On April 8, the Department of Justice’s (“DOJ’s”) final rule on Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons (the “Rule”) formally took effect. ...more
4/21/2025
/ Compliance Dates ,
Covered Person ,
Covered Transactions ,
Data Security ,
Department of Justice (DOJ) ,
Effective Date ,
Enforcement Actions ,
Executive Orders ,
Final Rules ,
International Data Transfers ,
National Security ,
Risk Management ,
Sensitive Personal Information
On January 8, the Department of Justice (DOJ) published its final Rule implementing Executive Order 14117 (EO), “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by...more
With the publication of a recent Notice of Proposed Rulemaking (NPRM), the Department of Justice National Security Division will soon become an important new regulator of transactions involving the transfer of sensitive U.S....more
10/29/2024
/ Biden Administration ,
China ,
Civil Investigation Demand ,
Comment Period ,
Compliance ,
Covered Person ,
Cross-Border Transactions ,
Data Retention ,
Department of Justice (DOJ) ,
Due Diligence ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
Personal Data ,
Proposed Rules ,
Regulatory Authority ,
Russia ,
Sensitive Personal Information
On October 11, 2024, the U.S. Department of Defense (DoD) at long last published a final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program (the Final Rule)...more
On March 6, 2024, the U.S. Departments of the Treasury, Commerce, and Justice jointly issued a Tri-Seal Compliance Note titled “Obligations of Foreign-Based Persons to Comply with U.S. Sanctions and Export Control Laws”...more
On February 28, 2024, President Biden signed Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and U.S. Government-Related Data by Countries of Concern” (the EO), under the authority of the...more
3/4/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
China ,
Consumer Financial Protection Bureau (CFPB) ,
Data Transfers ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Executive Orders ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Rulemaking Process ,
Russia ,
Sensitive Personal Information
The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more
10/14/2021
/ Compliance ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
Subcontractors
On Wednesday, April 29, the US Department of Justice released guidance titled “Best Practices for Victim Response and Reporting of Cyber Incidents.” The guidance outlines steps companies should take before, during, and after...more