs for regulatory investigations where you are a third-party witness.
4.Establish Standard Objections: Draft template responses for subpoenas that demand data in under 48 hours or request protected content.
Operational Changes Required
Contracts
Privacy Policies: Update disclosure clauses immediately. Replace "pursuant to court order" with "pursuant to lawful process, including administrative subpoenas."
Vendor/MSP Agreements: If you utilize third-party data hosting, amend contracts to define who is the "custodian of records" responsible for answering subpoenas. Ensure vendors do not release data without notifying your legal counsel first.
Hiring/Training
Legal Response Teams (LRT): Train intake staff to distinguish between an Administrative Subpoena (Metadata/Logs only) and a Search Warrant (Content/Emails).
IT/Database Administrators: Configure query tools to extract specific fields (Name, IP, Session Time, Payment Source) without pulling "full user dumps" that include message content or search history.
Reporting & Record-Keeping
Subpoena Logging: Maintain a privileged log of all requests, recording the "Return Date" (deadline) and the specific issuing prosecutor.
Production Inventory: Keep an exact duplicate or hash of the data provided to the state to defend against claims of non-compliance or over-disclosure.
Secure Transmission: Establish an encrypted portal for data delivery. Do not transmit confidential subscriber data via standard unencrypted email.
Fees & Costs
Cost Absorption: The bill does not provide a statutory mechanism for cost reimbursement. Budget for the internal labor required to process these requests.
Litigation Budget: Allocate funds for potential Motions to Quash if prosecutors set unreasonable return dates (e.g., 24-hour turnaround).
Strategic Ambiguities & Considerations
"Reasonable Return Date": The statute requires a "reasonable" deadline but fails to define it. Businesses should establish a standard internal policy (e.g., "5 business days") to use as a baseline for objections against "immediate" demands.
Civil Immunity Gap: The law does not explicitly grant civil immunity to companies that comply. If you inadvertently release "content" (emails/DMs) in response to an administrative subpoena, you risk violating federal privacy laws (Stored Communications Act).
"In-Transit" vs. "Stored": The prohibition on disclosing "in-transit" communications is technically vague in cloud environments. Your technical team must define this boundary clearly to prevent accidental interception.
Need Help Understanding Implementation?
Our government affairs experts can walk you through this bill's specific impact on your operations.
Information presented is for general knowledge only and is provided without warranty, express or implied. Consult qualified government affairs professionals and legal counsel before making compliance decisions.
The bill author has informed the committee that law enforcement agencies currently face delays in obtaining crucial data regarding cybercrime investigations because subpoenas often require court approval and cooperation from out-of-state internet service providers. The bill author has further informed the committee that cybercriminals exploit these delays by deleting or altering records before they can be retrieved, meaning that critical evidence can disappear before being legally accessed in an investigation.
H.B. 3185 seeks to reduce bureaucratic delays and strengthen law enforcement's ability to combat cybercrime and protect victims by allowing prosecuting attorneys to issue administrative subpoenas for specific subscriber and transactional records, such as IP addresses, account details, and payment information. The bill ensures confidentiality of collected data and aligns cybercrime investigations with existing procedures for Internet crimes against children cases.
CRIMINAL JUSTICE IMPACT
It is the committee's opinion that this bill does not expressly create a criminal offense, increase the punishment for an existing criminal offense or category of offenses, or change the eligibility of a person for community supervision, parole, or mandatory supervision.
RULEMAKING AUTHORITY
It is the committee's opinion that this bill does not expressly grant any additional rulemaking authority to a state officer, department, agency, or institution.
