Both the Texas House and Senate have approved the latest comprehensive privacy law. This is significant for organizations as it’s one of the first states in the middle of the country to pass a law with widespread applicability – almost 30 million consumers will be covered by this legislation. Texas is the 5th state to recognize an opt-out, further cementing the importance of this must-implement requirement. Furthermore, this bill’s effective date of July 1, 2024 is sooner than others that have passed recently:
When analyzing Texas’ law, applicability is the most significant difference when comparing it to the wave of Virginia-like privacy regulations. The regulation applies if you conduct business in Texas or with any Texas residents, sell data (which includes sharing/transferring for consideration making it very broad, like CCPA), and are not a small business as defined by the SBA (Small Business Administration). This makes it potentially extra territorial and broadly applicable since there’s no threshold for the number of consumers. Uniquely, consent for sensitive data must be obtained by all organizations, even those considered to be a small business.
The law was originally designed with an effective date of March 1, 2024 but was adjusted to July 1, 2024 and includes recognizing Universal Opt-Out Mechanisms (UOOM) and changes to a notice, especially if you collect sensitive data.
Truyo will keep you apprised of any additional information released including governor’s signature, which we predict will happen in the next 10 days as we’ve heard from an insider that Governor Greg Abbott supports this bill.