JD Key Consulting Logo
Signed Into Law
Signed June 20, 2025Effective 2025-06-20
HB5081

Regular Session

Relating to the protection of personal identifying information of certain individuals in the judicial system; creating a criminal offense.

Government Affairs & Regulatory Compliance Analysis

HB5081: Government Affairs Overview

HB5081 mandates that any business hosting public data or selling personal information must remove the Personal Identifying Information (PII) of judges, court staff, and their families within 10 business days of a request. This law creates a strict "takedown" regime with immediate criminal liability and daily civil fines for non-compliance, affecting not just data brokers, but any entity with public-facing directories or marketing lists.

Rep. Jeff Leach·House Bill·Regular Session

Critical
Medium Cost
Effective:2025-06-20
Enforcing Agencies

Local Law Enforcement/Prosecutors (Criminal provisions)Office of Court Administration (Administrative facilitation of requests)Texas Civil Courts (via private right of action)

Business Impact

Who HB5081 Affects

This legislation has regulatory implications for the following Texas businesses and organizations:

Regulatory Priority: critical

Significant regulatory changes (effective 2025-06-20). Review with your legal and compliance teams to understand implications.

🏭

Manufacturing & Business

Affected business types:

  • Manufacturers
  • Industrial facilities
  • Supply chain companies
  • Logistics providers
View all manufacturing & business legislation

Key Operational Considerations

  • 1Data Vendors (Upstream): Amend Master Services Agreements (MSAs) to require vendors to scrub lists against HB5081 suppression requests before delivery.
  • 2Subsidiaries: Execute binding internal directives ensuring subsidiary websites comply with removal requests received by the parent company, as the law holds the controlling entity liable.
  • 3Verification Protocols: Staff must be trained on how to verify the validity of a request without creating delays that exceed the statutory window.

Estimated Cost Impact

mediumModerate costs expected for implementation.

Enforcing Agencies

Need Government Relations Support?

JD Key Consulting provides government affairs and regulatory strategy services. We help businesses navigate Texas agencies, understand legislative impacts, and advocate for their interests.

Need Help Navigating This Legislation?

JD Key Consulting provides strategic guidance on Texas regulatory compliance and legislative impact for your business.

HB5081
Relating to the protection of personal identifying information of certain individuals in the judicial system; creating a criminal offense.
Critical Urgency
Unanimous Passage
House Vote140 - 0
YEA
100% in favor140 voting
Senate Vote31 - 0
YEA
100% in favor31 voting
Cost Impact
Medium
Effective
2025-06-20
Enforcing Agencies
Local Law Enforcement/ProsecutorsOffice of Court AdministrationTexas Civil Courts
Primary Author: Rep. Jeff Leach
89th Texas Legislature
jdkey.com
01

Compliance Analysis

Key implementation requirements and action items for compliance with this legislation

Implementation Timeline

  • Effective Date: June 20, 2025 (Immediate effect due to supermajority vote).
  • Compliance Deadline: Immediate. You must be prepared to accept and process removal requests starting June 20, 2025. The law applies retroactively to data currently hosted on your sites.
  • Agency Rulemaking: The Office of Court Administration (OCA) is authorized to develop a centralized request system/portal, contingent on legislative appropriation. Until this system is funded and built, businesses must accept requests via standard channels (mail/email).

Immediate Action Plan

  • Designate a Channel: Immediately establish and publish a specific email address or physical address for HB5081 removal requests.
  • Test Takedown Speed: Conduct a drill to ensure your IT team can locate and remove specific records across all platforms within 10 business days.
  • Review Insurance: Audit Cyber Liability and D&O policies to confirm coverage for "regulatory fines" and privacy statute violations.
  • Stop the Bleed: Configure your CRM or data sales platforms to automatically flag and block records on your suppression list from being sold or republished.

Operational Changes Required

Contracts

  • Data Vendors (Upstream): Amend Master Services Agreements (MSAs) to require vendors to scrub lists against HB5081 suppression requests before delivery.
  • Subsidiaries: Execute binding internal directives ensuring subsidiary websites comply with removal requests received by the parent company, as the law holds the controlling entity liable.

Hiring/Training

  • Intake Training: Customer service and privacy teams must be trained to identify "HB5081 Removal Requests" immediately. These cannot be queued with standard GDPR/CCPA requests due to the strict 10-day deadline and potential criminal liability.
  • Verification Protocols: Staff must be trained on how to verify the validity of a request without creating delays that exceed the statutory window.

Reporting & Record-Keeping

  • Suppression Lists: Establish a permanent, secure internal "Do Not Publish/Do Not Sell" list containing the PII of individuals who have submitted requests.
  • Audit Logs: Maintain an immutable log recording: Date Request Received, Date Data Removed, and Confirmation Sent. This is your primary defense against the $500/day fine.