ANALYSIS
H.B. 3185 amends the Government Code to authorize a prosecuting attorney to issue and cause to be served an administrative subpoena that requires the production of records or other documentation as described by the bill's provisions if the subpoena relates to an investigation of a cybercrime and there is reasonable cause to believe that the Internet or electronic service account provided through an electronic communication service or remote computing service has been used in the commission of a cybercrime. The bill defines "cybercrime" as any of the following Penal Code offenses committed using an Internet website or an electronic service account provided through an electronic communication service or remote computing service:
·theft offenses;
·fraud offenses;
·computer crime offenses;
·telecommunications crime offenses;
·money laundering offenses;
·insurance fraud offenses;
·disorderly conduct and related offenses;
·organized crime offenses;
·racketeering and unlawful debt collection offenses; and
·terroristic offenses.
H.B. 3185 does the following with respect to an administrative subpoena issued under the bill's provisions:
·requires a subpoena to describe any objects or items to be produced and prescribe a reasonable return date by which those objects or items must be assembled and made available;
·authorizes a subpoena, except as provided by these provisions, to require the production of any records or other documentation relevant to the investigation, including the following:
oa name;
oan address;
oa local or long distance telephone connection record, satellite-based Internet service provider connection record, or record of session time and duration;
othe duration of the applicable service, including the start date for the service and the type of service used;
oa telephone or instrument number or other number used to identify a subscriber, including a temporarily assigned network address; and
othe source of payment for the service, including a credit card or bank account number;
·prohibits a provider of an electronic communication service or remote computing service from disclosing the following information in response to a subpoena but requires such a provider to disclose that information if the disclosure is required by a court order:
oan in-transit electronic communication;
oan account membership related to an Internet group, newsgroup, mailing list, or specific area of interest;
oan account password; or
oany account content, including any form of electronic mail, an address book, a contact list, a buddy list, or Internet proxy content or Internet history;
·authorizes a person authorized to serve process under the Texas Rules of Civil Procedure to serve a subpoena and requires the person to serve the subpoena in accordance with those rules; and
·authorizes the person receiving a subpoena, before the return date specified on the subpoena, to petition in an appropriate court located in the county where the subpoena was issued for an order to modify or quash the subpoena or to prohibit disclosure of applicable information by a court.
H.B. 3185 requires the prosecuting attorney to do the following, as appropriate, if a criminal case or proceeding does not result from the production of records or other documentation under the administrative subpoena within a reasonable period:
·destroy the records or documentation; or
·return the records or documentation to the person who produced the records or documentation.
Any information, records, or data reported or obtained under the subpoena is confidential and may not be disclosed to any other person unless the disclosure is made as part of a criminal case related to those materials.
HB3185 grants Texas prosecuting attorneys immediate administrative subpoena power to demand subscriber identity, connection logs, and payment source data from digital service providers without a prior judge's approval. This legislation fundamentally shifts the burden of privacy protection onto Electronic Communication Service (ECS) and Remote Computing Service (RCS) providers, who must now operationally distinguish between disclosable metadata and protected content to avoid civil liability. Implementation Timeline Effective Date: June 20, 2025 (Immediate effect due to supermajority vote).
Q
Who authored HB3185?
HB3185 was authored by Texas Representative William Metcalf during the Regular Session.
Q
When was HB3185 signed into law?
HB3185 was signed into law by Governor Greg Abbott on June 20, 2025.
Q
Which agencies enforce HB3185?
HB3185 is enforced by Office of the Prosecuting Attorney (District Attorneys, County Attorneys) and Texas Civil Courts (for motions to quash).
Q
How urgent is compliance with HB3185?
The compliance urgency for HB3185 is rated as "critical". Businesses and organizations should review the requirements and timeline to ensure timely compliance.
Q
What is the cost impact of HB3185?
The cost impact of HB3185 is estimated as "low". This may vary based on industry and implementation requirements.
Q
What topics does HB3185 address?
HB3185 addresses topics including crimes, crimes--miscellaneous, criminal procedure, criminal procedure--general and electronic information systems.
Legislative data provided by LegiScanLast updated: November 25, 2025
Need Strategic Guidance on This Bill?
Need help with Government Relations, Lobbying, or compliance? JD Key Consulting has the expertise you're looking for.
