81R7297 DAK-D
By: Davis of Dallas H.B. No. 3539
A BILL TO BE ENTITLED
AN ACT
relating to prohibiting the use of opt-out notices by businesses to
obtain the consent of consumers to transfer or share their personal
identifying information.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Subtitle C, Title 5, Business & Commerce Code, is
amended by adding Chapter 106 to read as follows:
CHAPTER 106. CONSENT FOR USE OF CONSUMER'S
IDENTIFYING INFORMATION
Sec. 106.001. DEFINITIONS. In this chapter:
(1) "Consumer" means an individual who seeks to
acquire or acquires goods or services for personal, family, or
household purposes.
(2) "Financial institution" has the meaning assigned
by Section 201.101, Finance Code.
(3) "Personal identifying information" means
information that alone or in conjunction with other information
identifies an individual, including an individual's:
(A) name, social security number, date of birth,
or government-issued identification number;
(B) mother's maiden name;
(C) unique biometric data, including the
individual's fingerprint, voiceprint, and retina or iris image;
(D) unique electronic identification number,
address, or routing code; and
(E) telecommunication access device.
(4) "Telecommunication access device" has the meaning
assigned by Section 32.51, Penal Code.
Sec. 106.002. CONSENT REQUIRED FOR PERSONAL IDENTIFYING
INFORMATION. A person engaged in business in this state, other than
a financial institution, may not share or sell or otherwise
transfer the personal identifying information of a consumer without
the consumer's consent.
Sec. 106.003. CONSENT NOT BASED SOLELY ON FAILURE TO
RESPOND TO OPT-OUT NOTICE. Consent under Section 106.002 may not be
based solely on the consumer's failure to respond to an opt-out
notice or other notification sent by the person seeking consent
that requires a positive response on the part of the consumer to
deny consent.
Sec. 106.004. EXCEPTION. This chapter does not apply to
personal identifying information shared or transferred in
compliance with:
(1) procedures established under federal or state law;
or
(2) a court order, including a subpoena.
Sec. 106.005. AGREEMENT NOT ENFORCEABLE. A contract or
other agreement based on the consent of a consumer that is obtained
in a manner that violates this chapter is void and unenforceable.
SECTION 2. Subtitle Z, Title 3, Finance Code, is amended by
adding Chapter 279 to read as follows:
CHAPTER 279. CONSENT FOR USE OF CONSUMER'S
IDENTIFYING INFORMATION
Sec. 279.001. DEFINITIONS. In this chapter:
(1) "Consumer" means an individual who seeks to
acquire or acquires goods or services for personal, family, or
household purposes.
(2) "Financial institution" has the meaning assigned
by Section 201.101.
(3) "Personal identifying information" means
information that alone or in conjunction with other information
identifies an individual, including an individual's:
(A) name, social security number, date of birth,
or government-issued identification number;
(B) mother's maiden name;
(C) unique biometric data, including the
individual's fingerprint, voiceprint, and retina or iris image;
(D) unique electronic identification number,
address, or routing code; and
(E) telecommunication access device.
(4) "Telecommunication access device" has the meaning
assigned by Section 32.51, Penal Code.
Sec. 279.002. CONSENT REQUIRED FOR PERSONAL IDENTIFYING
INFORMATION. A financial institution may not share or sell or
otherwise transfer the personal identifying information of a
consumer without the consumer's consent.
Sec. 279.003. CONSENT NOT BASED SOLELY ON FAILURE TO
RESPOND TO OPT-OUT NOTICE. Consent under Section 279.002 may not be
based solely on the consumer's failure to respond to an opt-out
notice or other notification sent by the financial institution
seeking consent that requires a positive response on the part of the
consumer to deny consent.
Sec. 279.004. EXCEPTION. This chapter does not apply to
personal identifying information shared or transferred in
compliance with:
(1) procedures established under federal or state law;
or
(2) a court order, including a subpoena.
Sec. 279.005. AGREEMENT NOT ENFORCEABLE. A contract or
other agreement based on the consent of a consumer that is obtained
in a manner that violates this chapter is void and unenforceable.
SECTION 3. This Act takes effect September 1, 2009.