Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

House Passes Bill Barring Sale of Personal Information to Foreign Adversaries

H.R. 7520 prohibits data brokers from selling Americans’ data to foreign adversary countries or entities controlled by them.

Cybersecurity bill

The US House of Representatives has passed new legislation prohibiting data brokers from selling Americans’ personal information to foreign adversary countries or entities under their control.

The bipartisan bill, H.R. 7520 (PDF), known as the Protecting Americans’ Data from Foreign Adversaries Act of 2024, was introduced on March 5 and passed by a vote of 414 – 0. Previously, the bill passed out of the Energy and Commerce Committee with a vote of 50-0.

The legislation makes it unlawful for data brokers “to sell, license, rent, trade, transfer, release, disclose, provide access to, or otherwise make available personally identifiable sensitive data of a United States individual” to adversaries.

H.R. 7520 empowers the Federal Trade Commission (FTC) to enforce the legislation and clarifies that any foreign person residing, headquartered, or organized under the laws of a foreign adversary country is considered ‘controlled by a foreign adversary’.

Furthermore, if such a person has at least a 20% stake in an entity, that entity is considered ‘controlled by a foreign adversary’. Any person directly controlled by a person or entity described above falls into the same category.

The legislation covers personally identifiable information and sensitive information (such as Social Security numbers, driver’s license numbers, and passport numbers), along with geolocation, protected health, financial, and biometric information, private communications, user login data, calendar information, call and text logs and other information typically stored on a person’s device, and more.

Advertisement. Scroll to continue reading.

“Today’s overwhelming vote sends a clear message that we will not allow our adversaries to undermine American national security and individual privacy by purchasing people’s personally identifiable sensitive information from data brokers. H.R. 7520 is another key step towards strengthening data protections and safeguarding our nation from foreign adversaries,” House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) and Ranking Member Frank Pallone, Jr., (D-NJ) said in a joint statement.

The legislation passed roughly three weeks after US President Joe Biden issued an Executive Order preventing the mass transfer of sensitive data to countries of concern, which could use it to collect information on activists, academics, dissidents, journalists, non-governmental organizations, and political figures.

Related: White House Issues Executive Order on International Data Protection

Related: India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation

Related: Bill That Could Ban TikTok Passed in the House. Here’s What to Know

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.