Devin DeBacker and Lee Licata from the DOJ tackle urgent national security concerns as they focus on protecting American data from foreign threats. They reveal how adversaries might exploit obscure data types like geolocation and genomic information. The discussion highlights China's purchase of sensitive genomic data and the challenges posed by black box data brokers. They also share insights on new regulatory plans for data protection and the potential hurdles posed by political gridlock in Congress.
Adversaries exploit obscure data types like geolocation and DNA sequencing for national security threats.
China's acquisition of genomic data on millions of Americans through healthcare investments raises data security concerns.
DOJ's proposed rule aims to safeguard data by restricting transactions, balancing national security risks with economic impacts.
Deep dives
The Role of the Department of Justice in National Security
The Department of Justice's National Security Division plays a crucial role in using civil and criminal laws to combat national security threats. It consolidates functions like terrorism prosecutions and foreign surveillance under a post-9/11 initiative. This division investigates and prosecutes espionage, sabotage, and sanctions violations, among other tasks. Additionally, it oversees intelligence operations, develops national security policies, and evaluates foreign investments for potential risks.
Evolution of US Government Concerns About Data Flows
Over the past decade, a shift in geopolitical dynamics, particularly towards countries like China, has highlighted risks associated with data flows. Concerns intensified with the rise of AI, big data analytics, and communication infrastructure. The US government, starting in 2021, recognized the need for a new approach due to data-related issues emerging in CFIUS and telecom review processes. The podcast highlighted historical cases like World War I, showing a continuum of national security concerns surrounding information access.
Challenges and Impacts of Holistic Regulation on Data Flows
The proposed rule by the Department of Justice aims to restrict certain commercial transactions involving sensitive data and countries of concern. It includes prohibitions on data brokerage and genetic data transfers. Additionally, it outlines restrictions on investment, employment, and vendor agreements. The rule represents a shift from case-by-case review to a more holistic regulatory approach. Challenges include balancing national security risks with economic impacts and navigating interagency processes and public feedback for effective implementation.
Concerns About GeoLocation Data Usage
The episode discusses the concerns regarding the usage of geolocation data, particularly its potential for micro and macro targeting of individuals and communities. Examples are provided, such as the publication of fitness journey heat maps leading to the mapping of government facilities and military bases. The episode highlights the aggregated insights that can be derived from multiple datasets, posing risks in the hands of foreign adversaries. The conversation extends to the regulation phase, focusing on thresholds for sensitive data and the challenges in determining the appropriate quantities.
Team Telecom's Role in Subsea Cables Review
The episode delves into the role of Team Telecom in reviewing subsea cables for national security implications. It emphasizes the importance of these cables in global internet traffic and the shift towards cloud operators like Google and Microsoft owning them. The discussion outlines the risks associated with cables landing in adversary territories and ownership by foreign entities. Examples are shared, such as recommendations to alter cable landing points to mitigate risks, showcasing the committee's decision-making process.
The DOJ is now charged with protecting American data from foreign adversaries. This new proposed rule they recently issued is, according to one observer, “one of the most ambitious and sweeping new initiatives in national security law over the past few years.”
To discuss, we interviewed Devin DeBacker and Lee Licata of the Department of Justice’s National Security Division.
We get into:
How adversaries plan to weaponize obscure data types — including geolocation data, DNA sequencing, and undersea cable transmissions;
How China managed to purchase genomic data on millions of Americans through healthcare investments;
Why black box data brokers keep records of who goes to casinos;
How the DOJ plans to protect your data, and whether their plans can be thwarted by gridlock in Congress.
I’m excited to introduce a partnership with Policyware to bring affordable, expert-driven policy education to my audience. Starting May 14, Samm Sacks will be teaching a deep dive into China’s Digital Governance and its Global Implications.
Samm is an old friend of mine and a Senior Fellow at Yale Law School’s Paul Tsai China Center. She is a leading expert on China’s cybersecurity legal system, the U.S.-China technology relationship, and the geopolitics of data privacy and cross-border data flows. Check out below a show I did with Samm on ChinaTalk discussing China’s digital governance.
You’ll learn over several weeks as Samm delivers live classes, with options to listen on your own time. Policyware Deep Dives are designed to be attended alongside your job, and they will help you organize with your employer for cost sharing. Check out the show we did together on data issues late last year.
Help support ChinaTalk by registering for the deep dive here and thank you to Policyware for sponsoring today’s episode.
