How President Biden’s Executive Order Aims to Protect Your Personal Data from Countries of Concern
On February 28, 2024, President Biden announced he was signing an Executive Order intended to protect Americans’ sensitive personal data. The Executive Order focuses on large-scale transfers of (i) genomic data, (ii) biometric data, (iii) personal health data, (iv) geolocation data, (v) financial data, and (vi) other certain kinds of personally identifiable information. The announcement highlights growing privacy and national security concerns associated with the collection and sale of sensitive data of Americans.
President Biden directed a number of federal agencies to take action. For example, the Department of Justice will issue regulations that establish (i) “clear protections for Americans’ sensitive personal data from access and exploitation by countries of concern” and (ii) greater protection of sensitive government-related data, such as geolocation information on sensitive government sites and about members of the U.S. military. (The Department of Justice subsequently issued an Advanced Notice of Proposed Rulemaking intended to address these issues.)
In addition, the Departments of Homeland Security and Justice are to work together to develop security standards to prevent countries of concern from accessing Americans’ data through investment, employment relationships, or other commercial relationships. The Departments of Health and Human Services, Defense, and Veterans Affairs will work to ensure countries of concern do not use Federal contracts and awards to gain access to Americans’ sensitive health data. In addition, the Executive Order encourages the Consumer Financial Protection Bureau to give Americans greater protection from data brokers that illegally assemble and sell extremely sensitive data.