Texas Privacy Protection Advisory Council REPORT.

The Report offers these concepts to consider for future legislation:

• The regulatory and compliance costs of CCPA and GDPR which may have created uneven benefits and restrictions to certain consumers and businesses. Many companies in Texas are already complying with both laws and any Texas law should seek to compliment and not conflict with existing federal laws and frameworks.
• The Fourth Amendment protections.
• The duties and responsibilities of application resellers in governing privacy policies of third-party vendors.
• The impact of COVID-19.

The report offers these recommendations:

1. Process for ensuring that all state agencies are adhering to privacy standards, and policies are continually updated to reflect new technologies, business practices, and risks.
2. Proposals should consider a new and appropriate balance between additional consumer privacy protections and data security within a fair regulatory/compliance privacy framework.
3. Proposals should consider the impact to highly regulated data, like health information or banking data, and how those proposals compliment applicable federal law.
4. Legislation should be written broadly enough to allow the adoption of new technology and business standards.
5. Proposals should consider existing laws in Texas and other states in order to not conflict.
6. Texans have the right to know how their personal information is being used and the Legislature should consider ways to strengthen that right.

Texas Privacy Protection Advisory Council Report September 2020