On February 28, 2024, President Joe Biden issued an Executive Order titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and US Government-Related Data by Countries of Concern” (EO). This order seeks to restrict the sale of sensitive American data to China, Russia, Iran, North Korea, Venezuela and Cuba (Countries of Concern) to prevent those countries from accessing personally identifiable information for purposes of blackmail, surveillance, and the misuse of artificial intelligence (AI) to target Americans.
On the same day, the US Department of Justice (DOJ) announced that it will be implementing a “Groundbreaking Executive Order Addressing National Security Risks and Data Security” in response to and as directed by the EO. Shortly after, DOJ’s National Security Division (NSD) issued an Advanced Notice of Proposed Rulemaking (ANPRM) outlining how that implementation may take shape.
DOJ’s announcement is consistent with other steps that they have taken to broadcast that they are focused on the safety of American citizens’ sensitive personal data which faces “unusual and extraordinary” threats by malign states particularly given the power of AI.
Read more about how the EO is a significant enforcement tool.