101ST GENERAL ASSEMBLY
State of Illinois
2019 and 2020
HB2540
 
Introduced , by Rep. Sonya M. Harper
 
SYNOPSIS AS INTRODUCED:
 

 
New Act

     Creates the Blockchain Business Development Act. Provides for the creation and regulation of personal information protection companies. Provides for the creation and regulation of blockchain-based limited liability companies as businesses that utilize blockchain technology for a material portion of their business activities. Provides for a public record blockchain study and report. Provides for a blockchain insurance and banking study and report. Requires the Department of Commerce and Economic Opportunity to incorporate into one or more of its economic development marketing and business support programs, events, and activities topics concerning blockchain technology and financial technology. Defines terms.
  


LRB101 06907 RJF 51939 b

FISCAL NOTE ACT MAY APPLY
 
 
A BILL FOR
 

  
HB2540LRB101 06907 RJF 51939 b


  
1    AN ACT concerning business.
  
 
2    Be it enacted by the People of the State of Illinois,
 
3represented in the General Assembly:
  
 
 
4    Section 1. Short title. This Act may be cited as the 
5Blockchain Business Development Act.
 
6    Section 5. Definitions. As used in this Act:

7    "Blockchain" means cryptographically secured, 
8chronological, and decentralized consensus ledger or consensus 
9database maintained via Internet, peer-to-peer network, or 
10other interaction.

11    "Blockchain technology" means computer software or 
12hardware or collections of computer software or hardware, or 
13both, that utilize or enable a blockchain.

14    "Department" means the Department of Financial and 
15Professional Regulation.

16    "Participant" means: (1) each person that has a partial or 
17complete copy of the decentralized consensus ledger or database 
18utilized by the blockchain technology, or otherwise 
19participates in the validation processes of such ledger or 
20database; (2) each person in control of any digital asset 
21native to the blockchain technology; and (3) each person that 
22makes a material contribution to the protocols.

23    "Personal information" means data capable of being 
 
 
HB2540- 2 -LRB101 06907 RJF 51939 b

1associated with a particular natural person, including gender 
2identification, birth information, marital status, citizenship 
3and nationality, biometric records, government identification 
4designations, and personal, educational, and financial 
5histories.

6    "Personal information protection company" means a business 
7that is organized for the primary purpose of providing personal 
8information protection services to individual consumers.

9    "Personal information protection services" means 
10receiving, holding, and managing the disclosure or use of 
11personal information concerning an individual consumer: (1) 
12pursuant to a written agreement in which the person receiving 
13the individual consumer's information agrees to serve as a 
14personal information protection company, and which specifies 
15the types of personal information to be held and the scope of 
16services to be provided on behalf of the consumer; and (2) in 
17the best interests and for the protection and benefit of the 
18consumer.

19    "Protocols" means the designated regulatory model of the 
20software that governs the rules, operations, and communication 
21between nodes on the network utilized by the participants.

22    "Virtual currency" means a digital representation of value 
23that: (1) is used as a medium of exchange, unit of account, or 
24store of value; and (2) is not legal tender, whether or not 
25denominated in legal tender. 
 
 
 
HB2540- 3 -LRB101 06907 RJF 51939 b

1    Section 10. Qualified personal information protection 
2company.

3    (a)   A personal information protection company shall 
4qualify to conduct its business under the terms of this Act and 
5applicable rules adopted by the Department of Financial and 
6Professional Regulation.

7    (b)   A person shall not engage in business as a personal 
8information protection company in this State without first 
9obtaining authorization from the Department.

10    (c)   A personal information protection company shall:
     
11        (1)   be organized or authorized to do business under the 
12    laws of this State;
     
13        (2)   maintain a place of business in this State;
     
14        (3)   appoint a registered agent to accept service of 
15    process and to otherwise act on its behalf in this State; 
16    provided that, whenever the registered agent cannot with 
17    reasonable diligence be found at the Illinois registered 
18    office of the company, the Secretary of State shall be an 
19    agent of the company upon whom any process, notice, or 
20    demand may be served;

21        (4)   annually hold at least one meeting of its governing 
22    body in this State, at which meeting one or more members of 
23    the body are physically present; and

24        (5)   develop, implement, and maintain a comprehensive 
25    information security program that contains administrative, 
26    technical, and physical safeguards sufficient to protect 
 
 
HB2540- 4 -LRB101 06907 RJF 51939 b

1    personal information, and which may include the use of 
2    blockchain technology in some or all of its business 
3    activities.

