Biden's New Approach to US Personal Data Transfers

The Biden Administration issued an executive order authorizing the Department of Justice (DOJ) and other federal agencies to take steps to prevent “the large-scale transfer of Americans’ personal data to countries of concern.” It represents an effort by the administration to put more safeguards on the data broker industry and limit the ability of US adversaries to purchase granular data on American citizens.

The Biden Administration has enacted an executive order empowering the Department of Justice (DOJ) and additional federal bodies to act against the significant movement of personal data of Americans to nations deemed as threats. This move aims to bolster the protections around the data brokerage industry and curb the potential for adversaries of the U.S. to acquire detailed information about American individuals.

Furthermore, the order mandates the following actions:

  • It directs the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (Committee) to continually manage the national security and law enforcement dangers posed by the access of 'countries of concern' to extensive sensitive personal data as outlined in this directive. This applies to any new or existing application or license the Committee reviews concerning submarine cable systems' landing or operation.
  • It calls upon the Secretary of Defense, the Secretary of Health and Human Services, the Secretary of Veterans Affairs, and the Director of the National Science Foundation to explore actions, including the enactment of regulations, guidance, or directives. These actions aim to block assistance that grants 'countries of concern' or specified entities access to the bulk sensitive personal data of U.S. citizens, particularly data related to personal health and human genomic information.
  • It instructs the Director of the Consumer Financial Protection Bureau (CFPB) to assess steps, in line with the CFPB's legal powers, to counter this threat dimension and to strengthen adherence to Federal consumer protection laws.
  • It requires the Attorney General, the Secretary of Homeland Security, and the Director of National Intelligence, in collaboration with leaders of pertinent agencies, to "recommend measures to identify, evaluate, and counteract national security threats stemming from past transfers of bulk sensitive personal data of U.S. individuals to countries of concern.

Read more

Seamus Larroque

CDPO / CPIM / ISO 27005 Certified


Discover our latest articles

View All Blog Posts
April 23, 2024
No items found.

iliomad is deligthed to have supported the ICM - Institut du Cancer de Montpellier in their CNIL's authorization process

We are delighted to share that the ICM - Institut du Cancer de Montpellier was authorized by the French Data Protection Authority (CNIL) to conduct APAD-ECO study. The CNIL granted authorization to conduct a medico-economic study on the effects of physical activity in women treated for breast cancer on April, 19th. This groundbreaking study involves combining data from two clinical trials with that of the Caisse nationale de l’Assurance Maladie, covering the period from 2009 to 2022. The study aims to assess the long-term impacts of physical activity in patients who have undergone treatment for breast cancer. We are proud to have contributed to this project by providing the ICM - Institut du Cancer de Montpellier with a compliant Data Protection Impact Assessment (DPIA), a crucial step in obtaining CNIL approval.