Texas and California have enacted sharply different comprehensive data privacy laws, highlighting the growing patchwork of state-level regulations that businesses must navigate in the absence of a federal privacy standard.
Key Differences
California's updated CPRA amendments strengthen consumer rights and create a new enforcement division, while Texas's approach prioritizes business flexibility with lighter compliance burdens.
- California requires opt-in consent for data collection; Texas uses opt-out model
- California allows private lawsuits for data breaches; Texas limits enforcement to the AG office
- California mandates data minimization; Texas requires only disclosure of data practices
- Both states cover biometric data but with different retention requirements
Business Impact
Companies operating nationwide now face compliance costs estimated at $4.7 billion annually across all state privacy laws. Industry groups have intensified lobbying for federal preemptive legislation that would establish a single national standard.
