White House Tells DOJ to Beef up Data Protections

White House, Washington, D.C.

The White House wants the Department of Justice to do more to protect America’s sensitive data.

In an executive order issued Wednesday (Feb. 28), President Joe Biden instructed the attorney general to curb the “large-scale transfer of Americans’ personal data to countries of concern” and establish protections for other activities that can give those countries access to data, according to an announcement from the White House.

The executive order covers “genomic data, biometric data, personal health data, geolocation data, financial data and certain kinds of personally identifiable information,” the announcement said.

“Our adversaries are exploiting Americans’ sensitive personal data to threaten our national security,” Attorney General Merrick B. Garland said in a Justice Department news release. “They are purchasing this data to use to blackmail and surveil individuals, target those they view as dissidents here in the United States and engage in other malicious activities.”

With that in mind, the executive order authorizes the Justice Department to block hostile countries from harvesting things like biometric identifiers and personal health and financial data, the release said.

In addition, the executive order gives the department greater authority to address data-security risks in areas such as telecommunications infrastructure, healthcare and consumer protection, per the release.

“In accordance with the executive order, the Justice Department’s National Security Division will implement its provisions on behalf of the attorney general, and contemplates identifying China, Russia, Iran, North Korea, Cuba and Venezuela as countries of concern under this program,” the release said.

The first four countries on the list were recently named by Microsoft and OpenAI as actors in a series of schemes to use artificial intelligence for nefarious purposes.

The White House’s efforts come as “impact and frequency of data breaches are only increasing as bad actors seek out new vulnerabilities in organizational infrastructures,” as PYMNTS wrote earlier this week.

An example of this problem can be seen in the suspected ransomware gang Blackcat’s cyberattack targeting UnitedHealth Group’s technology unit, Change Healthcare, which has led to the shutdown of more than 100 Change Healthcare services, including benefits verification, claims submission and prior authorization.

The breach is a reminder of the need to set up proactive cybersecurity strategies and collaborative efforts to stem the risk of such attacks, Lisa Plaggemier, executive director of the National Cybersecurity Alliance, said in an interview with PYMNTS.

“Strengthening cybersecurity protocols, enhancing employee training, and fostering a culture of cybersecurity awareness are essential steps in safeguarding against the pervasive threat of data breaches and preserving the confidentiality, integrity and availability of sensitive information,” Plaggemier said.