New proposed rule seeks to limit US data transfers to adversarial nations

New rules preventing access to Americans’ sensitive personal data — including Social Security numbers, biometric identifiers, human genomic data, and financial details — to adversarial nations China, Russia, North Korea, Iran, Cuba, and Venezuela have been proposed by the U.S. Department of Justice as it moves to implement an executive order issued by President Joe Biden in February, reports CyberScoop.

Despite its exemptions for telecommunications firms, clinical trial data for drug or medical device research or marketing approval in countries of concern, and clinical trial data for Food and Drug Administration applications, other organizations would be barred from conducting direct sales of personal information to entities that are at least 50% owned by or located in a country of concern, contractors’ foreign employees, and foreign individuals in a country of concern, as well as be mandated to disclose third-party involvement in data sale. “Under the proposed rule, U.S. persons transacting in these kinds of data will need to establish a compliance program based on the individual risk profile of their activities. They will need to understand the kinds and volumes of data they transact, who they are doing business with and how that data is being used, and the safeguards they use to control access to that data,” said a senior Justice Department official.