What Is TRAIGA?

The Texas Responsible Artificial Intelligence Governance Act (TRAIGA) took effect January 1, 2026, setting compliance expectations for the use of artificial intelligence (AI). TRAIGA establishes a statewide framework to ensure AI systems are used ethically, transparently, and safely. It applies broadly to any individual or entity using AI in Texas.

What Is the Scope of TRAIGA?

AI systems under the scope of TRAIGA include any machine system that infers from inputs to generate outputs (content, decisions, predictions, recommendations) that can influence physical or virtual environments (Tex. Bus. & Com. Code § 551.001(1)). Developers and deployers of those AI systems are under TRAIGA’s scope, whether they do business in Texas or have AI systems used by Texans (§ 551.002). Most law firms will be “deployers” of AI if they use tools such as generative drafting, intake chatbots, e‑discovery analytics, research copilots, or marketing automations.

TRAIGA creates a series of duties and prohibitions related to the use of AI systems, including prohibitions against intentionally using AI to incite self-harm, harm to others, or crime (§ 552.052); using AI with the sole intent of impairing constitutional rights (§ 552.055); or using AI to unlawfully discriminate against protected classes (§ 552.056).

What Do I Need to Do?

1) Know What You’re Using

• Inventory every AI-powered tool and feature in your practice. Think drafting, research, e-discovery/TAR, transcription, translation, chatbots, analytics, etc.
• Ask vendors for documentation on how their systems work and what data they use.
• For each system, note the purpose, matter type, data inputs/outputs, and business owner.

2) Identify Sensitive Data Flows

• Spot uses involving confidential client information or personal data such as health, financial, or biometric information.

3) Review for Bias, Fairness, and Security

• Ensure no tools or features could (a) infringe on protected class rights, (b) encourage harm or crime, or (c) develop or distribute explicit content or deepfakes.
• Engage with vendors about their cybersecurity and data privacy practices and how inputs/outputs may produce bias.

4) Disclose AI Use to Clients

• While TRAIGA mandates disclosure for only governmental and healthcare entities, transparency is the best practice for all attorneys. See example engagement letter language and client communication guidelines in the AI Toolkit.

5) Stay Informed

• The Texas Artificial Intelligence Advisory Council may conduct training programs and issue future reports on the ethical, security, and liability concerns surrounding AI systems in the state.

Who Enforces TRAIGA?

TRAIGA is enforced exclusively by the Texas attorney general, who will investigate potential violations (§§ 552.101–.106). An online reporting mechanism will be established to allow individuals to submit concerns about improper AI use. If the AG determines that a violation has occurred, a notice to cure will be sent. Failure to cure may result in civil penalties. Note that there is no private right of action under TRAIGA.

When Am I Protected Under TRAIGA?

You are not liable under TRAIGA if a third party misuses AI in a way that violates the Act or you identify a potential issue through your own testing and take corrective action (§ 552.105). Similarly, you are protected if you follow applicable guidance from a state agency or if you substantially comply with the NIST AI Risk Management Framework or a similarly recognized standard.

TRAIGA and these safe harbors are designed to encourage responsible use and proactive oversight, not perfection.