The Department of Information Resources (department) proposes new §206.1, web site definitions; §206.2, accessibility and usability of state web sites; §206.3, privacy and security of state web sites; §206.4, state web site link and privacy policy; and §206.5, linking and indexing of state web sites. Simultaneous with publication of these proposed rules, the department is proposing the repeal of §201.12, state web sites so that all state web site rules are transferred from chapter 201 to chapter 206 of Title 1.

Proposed §206.1 contains the definitions applicable within chapter 206. The section contains many of the definitions from the department's state web site rule located in §201.12. It also contains new definitions of "accessible," "accessibility policy," "Compact with Texans," "link policy," "open records/Public Information Act notice," "usability," "web bug," and "web page." Proposed §206.1 also amends the definitions in existing §201.12 of "generally accessible Internet site," "privacy and security policy," "Texas home page" and "transaction payment information." Proposed §206.1 deletes the definitions found in existing §201.12 of "alt tags," "historical document," and "IETF." The purpose of the changes is to clarify the terms used in the state web site rules.

Proposed §206.2 requires state agencies to develop and publish an accessibility policy for their web sites or pages that complies with certain standards. It also requires that the agency's home page and key public entry points include an accessibility link to a web page containing the agency's accessibility, policy, site validation, contact information for the agency's accessibility coordinator and a link to the Governor's Committee on People with Disabilities web site. The purpose of this section is provide accessibility of state agency web sites to users.

Proposed §206.3 requires each state agency to publish a privacy and security policy applicable to its web site. Existing §201.12(b)(1)(D) required publication of only a privacy policy. In addition to the requirements carried over from existing §201.12, proposed §206.3(a) requires the privacy and security policy to address options concerning whether personal information collected from individuals may be used for purposes beyond the purposes for which the information was provided, whether the individual wishes to have that information shared, how the individual may obtain, or have corrected, the information about him or her held by the state agency and the procedures that ensure the information collected from individuals is accurate and secure from unauthorized use. Proposed §206.3(b) requires that web pages designed for children comply with federal and state laws intended to protect minors. Proposed §206.3(c) requires state agencies to conduct transaction risk assessments and implement appropriate privacy and security safeguards before providing access to information or services on a state web site that require user identification. Certain information must be protected by a secure socket layer session or equivalent technology to encrypt the data. Proposed §206.3(d) provides that any web-based forms that request information from the public must link to the associated privacy and security policy. Certain of the changes proposed in this section result from enactment of HB 2589 and HB 1922, 77th legislature.

As required by HB 2589 and HB 1922, 77th legislature, proposed §206.4 establishes a state web site link and privacy policy that contains the requirements for linking to state agency web sites, provides for protection of the privacy rights of individuals by non-judiciary state governmental bodies, and specifies certain web site requirements applicable to all state agencies.

Proposed §206.5 sets forth descriptive page title and meta tag requirements applicable to state publications as well as certain link requirements.

Mr. Mel Mireles, director of the Enterprise Operations Division, has determined that for each year of the first five years after adoption of the proposed rules, there will be no fiscal implications for state or local government as a result of adoption of the rules. He does not anticipate either a loss of, or increase in, revenues to state or local government as a result of the propose rules.

There will be no effect on small businesses and no additional anticipated economic cost to persons as a result of adoption of the proposed rules. The public benefit of adoption of the rules is greater protection of individuals' privacy, increased state agency web site accessibility by individuals and a reduced chance of public confusion associated with linking of site owners to state agency web sites.

Comments on the proposed new §§206.1-206.5 may be submitted to Renee Mauzy, General Counsel, Department of Information Resources, via mail to P.O. Box 13564, Austin, Texas 78711, or electronically to renee.mauzy@dir.state.tx.us no later than 5:00 p.m. CST within 30 days after publication.

The new rules are proposed pursuant to Texas Government Code §2054.052(a) which provides the department may adopt rules as necessary to implement its responsibilities under the Information Resources Management Act, Texas Government Code §559.002 and §559.003, enacted in HB 1922, 77th legislature, which provide for a right to notice about certain information laws and practices and the right to correct incorrect information held by state agencies and Texas Government Code §2054.121, enacted HB 2589, 77th legislature, which requires the department to adopt a state web site linking policy.

Texas Government Code §§559.002, 559.003 and 2054.121 are affected by the proposed rules.