Senate Bill 2889
116th Congress(2019-2020)
National Security and Personal Data Protection Act of 2019
Introduced
Introduced
Introduced in Senate on Nov 18, 2019
Overview
Text
Introduced
Nov 18, 2019
Latest Action
Nov 18, 2019
Origin Chamber
Senate
Type
Bill
Bill
The primary form of legislative measure used to propose law. Depending on the chamber of origin, bills begin with a designation of either H.R. or S. Joint resolution is another form of legislative measure used to propose law.
Bill Number
2889
Congress
116
Policy Area
Science, Technology, Communications
Science, Technology, Communications
Primary focus of measure is natural sciences, space exploration, research policy and funding, research and development, STEM education, scientific cooperation and communication; technology policies, telecommunication, information technology; digital media, journalism. Measures concerning scientific education may fall under Education policy area.
Sponsorship by Party
Missouri
Arkansas
No Senate votes have been held for this bill.
Summary

National Security and Personal Data Protection Act of 2019

This bill prohibits the transfer of data to, and storage of data within, foreign countries that threaten U.S. national security.

Specifically, the bill requires the Department of State to designate as a country of concern any country, including the People's Republic of China and the Russian Federation, whose data privacy and security requirements pose a substantial risk to U.S. national security.

A technology company that is subject to the jurisdiction of a country of concern and that provides a website or internet application operating in interstate or foreign commerce shall

  • not collect unnecessary user data or use any user data for a purpose that is secondary to the operation of the website, service, or application;
  • not transfer user data or information to a country of concern;
  • not store user data on a server outside either the United States or a country that has agreed to share data with U.S. law enforcement agencies; and
  • allow individuals to view and delete their individual user data.

Additionally, any company that provides a website or internet application operating in interstate or foreign commerce but which is not subject to the jurisdiction of a country of concern is prohibited from transferring data to a country of concern or storing user data on a server located in a country of concern.

The Federal Trade Commission shall enforce these requirements; however, the bill also provides for civil actions brought by either an individual or the attorney general of a state to enjoin the engagement of any person in a practice that violates the prohibitions in this bill.

Text (1)
November 18, 2019
Actions (2)
11/18/2019
Read twice and referred to the Committee on Commerce, Science, and Transportation.
11/18/2019
Introduced in Senate
Public Record
Created
Nov 19, 2019 5:27:33 AM
Updated
Feb 1, 2021 10:22:42 PM