New Mexico Democrat Martin Heinrich, Oregon Democrat Ron Wyden, and Wyoming Republican Cynthia Lummis sponsored the bill.
The proposal also attempts to criminalize and civilly punish foreign company employees who access U.S. data abroad.
“It is simply too easy for anyone to buy large volumes of information about Americans – a concern I’ve been highlighting for some time,” Heinrich stated in a news release.
“Whether our adversaries or our government buy this personal data, we need guardrails. I’ll hold Avril Haines to her promise to study and execute the report’s recommendations.
This law is a wonderful start to preserve Americans’ privacy and national security.
Tuesday’s bipartisan bill protects data from foreign governments.
The Protecting Americans’ Data from Foreign Surveillance Act of 2023 amends the Export Control Reform Act of 2018 to safeguard American data from foreign governments.
These revisions include asking the Commerce Secretary and other agencies to designate personal data theft categories that might impair national security if exported and a list of nations where data can be shared with or without limits.
“The adequacy and enforcement of the country’s privacy and export control laws, the circumstances under which the foreign government can compel, coerce, or pay a person in that country to disclose personal data, and whether that foreign government has conducted hostile foreign intelligence operations against the United States” will determine whether these countries are high risk or low risk, according to a bill news release.
The bill regulates all personal data exports by data brokers and firms to restricted foreign governments and applies export control penalties to senior executives who knew or should have known if their employees “were directed to illegally export Americans’ personal data,” according to the news release.
Ohio Republican Rep. Warren Davidson and California Democratic Rep. Anna Eshoo presented the measure in the House.