In support of the Biden Administration’s effort to protect Americans’ sensitive personal data, the Department of Justice (DOJ) has issued a Notice of Proposed Rulemaking (NPRM) outlining a new national security regulatory program that would prohibit or restrict U.S. persons from engaging in certain categories of data transactions with countries of concern and covered persons. The DOJ welcomes public comment on the NPRM within 30 days of its publication in the Federal Register.

The DOJ rule proposes several categories of potentially restricted data transactions including (i) human Genomic and other human ‘omic Data, (ii) biometric identifiers, (iii) precise geolocation data, (iv) personal health data, (v) personal financial data, (vi) covered personal identifiers, and (vii) government-related data. The DOJ is specifically seeking input on classes of prohibited, restricted, and exempt transactions, thresholds for triggering the proposed rule’s prohibitions, proposed exemption for regulatory approvals and related questions, and other specifics important for effective implementation. 

Questions on the NPRM may be sent to the United States Department of Justice or submitted through https://www.regulations.gov, Docket No. NSD 104.

If you are not yet a subscriber to this listserv, please sign up here.   Also, you can follow us on X: @NIH_OSP