The Department of Justice has proposed a rule to launch a program designed to address national security risks associated with attempts by countries of concern to obtain and exploit U.S. citizens’ personal information.
The DOJ said Monday that the proposed rule includes categorical rules for specific types of data transactions that could release sensitive government data or bulk U.S. personal data to these nations or covered persons.
The proposed rule is part of the department’s efforts to implement a February executive order on the matter and identifies classes of restricted and prohibited transactions.
According to the fact sheet, vendor, employment and non-passive investment agreements are the three categories of restricted transactions. Data brokerage and coverage data transactions regarding bulk human genomic data or biospecimens are the two types of prohibited transactions.
The proposed rule also lists classes of exempt transactions, covered persons and countries of concern to which it applies, sets processes for licensing and advisory opinions, explains DOJ’s approach to setting bulk thresholds and addresses reporting, recordkeeping and additional due diligence obligations for covered transactions.
The DOJ’s National Security Division is soliciting public feedback on the proposed rule within 30 days of publication in the Federal Register.