The US House of Representatives has passed a bill that would prohibit data brokers from selling Americans’ data to foreign adversaries with an unusual degree of bipartisan support: It passed without a single opposing vote.
The Protecting Americans’ Data from Foreign Adversaries Act of 2024 was introduced in the house earlier this month alongside the recently-passed TikTok ban bill and gives the Federal Trade Commission authority to go after any data broker that sells PII to North Korea, Russia, China or Iran, or any company controlled by those countries.
“Data brokers then sell billions of data elements on nearly every consumer in the United States, including information about children and active members of the U.S. military,” said Congressman Frank Pallone, Jr. (D-NJ), the bill’s sponsor. “Today’s unanimous [414-0] vote should help build momentum for action in the Senate soon so that we can get this important bipartisan legislation signed into law.”
Categories of data covered in the House bill include government-issued identification numbers, financial information, biometric and genetic data, geolocation data, private communications and other sensitive categories.
Ostensibly an agency-level implementation of the executive order President Biden signed last month with the same aims, the newly passed FTC authority bill is slightly narrower in scope, and doesn’t include Cuba or Venezuela, both mentioned in the EO, as “foreign adversaries” under the House bill.
The law that was ordered into existence by Biden’s Executive Order will take some time to wind its way through the rulemaking process before it could be enforced by the Department of Justice. Aside from Biden’s proposal under the EO, no other law currently restricts the sale of data collected by brokers to foreign adversaries.
When asked if there were any known instances of data brokers selling information to adversarial nations mentioned in the House bill, a spokesperson for the House Energy and Commerce Committee who reviewed and marked up the proposal, told us there are not any publicly available examples.
The Committee did share a previously classified report [PDF] from the Office of the Director of National Intelligence with us from January 2022 that covered the exact issue, however. The ODNI report found a “large and growing amount” of commercially-available PII that could be leveraged by the intelligence communities of foreign governments, and urged the development of procedures to safeguard such data.
The Committee also referred us to a report from Duke University that found widespread availability of sensitive data belonging to military personnel, which we’ve previously reported, as additional justification for the bill.
It’s not clear when the House measure will be heard by the Senate; according to Congressional records, it has yet to be introduced in the upper house. ®