BILL ANALYSIS

AUTHOR'S / SPONSOR'S STATEMENT OF INTENT

S.B. 2116 would ban the following governments from connecting physically/remotely into Texas critical infrastructure due to acts of aggression towards the United States, human rights abuses, intellectual property theft, previous critical infrastructure attacks, and ties to other hostile actions performed against the State of Texas and the United States: companies owned (controlling interests) or connected to individuals holding citizenship with the governments of China, Iran, North Korea, and/or Russia.

Critical infrastructure is defined as an electrical grid system, water treatment facility, communications system, critical cyber infrastructure, or chemical facility.

(Original Author's / Sponsor's Statement of Intent)

S.B. 2116 amends current law relating to prohibiting contracts or other agreements with certain foreign-owned companies in connection with critical infrastructure in this state.

RULEMAKING AUTHORITY

This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency.

SECTION BY SECTION ANALYSIS

SECTION 1. Authorizes this Act to be cited as the Lone Star Infrastructure Protection Act.

SECTION 2. Amends Subtitle C, Title 5, Business & Commerce Code, by adding Chapter 113, as follows:

CHAPTER 113. PROHIBITION ON AGREEMENTS WITH CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE

Sec. 113.001. DEFINITIONS. Defines "company," "critical infrastructure," "cybersecurity," and "designated country."

Sec. 113.002. PROHIBITED ACCESS TO CRITICAL INFRASTRUCTURE. (a) Prohibits a business entity from entering into an agreement relating to critical infrastructure in this state with a company:

(1) if, under the agreement, the company would be granted direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the business entity for product warranty and support purposes; and

(2) if the business entity knows that the company is:

(A) owned by or the majority of stock or other ownership interest of the company is held or controlled by:

(i) individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; or

(ii) a company or other entity, including a governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or

(B) headquartered in China, Iran, North Korea, Russia, or a designated country.

(b) Provides that the prohibition described by Subsection (a) applies regardless of whether the company's or its parent company's securities are publicly traded, or whether the company or its parent company is listed on a public stock exchange as a Chinese, Iranian, North Korean, or Russian company or as a company of a designated country.

Sec. 113.003. DESIGNATION OF COUNTRY AS THREAT TO CRITICAL INFRASTRUCTURE. (a) Authorizes the governor, after consultation with the public safety director of the Department of Public Safety of the State of Texas (public safety director), to designate a country as a threat to critical infrastructure for purposes of this chapter.

(b) Requires the governor to consult the Homeland Security Council, established under Subchapter B (Homeland Security Council), Chapter 421 (Homeland Security), Government Code, to assess a threat to critical infrastructure for purposes of making a designation under this section.

SECTION 3. Amends Subtitle F, Title 10, Government Code, by adding Chapter 2274, as follows:

CHAPTER 2274. PROHIBITION ON CONTRACTS WITH CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE

Sec. 2274.0101. DEFINITIONS. Defines "company," "critical infrastructure," "cybersecurity," "designated country," and "governmental entity."

Sec. 2274.0102. PROHIBITED CONTRACTS. (a) Prohibits a governmental entity from entering into a contract or other agreement relating to critical infrastructure in this state with a company:

(1) if, under the contract or other agreement, the company would be granted direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the governmental entity for product warranty and support purposes; and

(2) if the governmental entity knows that the company is:

(A) owned by or the majority of stock or other ownership interest of the company is held or controlled by:

(i) individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; or

(ii) a company or other entity, including a governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or

(B) headquartered in China, Iran, North Korea, Russia, or a designated country.

(b) Provides that the prohibition described by Subsection (a) applies regardless of whether the company's or its parent company's securities are publicly traded, or whether the company or its parent company is listed on a public stock exchange as a Chinese, Iranian, North Korean, or Russian company or as a company of a designated country.

Sec. 2274.0103. DESIGNATION OF COUNTRY AS THREAT TO CRITICAL INFRASTRUCTURE. (a) Authorizes the governor, after consultation with the public safety director, to designate a country as a threat to critical infrastructure for purposes of this chapter.

(b) Requires the governor to consult the Homeland Security Council, established under Subchapter B, Chapter 421, to assess a threat to critical infrastructure for purposes of making a designation under this section.

SECTION 4. Makes application of this Act prospective.

SECTION 5. Effective date: upon passage or September 1, 2021.