The old saying goes, “Don’t mess with Texas.” The same can be said of the Texas Privacy Act.

The Texas Department of Information Resources recently issued an implementation status for the act.

Some highlights:

• In the first four and a half months of its activation, 1,047 consumers filed complaints through the complaint portal. Of those complaints, 70.6% were privacy focused — far more than what other states with a similar complaint process have seen.
• Key issues flagged by consumers: the difficulty of the process to exercise their rights and understand whether the right to opt out applies prospectively (and for how long).
• Controllers asked for clarity on implementation of the right to delete, the definition of publicly available information, how to carry out authentication without asking for too much extra information and what additional provisions to include in the data processing agreements.
• The DIR made some recommendations regarding the amendment of the law to address these issues. However, the report cites some provisions in other U.S. state privacy laws that can help controllers comply with the Texas law in the interim.