德州數據隱私法概述

Texas is one of the richest states in the USA and has been receiving a large amount of tech companies in recent years: Oracle, Cloudflare, and Tesla changed cities like Palo Alto and San Francisco for Austin and Houston. So now you may be wondering: why did they change? And what is the relationship between cybersecurity and the Texan economy? Read more ahead in this article:

• Why Is Texas Turning Into the New Silicon Valley?

The name “Silicon Hills” initially referred to the mountainous terrain on the West side of Austin, but now it makes a clear parallel to Silicon Valley. Austin has always housed many companies focused on technology, but in recent years, the growth has been exponential, and giants such as Google and Amazon have migrated to the region, building large facilities.

One of the main reasons is “economic freedom”, a term defended by the current state governor, Greg Abbott. Local politicians aim to attract more and more new investors to the state. In addition to not having a state income tax, Texas prioritizes job creation, providing social and income equality. Therefore, it imposes fewer regulations on local companies, which ends up facilitating and cheapening operations in the region.

Besides all these advantages, the state promises to be fun and politically progressive, with a large academic center, and prestigious universities spread throughout its territory. Therefore, companies moving to the region can rely on a highly skilled and diverse workforce.

• What are the segments that play a critical role in Texas economy (besides technology) and how they relate to cybersecurity?

Texas’ economy plays a major role in the U.S. economy. The state used to have an economy focused on agriculture, more precisely on cotton crops and livestock, but its economy has diversified. Today, oil and aerospace industries also play a major role.

Besides the technology industry field, Texas is also home to one of the largest natural energy reserves in the United States and to organizations such as NASA and SpaceX, which drive the aerospace market. One of the consequences of this phenomenon is that the region has become one of the richest in the country, offering life quality at a low cost, which ends up attracting the attention not only from people and companies but also from hacckers that aims to attack their critical infrastructures.

Critical infrastructure is related to the assets, systems, facilities, networks, and all other elements that maintain the national security, economic vitality, and public health of a region. There are numerous sectors considered critical that have some type of dependence on technology for their operation, management, or automation. 

It is also quite important to keep critical infrastructures secure. The sectors focused on the economy of a region are also classified as critical infrastructures. Which is why there is a need to invest in cybersecurity, as well as to develop laws and regulations that help protect data and services.

• Are there any data protection acts in Texas?

Unlike other countries, the United States does not have a General Data Protection Law in a the federal level. But there are recent regulations, more localized ones, which deal with specific areas, regulating the use of certain types of data or some industries, such as health, finance, and telecommunications.

The laws at the state level are intended to cover points that federal laws do not. In this way, each state has the freedom to enact its own rules regarding data and information protection.

With this information, here we will present a brief overview of data and information protection laws in the state of Texas.

1 – Texas Privacy Act (2019):

The Texas Privacy Act made some changes to previous data breach notification laws, which include the following:

• Companies must provide notice of data breaches that affected individuals within 60 days from the event.
• Companies experiencing a data breach that affects 250 or more people must notify the Texas Attorney General’s office.
• The Privacy Protection Advisory Council was created to advise on possible changes to existing privacy laws.

2 – Texas Cybercrime Act:

The cybercrime law has created new criminal offenses for denial-of-service (DoS) attacks, ransomware facilities, and intentional data alteration.

3 – Student Privacy Act:

This act forbids the sale of student personal data, creating ads for students based on data shared by educational institutions or suppliers, and broadly forbids the disclosure of student data.

4 – Medical Privacy Act:

This act provides privacy protection complementary to the requirements of the Health Insurance Portability and Accountability Act (HIPAA). It requires employee training, providing electronic health records at the patient’s request, notification of a breach, and patient authorization for disclosure of health-related information.

5 – Biometric Privacy Law:

The Biometric Privacy Law forbids the capture, sale, or scanning of iris, fingerprint, or facial geometry without the consent of the person. 

6 – Identity Theft Law:

It forbids to identity theft, that is, the use of a person’s identifying information to obtain goods, services, and personal credit. The Identity Theft Law also requires companies to adopt procedures to protect customer data from illegal uses.

The laws presented are always undergoing modifications to maintain the privacy and security of information and personal data, as well as services and companies present within the territory.