[Congressional Record Volume 170, Number 36 (Wednesday, February 28, 2024)]
[House]
[Page H730]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




PREVENTING ACCESS TO AMERICANS' BULK SENSITIVE PERSONAL DATA AND UNITED 
 STATES GOVERNMENT-RELATED DATA BY COUNTRIES OF CONCERN--MESSAGE FROM 
        THE PRESIDENT OF THE UNITED STATES (H. DOC. NO. 118-109)

  The SPEAKER pro tempore laid before the House the following message 
from the President of the United States; which was read and, together 
with the accompanying papers, referred to the Committee on Foreign 
Affairs and ordered to be printed:

To the Congress of the United States
  Pursuant to the International Emergency Economic Powers Act (50 
U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 
1601 et seq.), and section 301 of title 3, United States Code, I hereby 
report that I have issued an Executive Order that expands the scope of 
the national emergency declared in Executive Order 13873 of May 15, 
2019 (Securing the Information and Communications Technology and 
Services Supply Chain), and further addressed with additional measures 
in Executive Order 14034 of June 9, 2021 (Protecting Americans' 
Sensitive Data from Foreign Adversaries).
  The continuing effort of certain countries of concern to access 
Americans' sensitive personal data and United States Government-related 
data constitutes an unusual and extraordinary threat, which has its 
source in whole or substantial part outside the United States, to the 
national security and foreign policy of the United States. Access to 
Americans' bulk sensitive personal data or United States Government-
related data increases the ability of countries of concern to engage in 
a wide range of malicious activities, including espionage, influence, 
kinetic, or cyber operations, or to identify other potential strategic 
advantages over the United States.
  To address this threat and to take further steps with respect to the 
national emergency declared in Executive Order 13873, the order 
authorizes the Attorney General, in coordination with the Secretary of 
Homeland Security and in consultation with the heads of relevant 
agencies, to issue, subject to public notice and comment, regulations 
to prohibit or otherwise restrict the large-scale transfer of 
Americans' personal data to countries of concern and to provide 
safeguards around other activities that can give those countries access 
to sensitive data. Section 2(b) of the order authorizes the Attorney 
General, in consultation with the heads of relevant agencies, to take 
such actions, including the promulgation of rules and regulations, and 
to employ all other powers granted to the President by IEEPA, as may be 
necessary or appropriate to carry out the purposes of the order.
  In addition, section 2(d) of the order authorizes the Secretary of 
Homeland Security, acting through the Director of the Cybersecurity and 
Infrastructure Security Agency, in coordination with the Attorney 
General and in consultation with the heads of relevant agencies, to 
propose, seek public comment on, and publish security requirements that 
address the unacceptable risk posed by restricted transactions, as 
identified by the Attorney General. Section 2(e) of the order 
authorizes the Secretary of Homeland Security, in coordination with the 
Attorney General, to take such actions, including promulgating rules, 
regulations, standards, and requirements; issuing interpretive 
guidance; and employing all other powers granted to the President by 
IEEPA as may be necessary to carry out the purposes described in 
section 2(d) of the order.
  I am enclosing a copy of the Executive Order I have issued.
                                                Joseph R. Biden, Jr.,  
The White House, February 28, 2024.

                          ____________________