Texas Governor Signs 2 AI Bills, Including Scaled-Back TRAIGA
Texas Gov. Greg Abbott (R) has signed two AI bills, including the much-watched Texas Responsible AI Governance Act (TRAIGA).
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Abbott signed TRAIGA (HB-149) on Sunday, and it's set to take effect Jan. 1, with enforcement exclusively from the Texas attorney general. On Friday, Abbott signed SB-1964 covering government use of AI, which goes into effect Sept. 1.
TRAIGA was scaled back from an earlier, more regulatory version that received criticism from U.S. Sen. Ted Cruz, R-Texas (see 2504240017 and 2504070074). In a blog post earlier this month, Fisher Phillips lawyers described the passed version of TRAIGA as “a state law that could soon establish guardrails on AI use but without adding significant new burdens for employers.”
Among other things, TRAIGA makes it “against the law to develop or deploy AI systems with the intent to unlawfully discriminate against protected classes under state law,” noted the attorneys. “While this seems like a step toward regulation, existing state law already prohibits intentional discrimination. The law simply clarifies that AI cannot be used to carry out purposeful discrimination, which was effectively already the case.” Additionally, it wouldn’t be considered a violation if the discrimination was unintentional.
Meanwhile, the law’s biometric guardrails include big loopholes, said the Fisher Phillips attorneys. For example, if “a business uses biometric data only to train an AI system -- not to identify individuals -- it’s exempt from the restrictions,” they wrote. Meanwhile, “financial institutions and their affiliates are largely off the hook for voiceprint data collection,” and “AI used for security, fraud prevention, or complying with legal obligations also gets a free pass.”
TRAIGA “isn’t a Colorado AI Act copycat; the differences are so stark it seems unfair to say the split parallels how Virginia and Colorado/Connecticut adopted competing privacy frameworks in 2021,” Shook Hardy privacy attorney Josh Hansen blogged this month. “Texas diverged from the Colorado model by creating an AI sandbox with limited safe harbors for testing AI, providing fewer (and much narrower) obligations or restrictions for companies, adding conditions on government uses of AI, and setting a relatively quick effective date."
“Rather than tracking Colorado’s focus on the use of AI in consequential decisions, Texas focuses on specific harms and ties violations to intentional actions,” added Hansen. “This narrower approach also ditches many of the obligations that Colorado adopted -- such as imposing a duty of care, requiring various notices, and mandating impact assessments.”
However, Hansen noted that Abbott’s signing of AI legislation “could become moot” if Congress passes a reconciliation bill with a 10-year moratorium on enforcing state AI regulation (see 2506230050).
SB-1964 requires the Texas Department of Information Resources to write an AI “system code of ethics for state agency use and establish regulations and programs related to the use of AI systems by state agencies,” a bill digest said.
Rep. Giovanni Capriglione (R), who authored both pieces of legislation, applauded the bill signings Monday on LinkedIn. "Proud that Texas is setting the pace for responsible, pro-innovation tech policy."