Texas AG Gearing Up for “Aggressive” Enforcement as New Privacy Law Takes Effect July 1

  • Texas AG Ken Paxton has launched an initiative focused on “aggressive enforcement of Texas privacy laws,” and tasked a large team within the office’s Consumer Protection Division with ramping up enforcement of the state’s Data Privacy and Security Act (DPSA), Identify Theft Enforcement and Protection Act, Data Broker Law, and Biometric Identifier Act, as well as the federal Children’s Online Privacy Protection Act and the Health Insurance Portability and Accountability Act, among others.
  • As previously reported, the Texas State Legislature appropriated millions of dollars to the AG’s office for purposes of enforcing the DPSA, which takes effect July 1, 2024. In announcing this initiative, AG Paxton warns that “Any entity abusing or exploiting Texans’ sensitive data will be met with the full force of the law. Companies that collect and sell data in an unauthorized manner, harm consumers financially, or use artificial intelligence irresponsibly present risks to our citizens that we take very seriously.”
  • Texas is not alone in its increased focus on privacy enforcement, particularly with regard to AI– Massachusetts AG Andrea Campbell recently issued an advisory on the application of the state’s consumer protection, civil rights, and data privacy laws to AI, and the Colorado AG has authority to enforce the new Colorado Artificial Intelligence Act. For more coverage of state AGs’ responses to AI and other emerging technologies, see our recent Expert Analysis for Law360.