Joe Biden

U.S. President Joe Biden has signed an executive order that aims to ban the bulk sale and transfer of Americans' private data to "countries of concern" such as China, Russia, Iran, North Korea, Cuba, and Venezuela.

"Our adversaries are exploiting Americans' sensitive personal data to threaten our national security. They are purchasing this data to use to blackmail and surveil individuals, target those they view as dissidents here in the United States, and engage in other malicious activities," said Attorney General Merrick B. Garland.

"This Executive Order gives the Justice Department the authority to block countries that pose a threat to our national security from harvesting Americans' most sensitive personal data—including human genomic data, biometric and personal identifiers, and personal health and financial data."

The presidential directive requires the U.S. Department of Justice to create, execute, and oversee a novel national security initiative to mitigate this threat. Additionally, it calls for new regulations to bar or otherwise limit specific types of data transactions deemed to pose an unacceptable national security risk.

It also focuses on Americans' most sensitive information, including their genomic, biometric, personal health, geolocation, and financial data, as well as certain kinds of personally identifiable information.

Threat actors can use this type of data for intrusive surveillance, scams, blackmail, and other privacy violations. Commercial data brokers who collect it can also sell it to the highest bidder, including countries of concern, their foreign intelligence services and militaries, or companies they control.

"The sale of Americans' data raises significant privacy, counterintelligence, blackmail risks and other national security risks—especially for those in the military or national security community," a White House fact sheet warns.

"Countries of concern can also access Americans' sensitive personal data to collect information on activists, academics, journalists, dissidents, political figures, and members of non-governmental organizations and marginalized communities to intimidate opponents of countries of concern, curb dissent, and limit Americans' freedom of expression and other civil liberties."

Since the start of the year, the U.S. Federal Trade Commission (FTC) has also banned two data brokers (data broker Outlogic/formerly X-Mode Social and InMarket Media) from selling Americans' precise location data that could be used for tracking purposes.

The actions were in response to data brokers regularly exposing individuals' location data and revealing much more sensitive information, such as religious affiliations and medical visits.

FTC's orders followed an August 2022 Biden executive order to safeguard access to reproductive health care services and protect patients' privacy. The directive was issued after an anti-abortion group used mobile location data to target visitors of some Planned Parenthood clinics with ads.

Related Articles:

Biden bans Kaspersky antivirus software in US over security concerns

US govt sanctions cybercrime gang behind massive 911 S5 botnet

US woman allegedly aided North Korean IT workers infiltrate 300 firms

TeamViewer links corporate cyberattack to Russian state hackers

U.S. indicts Russian GRU hacker, offers $10 million reward