WeVote

Bill

Bill

SB 1339

Consumer Protection - As introduced, changes, from 45 to 50 days from receipt of a request, the time that a controller has to inform a consumer of the controller's decision to decline to take action regarding the consumer's authenticated request under the Tennessee Information Protection Act. - Amends TCA Title 4; Title 5; Title 6; Title 7; Title 8; Title 10; Title 29; Title 39; Title 47 and Title 48.

114th Regular Session (2025-2026) Introduced by Jeff Yarbro

Extends the deadline for notifying consumers of a declined action on authenticated TIPA requests from 45 to 50 days.

Assigned to General Subcommittee of Senate Commerce and Labor Committee
0
WeVote Research Nonpartisan
Bill Summary · SB 1339

Summary of Bill: SB 1339 (Session 114) – Consumer Protection

Purpose

SB 1339 amends Tennessee law to adjust the timeframe within which a data controller must inform a consumer of the controller’s decision to decline to take action regarding an authenticated consumer request under the Tennessee Information Protection Act (TIPA). Specifically, it extends the notice period from 45 days to 50 days. The bill makes this change without altering existing substantive requirements of TIPA or related privacy provisions.

Key Provisions

  • Section Amended: Tennessee Code Annotated § 47-18-3304(b)(2)
  • Change in Deadline: The deadline for a controller to inform a consumer of a decision to decline to take action on an authenticated request under TIPA is moved from 45 days to 50 days.
  • Effective Date: July 1, 2025 (the measure takes effect on this date, with the public welfare requiring it).

Impacted Parties

  • Data Controllers: Entities subject to the Tennessee Information Protection Act who receive authenticated consumer requests and must respond with a decision on action or no action.
  • Consumers: Individuals whose authenticated requests under TIPA may be declined; they gain an additional five days to receive notice of the controller’s decision.
  • State and Local Government Operations: Fiscal note indicates no significant impact; changes are procedural and do not alter substantive duties or regulatory requirements beyond the extended response window.

Procedural and Timeline Details

  • Current Law (Pre-Change): Controllers must respond within 45 days of receipt of an authenticated request.
  • New Law (Post-Change): Controllers must respond within 50 days.
  • Effective Date: July 1, 2025.
  • Legislative History: Introduced in 2025, sponsored by Sen. Yarbro (with House sponsor Rep. Parkinson). Bill proceeding through Senate Commerce and Labor Committee as of the latest action notes.

Fiscal Impact

  • Estimated Cost/Impact: Not significant. Fiscal notes indicate no meaningful fiscal burden on state or local government operations resulting from this change.

Summary Assessment

SB 1339 is a targeted, non-substantive change to the processing timeline under TIPA. By extending the response window for declined actions from 45 to 50 days, it provides controllers a longer period to finalize and communicate decisions on authenticated consumer requests, with minimal or no expected impact on operations, budgets, or regulatory structure beyond this procedural adjustment.

If you’d like, I can add a plain-language example of how the timeline would work under current law versus the amended timeline, or compare this to similar privacy statutes in other states.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.