On January 8, 2025, the U.S. Department of Justice (DOJ) issued its final rule (28 C.F.R. Part 202) implementing former President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The guide outlines the requirements of a newly implemented Data Security Program (DSP) designed to prevent China, Russia and other foreign adversaries designated by the DOJ from accessing American’s sensitive personal data and U.S. government-related data.
In “DOJ Releases Its Data Security Program Compliance Guide,” colleagues Jeewon K. Serrato, Tony Phillips, Shruti Bhutani Arora, Sahar J. Hafeez, Christine Mastromonaco, Leighton Watson and Sheetal Misra discuss the key components of the DSP and offer thoughts about compliance.