As we previously reported, the Texas legislature has been considering two bills directed at addressing consumer privacy. Those bills were proposed in the wake of last year’s enactment of the California Consumer Privacy Act.

On May 7, 2019, the Texas House voted overwhelmingly to pass one of those bills – HB 4390 – however, the version it passed was significantly amended and will no longer provide any privacy rights to Texas residents.

Specifically, the engrossed version only would establish a Texas Privacy Protection Advisory Council to “study data privacy laws in this state.” It also would amend the Texas breach notification statute to require notification to affected individuals no later than 60 days after a person determines that a breach occurred.  The current version of the breach notification statute does not specify a set number of days for providing notice.  Additionally, the bill would require that notice be provided to Texas’s Attorney General in certain circumstances. If the bill becomes law, the Council would be required to report its findings to the legislature no later than September 1, 2020.  The bill is now under consideration in the Senate.

The other proposed bill – HB 4518 – was left pending in committee on April 2, 2019.

The last day of the Texas legislative session is May 27, 2019. Notably, the Texas legislature meets only every other year.

Over the next few months, Husch Blackwell’s privacy and data security blog will continue to provide updates on proposed state privacy laws.  Register here to stay up-to-date on these bills.

In the end, it appears that the Texas legislature is going to punt on passing anything this year, do its homework, and come back with all new privacy legislation in 2021. This has become a consistent theme across the country as privacy bills proposed in other states such as Washington and Maryland have failed to become law.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Eric Levy Eric Levy

Eric is on the front lines of advising clients in the fast-moving fields of information privacy, data breach and other technology issues. Eric’s counsel on cybersecurity risks includes drafting privacy policies and notices and negotiating contracts allocating data protection and data gathering risks.

Photo of David Stauss David Stauss

David routinely counsels clients on complying with privacy laws such as the EU’s General Data Protection Regulation, the California Consumer Privacy Act, the Colorado Privacy Act, and other state privacy laws. David is certified by the International Association of Privacy Professionals as…

David routinely counsels clients on complying with privacy laws such as the EU’s General Data Protection Regulation, the California Consumer Privacy Act, the Colorado Privacy Act, and other state privacy laws. David is certified by the International Association of Privacy Professionals as a Privacy Law Specialist, Certified Information Privacy Professional (US and EU), Certified Information Privacy Technologist, and Fellow of Information Privacy.

Photo of Ephraim Hintz Ephraim Hintz

Ephraim assists a broad range of clients across industries with their litigation matters. His experience includes contract disputes, complex workplace safety issues, arbitration hearings, regulatory issues and property rights matters. He is also involved with the emerging and innovative legal field of data…

Ephraim assists a broad range of clients across industries with their litigation matters. His experience includes contract disputes, complex workplace safety issues, arbitration hearings, regulatory issues and property rights matters. He is also involved with the emerging and innovative legal field of data privacy.