4    (d)   A personal information protection company that accepts 
5personal information based upon to a written agreement to 
6provide personal information protection services has a 
7fiduciary responsibility to the consumer when providing 
8personal protection services.

 
9    Section 15. Personal information protection company name; 
10conduct of business.

11    (a) A personal information protection company shall file 
12with the Department the name it proposes to use in connection 
13with its business, which the Department shall not approve if it 
14determines that the name may be misleading, likely to confuse 
15the public, or deceptively similar to any other business name 
16in use in this State.

17    (b) A personal information protection company may:

18        (1) operate through remote interaction with the 
19    individuals entrusting personal information to the 
20    company, and there shall be no requirement of Illinois 
21    residency or other contact for any such individual to 
22    establish such a relationship with the company; and

23        (2) subject to applicable fiduciary duties, the terms 
24    of any agreement with the individual involved, and any 
25    applicable statutory or regulatory provision:

 
 
HB2540- 5 -LRB101 06907 RJF 51939 b

1            (A)   provide elements of personal information to 
2        third parties with which the individual seeks to have a 
3        transaction, a service relationship, or other 
4        particular purpose interaction;
     
5            (B)   provide certification or validation concerning 
6        personal information; and
     
7            (C)   receive compensation for acting in these 
8        capacities.

9    (c) An authorization to provide personal information may be 
10either particular or general, provided it meets the terms of 
11any agreement with the individual involved and any rules 
12adopted by the Department.

 
13    Section 20. Assessment of fees; authority of the Department 
14regarding personal information protection companies; 
15implementation report.

16    (a)   The Department of Financial and Professional 
17Regulation shall assess the following fees for a personal 
18information protection company:

19        (1)   an initial registration fee of $1,000, consisting a 
20    licensing fee of $500 and an investigation fee of $500;
          
21        (2)   an annual renewal fee of $500; and
          
22        (3)  a change in address fee of $100.

23    (b)   The Department shall have the authority to bill a 
24personal information protection company for examination time 
25at its standard rate.

 
 
HB2540- 6 -LRB101 06907 RJF 51939 b

1    (c)   In addition to other powers conferred under this Act, 
2the Department shall have the authority to review records, 
3conduct examinations, and require annual audits of a personal 
4information protection company.

5    (d)   The Department may prescribe by rule the timing and 
6manner of reports by a personal information protection company 
7to the Department.

8    (e)   The Department may adopt rules to govern other aspects 
9of the business of a personal information protection company, 
10including its protection and safeguarding of personal 
11information and its interaction with third parties with respect 
12to personal information it holds.

13    (f)   Within 2 years after the effective date of this Act, 
14the Department shall submit to the Governor and General 
15Assembly a progress report that addresses:

16        (1)   the implementation of the provisions concerning 
17    the regulation of personal information protection 
18    companies under this Act; and

19        (2)   the status of any rulemaking pursuant to its 
20    authority under this Section.

 
21    Section 25. Blockchain-based limited liability company.

22    (a) For the purposes of this Section, "company" means a 
23blockchain-based limited liability company.

24    (b) A limited liability company organized under the Limited 
25Liability Company Act for the purpose of operating a business 
 
 
HB2540- 7 -LRB101 06907 RJF 51939 b

1that utilizes blockchain technology for a material portion of 
2its business activities may elect to be a blockchain-based 
3limited liability company (BBLLC) by:

4        (1) specifying in its articles of organization that it 
5    elects to be such a company (BBLLC); and
     
6        (2) meeting the requirements of subsections (c) and 
7    (d).

