Protecting Americans' Data from Foreign Adversaries Act of 2024
This bill makes it unlawful for a data broker to sell, license, rent, trade, transfer, release, disclose, or otherwise make available specified sensitive data of individuals who reside in the United States to North Korea, China, Russia, or Iran or an entity controlled by such a country (e.g., headquartered in or owned by a person in the country).
Sensitive data includes government-issued identifiers (e.g., Social Security numbers), financial account numbers, biometric information, genetic information, precise geolocation information, and private communications (e.g., texts or emails).
A data broker generally includes an entity that sells or otherwise provides data of individuals that the entity did not collect directly from the individuals. A data broker does not include an entity that transmits an individual's data or communications at the request or direction of the individual or an entity that makes news or information available to the general public.
The bill provides for enforcement by the Federal Trade Commission.
The bill prohibits data brokers from transferring sensitive data of United States individuals to foreign adversary countries or entities controlled by foreign adversaries
The Federal Trade Commission will enforce this prohibition and treat violations as unfair or deceptive acts
The bill provides definitions for terms such as “foreign adversary country”, “controlled by a foreign adversary”, “data broker”, “sensitive data”, and “service provider”
The section will take effect 60 days after the date of the enactment of the Act