As we previously reported, the Texas legislature has been considering two bills directed at addressing consumer privacy. Those bills were proposed in the wake of last year’s enactment of the California Consumer Privacy Act.

On May 7, 2019, the Texas House voted overwhelmingly to pass one of those bills – HB 4390 – however, the version it passed was significantly amended and will no longer provide any privacy rights to Texas residents.

Specifically, the engrossed version only would establish a Texas Privacy Protection Advisory Council to “study data privacy laws in this state.” It also would amend the Texas breach notification statute to require notification to affected individuals no later than 60 days after a person determines that a breach occurred.  The current version of the breach notification statute does not specify a set number of days for providing notice.  Additionally, the bill would require that notice be provided to Texas’s Attorney General in certain circumstances. If the bill becomes law, the Council would be required to report its findings to the legislature no later than September 1, 2020.  The bill is now under consideration in the Senate.

The other proposed bill – HB 4518 – was left pending in committee on April 2, 2019.

The last day of the Texas legislative session is May 27, 2019. Notably, the Texas legislature meets only every other year.

Over the next few months, Husch Blackwell’s privacy and data security blog will continue to provide updates on proposed state privacy laws.  Register here to stay up-to-date on these bills.

In the end, it appears that the Texas legislature is going to punt on passing anything this year, do its homework, and come back with all new privacy legislation in 2021. This has become a consistent theme across the country as privacy bills proposed in other states such as Washington and Maryland have failed to become law.