8    (c) Notwithstanding any provision of law to the contrary, a 
9blockchain-based limited liability company established under 
10this Section may provide for its governance, in whole or in 
11part, through blockchain technology. The operating agreement 
12for the company shall:
   
13        (1) provide a summary description of the mission or 
14    purpose of the company;
     
15        (2) specify whether the decentralized consensus ledger 
16    or database utilized or enabled by the company will be 
17    fully decentralized or partially decentralized and whether 
18    such ledger or database will be fully or partially public 
19    or private, including the extent of participants' access to 
20    information and read and write permissions with respect to 
21    protocols;

22        (3) adopt voting procedures, which may include smart 
23    contracts carried out on the blockchain technology, to 
24    address:

25            (A) proposals from managers, members, or other 
26        groups of participants in the company for upgrades or 
 
 
HB2540- 8 -LRB101 06907 RJF 51939 b

1        modifications to software systems or protocols, or 
2        both;

3            (B) other proposed changes to the company 
4        operating agreement; or

5            (C) any other matter of governance or activities 
6        within the purpose of the company;

7        (4) adopt protocols to respond to system security 
8    breaches or other unauthorized actions that affect the 
9    integrity of the blockchain technology utilized by the 
10    company;

11        (5) provide how a person becomes a member of the 
12    company with an interest, which may be denominated in the 
13    form of units, shares of capital stock, or other forms of 
14    ownership or profit interests; and

15        (6) specify the rights and obligations of each group of 
16    participants within the company, including which 
17    participants shall be entitled to the rights and 
18    obligations of members and managers.

19    (d) A member or manager of a blockchain-based limited 
20liability company may interact with the company in multiple 
21roles, including as a member, manager, developer, node, miner, 
22or other participant in the company, or as a trader and holder 
23of the currency in its own account and for the account of 
24others, provided such member or manager complies with any 
25applicable fiduciary duties. The activities of a member or 
26manager who interacts with the company through multiple roles 
 
 
HB2540- 9 -LRB101 06907 RJF 51939 b

1are not deemed to take place in this State solely because the 
2company is organized in this State.

3    (e) A blockchain-based limited liability company may adopt 
4any reasonable algorithmic means for accomplishing the 
5consensus process for validating records, as well as 
6requirements, processes, and procedures for conducting 
7operations, or making organizational decisions on the 
8blockchain technology used by the company.

9    (f) A blockchain-based limited liability company may, in 
10accordance with any procedure specified under subsection (c), 
11modify the consensus process, requirements, processes, and 
12procedures, or substitute a new consensus process, 
13requirements, processes, or procedures that comply with the 
14requirements of law and the governance provisions of the 
15company.

16    (g) Except as expressly provided otherwise, this Section 
17does not exempt a blockchain-based limited liability company 
18from any other judicial, statutory, or regulatory provision of 
19Illinois law or federal law, including State and federal 
20securities laws. Except to the extent inconsistent with the 
21provisions of this Section, the provisions of the Limited 
22Liability Company Act govern.

 
23    Section 30. Public record blockchain study; report.

24    (a) On or before January 1, 2021, the Secretary of State 
25shall:
       
 
 
HB2540- 10 -LRB101 06907 RJF 51939 b

1        (1)   evaluate blockchain technology for the systematic 
2    and efficient management of public records;
       
3        (2)   recommend legislation, including uniform laws, 
4    necessary to support the possible use of blockchain 
5    technology for the recording of land records and for other 
6    public records; and
       
7        (3)   submit its findings and recommendations to 
8    Governor and the General Assembly.

9    (b) This Section is repealed January 1, 2022.

 
10    Section 35. Blockchain insurance and banking study.

11    (a)   The Department of Financial and Professional 
12Regulation shall review the potential application of 
13blockchain technology to the provision of insurance and 
14banking, and consider areas for potential adoption and any 
15necessary regulatory changes in Illinois.

16    (b)   On or before January 1, 2021, the Department shall 
17submit a report of its findings and recommendations to the 
18Governor and General Assembly.

19    (c)   This Section is repealed January 1, 2022.

 
20    Section 40. Blockchain and financial technology promotion. 
21The Department of Commerce and Economic Opportunity shall 
22incorporate into one or more of its economic development 
23marketing and business support programs, events, and 
24activities the following topics:
     
 
 
HB2540- 11 -LRB101 06907 RJF 51939 b

1        (1)   opportunities to promote blockchain technology and 
2    financial technology-related economic development in the 
3    private sector, including in the areas of banking, 
4    insurance, retail and service businesses, and 
5    cryptocurrency;

6        (2)   legal and regulatory mechanisms that enable and 
7    promote the adoption of blockchain technology and 
8    financial technology in this State; and

9        (3)   educational and workforce training opportunities 
10    in blockchain technology, financial technology, and 
11    related areas.