Texas AI Law

When people say that the EU AI regulatory landscape is complex, I often suggest they take a closer look at AI regulation in the United States.

✅ Yes — EU laws and acts are often long, detailed, and over 100 pages.

But at least they aim for harmonization across all member states.

✅ In the U.S., AI regulation is emerging through a combination of federal initiatives and individual state laws — and this creates a very different type of compliance challenge.

A good example of this trend is Texas House Bill 149, known as the Texas Responsible Artificial Intelligence Governance Act, effective January 1, 2026.

Obraz autorstwa Allexxandar na Freepik

The Texas law establishes a state-level AI governance framework focused on:

➡️ consumer protection,

➡️ transparency,

➡️ civil rights,

➡️ and responsible AI development — while still encouraging innovation.

It applies to organizations that:

➡️ conduct business in Texas,

➡️ provide products or services used by Texas residents,

➡️ or develop or deploy AI systems in the state.

This makes the law relevant not only to Texas-based companies, but also to out-of-state and international organizations operating in the Texas market.

Mandatory Disclosure

Organizations must clearly inform consumers when they are interacting with an AI system — even if it would be “obvious” to a reasonable person.

The disclosure must:

➡️ be clear and conspicuous,

➡️ use plain language,

➡️ avoid dark patterns.

Prohibitions

The law explicitly prohibits AI systems that:

➡️ manipulate human behavior toward self-harm, violence, or criminal activity,

➡️ perform social scoring by government entities,

➡️ intentionally violate constitutional rights,

➡️ intentionally discriminate against protected classes.

Biometric

Texas places strict limitations on:

➡️ AI-based biometric identification,

➡️ scraping biometric data from public sources,

➡️ using biometric data without consent.

Enforcement

Enforcement authority rests primarily with the Texas Attorney General.

Key enforcement features include:

➡️ no private right of action,

➡️ a 60-day cure period for violations,

➡️ civil penalties ranging from:

➡️ USD 10,000–12,000 for curable violations,

➡️ up to USD 200,000 for incurable violations,

➡️ plus daily penalties for continued noncompliance.

Regulatory Sandbox

Texas also introduces an AI regulatory sandbox, allowing organizations to:

➡️ test innovative AI systems,

➡️ operate with temporary regulatory relief,

➡️ under government oversight and reporting obligations.

Unlike the EU’s single AI Act, U.S. organizations must:

➡️ monitor federal initiatives,

➡️ track state-level AI laws,

➡️ assess applicability state by state,

➡️ and align controls across multiple jurisdictions.

U.S. laws may be easier to read and often more pragmatic, but the quantity and diversity of requirements create a different class of compliance risk.

Link

Author: Sebastian Burgemejster