Fees & Costs

  • Civil Penalties: Budget for potential legal defense and civil penalties ($500 per day per violation) if the 10-day window is missed.
  • Damages: Be aware that plaintiffs can seek exemplary (punitive) damages and attorney's fees.

Strategic Ambiguities & Considerations

  • The OCA Portal Gap: The OCA is not *required* to build a centralized removal portal without specific funding. Businesses must prepare to receive requests via disparate channels (email, certified mail) rather than a standardized API or single source.
  • Verification Standards: The statute does not define the burden of proof for identity verification. Demanding excessive proof risks missing the 10-day deadline; accepting too little risks fraudulent takedowns.
  • Definition of "Control": Liability extends to subsidiary websites the entity "controls," but the threshold for control (e.g., franchisees, loose affiliates) remains undefined.

Need Compliance Guidance on This Legislation?

JD Key Consulting specializes in Texas regulatory compliance strategy. Work directly with James Dickey—former Chairman of the Republican Party of Texas—to understand this bill's impact on your operations and develop an actionable compliance plan.

Schedule a Consultation

Information presented is for general knowledge only and is provided without warranty, express or implied. Consult qualified government affairs professionals and legal counsel before making compliance decisions.

02

Legislative Timeline

This bill's path through the Texas Legislature

Filed
Mar 13, 2025
Passed House
May 14, 2025
Passed Senate
May 26, 2025
Signed
Jun 20, 2025
Effective
Jun 20, 2025
TopicsBusiness & CommerceBusiness & Commerce--generalCourtsCourts--generalCourts--judgesCourts--personnelCrimesCrimes--against PersonsCrimes--against Persons--generalProtection of Personal InformationCourt Administration, Office ofCivil Remedies & Liabilities
03

House Authors

Rep. Jeff LeachRepublican · Primary Author

Senate Sponsors

Sen. Charles CreightonRepublican · Primary Sponsor
Cosponsors (1)

Bill Text(with markup)

View bill text in multiple formats on Texas Legislature website

Fiscal NoteView Original

Related Legislation

Explore more bills from this author and on related topics

More from Rep. Jeff Leach

View all bills by Rep. Jeff Leach

Related by Topic

View more Business & Commerce legislation
Quick Reference

Frequently Asked Questions

Common questions about HB5081

Q

What does Texas HB5081 do?

HB5081 mandates that any business hosting public data or selling personal information must remove the Personal Identifying Information (PII) of judges, court staff, and their families within 10 business days of a request. This law creates a strict "takedown" regime with immediate criminal liability and daily civil fines for non-compliance, affecting not just data brokers, but any entity with public-facing directories or marketing lists.

Q

Who authored HB5081?

HB5081 was authored by Texas Representative Jeff Leach during the Regular Session.

Q

When was HB5081 signed into law?

HB5081 was signed into law by Governor Greg Abbott on June 20, 2025.

Q

Which agencies enforce HB5081?

HB5081 is enforced by Local Law Enforcement/Prosecutors (Criminal provisions), Office of Court Administration (Administrative facilitation of requests) and Texas Civil Courts (via private right of action).

Q

How significant are the changes in HB5081?

The regulatory priority for HB5081 is rated as "critical". Businesses and organizations should review the legislation to understand potential impacts.

Q

What is the cost impact of HB5081?

The cost impact of HB5081 is estimated as "medium". This may vary based on industry and implementation requirements.

Q

What topics does HB5081 address?

HB5081 addresses topics including business & commerce, business & commerce--general, courts, courts--general and courts--judges.

Q

What are the key dates for HB5081?

Key dates for HB5081: Effective date is 2025-06-20. Rulemaking: Develop a process and potentially a statewide technology system for judges to file written requests for data removal on behalf of themselves and at-risk individuals. (Contingent on Appropriation). Consult with legal counsel regarding applicability.

Q

What are the penalties under HB5081?

HB5081 establishes the following penalties: Civil penalty of $500 per day for Fine imposed for each day covered information remains public after a court issues an order for injunctive or declaratory relief.; Civil penalty of Variable (Exemplary Damages + Attorney's Fees) for Awarded to plaintiff if the defendant is not a state agency and the plaintiff prevails in an action for violation of the chapter.; Criminal penalty of Class B Misdemeanor for Intentional posting of covered information with intent to harm/harass; OR failure by a non-data broker to remove information within 10 business days of a request.. Consult with legal counsel for specific applicability to your situation.

Q

Which Texas businesses are affected by HB5081?

HB5081 primarily affects Texas businesses and commercial enterprises. These businesses should review the legislation with their legal and compliance teams to understand potential impacts.

Need Strategic Guidance on This Legislation?

JD Key Consulting is an Austin, Texas-based government affairs firm led by James Dickey, former Chairman of the Republican Party of Texas. We specialize in Texas regulatory compliance and legislative strategy for data centers, energy, banking, and manufacturing.

Legislative data provided by LegiScanLast updated: January 11, 2026