Rob Hartwell, David Bonelli, Kelly DeMarchis Bastide, Matthew Stern, and Ian Williams published, “Department of Justice’s Proposed Rule to Protect Bulk Sensitive Personal Data: What Companies Need to Know” in the February 2025 issue of the Privacy & Cybersecurity Law Report. The following is an excerpt:
Early last year, the Biden administration issued Executive Order (EO) 14117, which instructed the Department of Justice (DOJ) to create a framework that would prohibit certain data transactions. Specifically, the EO looked to prohibit transactions that provide access to personal data about Americans or certain government data to entities in specific countries of concern, and it would restrict other transaction types with entities in those countries. DOJ released an Advance Notice of Proposed Rulemaking (ANPRM) in March to request information about how it could create this framework.