Support Centre

Texas

Summary

Law: Texas Data Privacy and Security Act (TDPSA)

Regulator: The Texas Attorney General (AG)

Summary: The TDPSA entered into effect on July 1, 2024, following its enactment on June 18, 2023. Notably, the provisions on the ability of consumers to direct a third party to opt out of the processing of personal data on their behalf do not enter into effect until January 1, 2025. The Act introduces obligations for data controllers and processors including disclosure as well as vendor management requirements and establishes new consumer rights such as the right to access, delete, be informed (confirmation), and the right to opt out of targeted advertising and the sale of personal data. Furthermore, the Act provides the AG with enforcement powers but does not provide a private right of action.

In addition, the Identity Theft Enforcement and Protection Act (the Identity Theft Act), under Chapter 521, Title 11 of the Business and Commerce Code, and Chapter 33, Title 7 of the Penal Code, contain general privacy provisions focusing on the protection of personal identifying information and sensitive personal information. Furthermore, Texas has a range of sector-specific privacy regulations governing health data, financial data, biometric data, and unsolicited commercial communications. This includes an Act relating to an individual's genetic data, regulating the use of direct-to-consumer genetic testing companies, which entered into force on September 1, 2023.

News

Insights

June 2024

USA: Comparing new privacy laws in Florida, Texas, Oregon, and Montana

On July 1, 2024, state privacy legislation in Florida, Texas, and Oregon will enter into effect, joining those laws already in force including, California, Connecticut, Colorado, Virginia, and Utah. 2024 will also see the entrance into effect, on October 1, 2024, of a state privacy law in Montana. Each law builds on trends seen in other US state privacy legislation, though each has distinct provisions. OneTrust DataGuidance breaks down some of the key provisions of the Florida, Texas, Oregon, and Montana laws.

August 2023

Texas: A comprehensive look at the Data Privacy and Security Act

Texas enacted the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023, and compliance is required starting from July 1, 2024. Businesses experienced with other comprehensive state consumer privacy laws will find most aspects of the TDPSA to be familiar. However, the TDPSA incorporates unique features that businesses should consider when updating their privacy programs for compliance with Texas regulations.

In this Insight article, Wendell Bartnick, Christian Blair, and Stuart Cobb, from Reed Smith LLP, delve into the TDPSA's applicability, unique features, exemptions, potential risks of non-compliance, and various compliance considerations, including privacy requests, authorized agents, data safeguards, privacy notices, disclosure of personal data sales, and updating vendor management processes to meet TDPSA requirements.

July 2023

Texas: TDPSA - FAQs

The Texas Data Privacy and Security Act (TDPSA) was signed into law by the Governor of Texas on July 1, 2023, having passed both the Texas State Senate and the Texas House of Representatives.

The TDPSA will enter into effect on July 1, 2024.

June 2023

Texas: TDPSA - what you need to know

On February 16, 2023, the Texas Data Privacy and Security Act (TDPSA) was introduced to the Texas House of Representatives. Since then, the TDPSA has passed both the House and the Senate, and was signed on June 18, 2023, by the Governor of Texas. The TDPSA introduces obligations for both data controllers and data processors and the majority of its provisions will enter into force on July 1, 2024. OneTrust DataGuidance Research gives an overview of the Act.

Company

Our Policies

Your Rights

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© OneTrust, LLC. All Rights Reserved.
The materials herein are for informational purposes only and do not constitute legal advice.