On December 30, 2024, the US Department of Justice (“DOJ”) issued a Final Rule intended to prevent certain countries from exploiting specific categories of sensitive personal data and government data. The Final Rule will become effective on April 8, 2025 without any further executive or regulatory action needed from the new Trump Administration. The Final Rule represents a novel approach to the national security concerns related to sensitive personal and government data that mixes elements…
In this uncertain time, some global companies are announcing that they are “leaving Russia.” What does it mean to “leave Russia,” and what are the data privacy implications of doing so? Setting aside the broader business, political, and other legal considerations, the following are some initial thoughts on these challenging and rapidly developing data privacy issues. What does it mean for a global company to “leave Russia”? The specifics of the answer to this question…
On January 19, 2021, the Trump administration issued Executive Order 13984 (“EO 13984”), “Taking Additional Steps To Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities” which amends and expands Executive Order 13694 of April 1, 2015, to detect and deter the use of US infrastructure as a service (“IaaS”) products by foreign malicious cyber actors. Specifically, EO 13984 directs the US Department of Commerce (“Commerce”) to (i) issue regulations to detect and…