National Security

Article: White Paper on Clarifying Definitions in the Protecting Americans’ Data from Foreign Adversaries Act of 2024

June 12, 2024 By Daniel Felz and Santi Villar

Peter Swire, Senior Counsel at Alston & Bird, has published a white paper at the Cross-Border Data Forum (“CBDF”), analyzing the definitions in the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (“PADFAA”), which was passed on April 24, 2024 and will take effect on June 23, 2024. The white paper discusses some ambiguities […]

Article: Executive Order to Limit Sales of Americans’ Sensitive Data to Adversarial Foreign Governments

February 29, 2024 By Santi Villar and Daniel Felz

Peter Swire, Senior Counsel at Alston & Bird, has co-authored a detailed article in Lawfare, “Limiting Data Broker Sales in the Name of U.S. National Security: Questions on Substance and Messaging,” analyzing the Biden Administration’s new Executive Order issued yesterday. Swire’s article summarizes key aspects and impacts of the Executive Order, which is intended to […]

Declassified Intelligence Community Letters Highlight Importance of Monitoring Outbound Data Flows

February 16, 2024 By Santi Villar and David Keating

On January 25, 2024, Senator Ron Wyden (D-OR) released documents that confirm U.S. intelligence agencies are purchasing location and other sensitive personal information from data brokers without the consent of the data subjects. The FTC has recently gone after data brokers who collect and sell the sensitive location data of consumers without their express consent, […]

CISA Releases Advisory Concerning Chinese-Backed Threat Actor

October 9, 2023 By Kim Peretti

On September 27, 2023, The U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japanese National Police Agency (NPA), and the Japanese National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a joint cybersecurity advisory (CSA) concerning the recent activity of […]

Penn State University Hit With False Claims Act Suit for Alleged Cyber Security Deficiencies

September 25, 2023 By Privacy, Cyber & Data Strategy Team

On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide “adequate security” for Covered Defense Information, as contractually required by Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7012. DFARS requires […]