Section 63A-16-109 - Removal of state elected official or employee personal identifying information(1) As used in this section:(a) "Open web" means the Internet used for everyday activities like browsing, searching, reading media, online shopping, or other website or online applications.(b) "Personal identifying information" means the following:(i) physical home address and personal email address;(ii) home telephone number and personal mobile telephone number;(iii) driver license or other government-issued identification; or(iv) social security number.(c)(i) "State elected official" means a person who holds an office in state government that is required by law to be filled by an election, including the offices of governor, lieutenant governor, attorney general, state auditor, state treasurer, and legislator.(ii) "State elected official" does not include a judge.(d) "State employee who has been threatened" means an individual: (i)(A) who is a cabinet level official or senior staff of the governor; or(B) who is an employee of the state executive branch and meets selective criteria implemented by the division that are established by rule made under Subsection (4); and(ii) whose life or safety has been threatened in the course of performing the individual's state duties through a text, phone call, email, postal delivery, face-to-face encounter, or website or online application.(2) At the written request of a state elected official or a state employee who has been threatened, the division shall within 30 days of receipt of the request:(a) search the open web for personal identifying information that is about the state elected official or state employee who has been threatened;(b) when possible, remove the personal identifying information found under Subsection (2)(a) from the open web; and(c) conduct continuous monthly removal when possible of personal identifying information from the open web.(3) The chief information officer may contract, in accordance with Title 63G, Chapter 6a, Utah Procurement Code, with a third party to provide the services described in Subsection (2).(4) The chief information officer may by rule made in accordance with Title 63G, Chapter 3, Utah Administrative Rulemaking Act, establish requirements related to: (a) what information the state elected official or state employee who has been threatened shall provide the division as part of the request described in Subsection (2);(b) procedures for submitting the written request to the division; and(c) establishing the selective criteria used to determine whether a state employee may receive the services described in Subsection (2).(5) The division may not charge a rate for the services provided under this section.(6)(a) In addition to the governmental immunity granted in Title 63G, Chapter 7, Governmental Immunity Act of Utah, the division is not liable for actions performed under this section except as a result of intentional misconduct or gross negligence including reckless, willful, or wanton misconduct.(b) This section does not create a special duty of care.(7) A federal, state, or local government record is not subject to this section, even if the government record contains personal identifying information.Added by Chapter 508, 2024 General Session ,§ 2, eff. 5/1/2024.