Starting July 1, 2024, Texas will officially enforce the state’s Data Privacy and Security Act.
According to the Office of the Attorney General, the new law will allow Texas residents to access, correct, and delete their personal data collected by companies.
Users in Texas can also ask such companies to stop collecting, using, and selling their personal data and information.
Personal data collected by companies can be users’ shopping preferences, habits, social media activities, and more.
The law will directly impact companies and organizations that “conduct business in [Texas] or produce a product or service consumed by residents of [Texas]” and that collect, use, store, sell, share, analyze, or process consumers’ personal data.”
However, the law doesn’t apply to all companies and organizations.
The Texas Data Privacy and Security Act will not apply to small companies employing fewer than 500 people, state agencies, educational institutions, utility providers, and healthcare organizations supervised by the Department of Health and Human Services.
Small companies, though exempt from the law, still have to obtain users’ consent before collecting sensitive data, such as precise geolocation data and information on children under 13.
Companies that don’t comply within 45 days can be fined up to $7,500.
With the Texas Data Privacy and Security Act, the Lone Star State has joined ten other states in the U.S. to sign a consumer data privacy law.
Texas Attorney General Ken Paxton has also designated a new team to enforce the Act, along with other privacy laws such as the Identity Theft Enforcement and Protection Act, the Data Broker Law, and federal laws including the Children’s Online Privacy Protection Act (COPPA) and the Health Insurance Portability and Accountability Act (HIPAA).
Texans can file consumer complaints with the Attorney General here.`
