Jeffrey Neuburger, Meredith Lipson, and Jiyoon Kim of Proskauer write:
On December 27, 2024, the Department of Justice (the “DOJ”) issued its final rule (the “Rule”) carrying out Executive Order 14117 “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The Rule is designed to prevent access to certain categories of U.S. data by China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela (collectively, “Countries of Concern”), as well as foreign entities or individuals with significant ties to these nations (“Covered Persons”) and will take effect on April 8, 2025.
Scope
The Rule applies to U.S. government-related data and the following categories of U.S. sensitive personal data, each as defined in the Rule (collectively, “Covered Data”):
- Precise geolocation data
- Biometric identifiers
- Human genomic data
- Personal health data
- Personal financial data
- Personal identifiers
Read more at Proskauer.