Proposed Security Requirements for Restricted Transactions

On February 28, 2024, President Biden signed Executive Order 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and U.S. Government-Related Data by Countries of Concern, to address national-security and foreign-policy threats that arise when countries of concern and covered persons can access bulk U.S. sensitive personal data or government-related data that may be implicated by the categories of restricted transactions.  As directed by E.O. 14117, CISA has developed proposed security requirements to apply to classes of restricted transactions identified in regulations issued by the Department of Justice (DOJ).

CISA is committed to seeking and incorporating public input into its approach to the development and content of the security requirements required by E.O. 14117.  To provide feedback on these proposed security requirements, please visit www.regulations.gov and enter CISA-2024-0029 in the search field, click the "Comment Now!" icon, complete the required fields, and enter or attach your comments.  CISA will consider comments received in developing the final security requirements. You can read CISA's notice and request for comment in the Federal Register to review a list of questions for which CISA believes feedback could be particularly useful.