The Department of Justice has issued a final rule to implement Executive Order 14117 aimed at preventing countries of concern such as Russia, China and Iran from accessing and exploiting bulk sensitive personal and U.S. government-related data.
DOJ said Friday it will establish a regulatory program intended to tackle potential national security threats resulting from the malicious use of data by said countries and covered persons. The final rule will be implemented 90 days after its publication date while affirmative due diligence, reporting and auditing requirements will start 270 days after publication.
Protecting America’s Sensitive Data
The EO mandates the implementation of regulations for specific categories of data transactions that may jeopardize national security. This is to prevent countries of concern and covered persons from using accessed data for harmful cyber activities and facilitating malign foreign influence operations.
The final rule is also meant to block access to information on U.S. citizens, including activists, academics, journalists, government employees, military personnel and intelligence community members. These data can be used for intimidation and other ways of suppressing civil liberties. Furthermore, the data can be used to develop artificial intelligence capabilities that endanger national security and enhance adversaries’ military capabilities.
Matthew Olsen, assistant attorney general of the Justice Department’s National Security division, stated, “This powerful new national-security program is designed to ensure that Americans’ personal data is no longer permitted to be sold to hostile foreign powers, whether through outright purchase or other means of commercial access.”