On April 8, 2024, the U.S. Department of Justice (“DOJ”) issued the Data Security Rule (the “Rule”), under its Data Security Program (“DSP”). Authorized by Executive Order 14117, the Rule addresses national security risks from the “weaponization” of sensitive U.S. personal and government-related data. It restricts cross-border data transfers, including intracompany transactions, with “countries of concern” (China, including Hong Kong and Macau, Cuba, Iran, North Korea, Russia, and Venezuela). Because noncompliance can expose clients to significant penalties, Legalink members advising clients in IP, IT, and data protection must understand the Rule’s requirements.
Author:
Tom Langan, Partner
Email: tlangan@ddlawgroup.com