AUSTIN, Texas – Texas Speaker of the House Dade Phelan and Representative Giovanni Capriglione today touted the Texas Data Privacy and Security Act taking effect as a historic consumer data privacy and digital transparency measure. The Act provides Texans greater control over their personal data online and requires businesses to implement heightened standards on data security and the collection of personal data.
“The Texas House has always prioritized Texans’ fundamental rights to privacy and personal autonomy, especially as we conduct an increasingly large portion of our lives online,” said Speaker Phelan. “Beginning today, the Texas Data Privacy and Security Act will allow Texas consumers enhanced control and oversight over the use of their personal data while implementing a robust set of guidelines for businesses to follow. Not only will consumers be given more say over their data, but parents can further safeguard their children against exploitation by Big Tech and online companies through these new protections. I thank Representative Capriglione for his tireless work ensuring Texans have their rights respected in online settings and my House colleagues for their continued support of this important issue.”
“Today is the culmination of a seven-year effort to give Texans control over their personal data,” said Representative Capriglione. “For too long, Texans have been subject to security breaches, invasions of privacy and unfair treatment online with no legal recourse. That ends today. Our personal data belongs to us, and now Texans have the tools to make informed decisions online and protect their privacy and security. While the Texas Data Privacy and Security Act is already the strongest data privacy law in the nation, it is just the start. I will continue to work with Speaker Phelan and my colleagues in the legislature to strengthen enforcement and find more ways to keep Texans safe and secure online.”
Created by House Bill 4 during the 88th Regular Session, the Texas Data Privacy and Security Act grants Texas consumers a definitive set of rights to control their data online, including:
- The Right to Know: Consumers have the right to know what personal data is being collected about them, the purposes for which it is being used, and whether it is being sold or shared with third parties
- The Right to Access: Consumers can request access to the personal data a business has collected about them and obtain a copy of the data
- The Right to Correct & Delete: Consumers have the right to demand corrections to their personal data and demand the deletion of their personal data held by a business
- The Right to Opt-in: Businesses may not collect sensitive data without a consumer’s consent or “opt-in.” Sensitive data is any data revealing a protected class, health diagnosis, genetic or biometric data, children’s data or geolocation
- The Right to Opt-out: Consumers can opt-out of the sale of their personal data, targeted advertising and data profiling when the profile is used to produce legal or similarly significant effects concerning them
- The Right to Non-Discrimination: Businesses cannot deny goods or services, charge different prices or provide a different quality of service based on a consumer exercising their data privacy rights
The Act also requires companies to maintain rigorous standards regarding data security and the collection of personal data, as well as requiring a disclosure on a company’s website when it plans to sell sensitive or biometric data.