U.S. Strengthens Data Control Amid National Security Concerns
The United States government has imposed restrictions on the transfer of genomic data to China and limited bulk transfers of various sensitive information to certain designated “countries of concern.”
The Biden administration rolled out the executive order on Wednesday in a move aimed at safeguarding American personal data amidst mounting national security apprehensions.
According to reports initially disclosed by Reuters, the executive order targets genomic data transfers to China, effectively barring such exchanges.
The directive further aims to curb the bulk transfer of Americans’ geolocation, biometric, health, and financial data to countries including Russia, Iran, North Korea, Cuba, and Venezuela.
Genomic data
The order singles out Chinese gene companies like BGI, prohibiting any volume of genomic data transfer to the aforementioned countries.
Peter Harrell, a former National Security Council official, emphasized the gravity of genomic information as “extremely high-risk data,” underscoring the necessity to prevent its processing in China.
“This is the White House’s way of tackling a set of very specific China and Russia focused security threats, including the threat posed by genomics companies like BGI,” Harrell said.
While BGI refrained from immediate comments following the announcement, Washington’s concerns over data security vis-à-vis China have been longstanding, intertwined with broader trade and technology disputes.
The U.S. Congress is deliberating legislation aimed at barring federal agencies from engaging with China’s BGI Group and Wuxi APPTEC, with the goal of preventing China’s access to American genetic and health data.
BGI Group, however, has asserted its support for personal data protection while cautioning against legislation that could potentially force its exit from the U.S. market.
The company stated that it does not collect patient samples or possess access to personal or genetic data within the U.S.
Also Read: AU-EU, others to drive data protection awareness with training
Reports reveal BGI’s global sales of prenatal tests developed in collaboration with China’s military, raising concerns over the collection of genetic data from millions of women for extensive research purposes.
Bulk data transfers
In addition to genomic data, other forms of data transfers to China have also drawn scrutiny from Washington. Notably, a 2018 decision by a U.S. panel thwarted China’s Ant Financial’s bid to acquire MoneyGram International, citing data safety concerns.
Highlighting the broader implications of data transfers, senior administration officials underscored the legal acquisition of sensitive American personal data by China and Russia through data brokers, enabling activities ranging from cyber-enabled attacks to espionage.
“China and Russia are buying American sensitive personal data from data brokers” and leveraging it “to engage in a variety of nefarious activities including malicious cyber-enabled activities, espionage and blackmail,” senior administration officials told reporters on Tuesday evening.
Balancing Security and Economic Interests
Acknowledging the prevalence of data collection by companies, the White House exempted certain types of data, including corporate payroll and compliance information, from the order to alleviate concerns about economic ramifications.
Moreover, the order permits specific transactions such as cloud services, employment, and investment agreements, subject to stringent security prerequisites like encryption and anonymization.
The Department of Justice is tasked with soliciting industry feedback before finalizing proposals, ensuring ample opportunity for stakeholder input.
In response to the executive order, the U.S. Consumer Financial Protection Bureau announced its intention to formulate rules in 2024 aimed at curtailing the international sale of Americans’ data by data brokers.
Citing research highlighting the vulnerability of personal data, particularly that of military personnel and veterans, the agency emphasized the imperative of safeguarding such information from exploitation by hostile entities.
Comments are closed.