A bipartisan pair of senators on Tuesday introduced legislation they say will protect Americans’ sensitive personal data from China and elsewhere.
The CFIUS is a U.S. interagency panel overseen by the Treasury Department that scrutinizes foreign deals for national security implications.
The legislation would expand the panel’s authority to issue regulations that require mandatory declarations to foreign investments in U.S. companies that maintain or collect sensitive personal data.
Rubio said in a statement that Americans should be “deeply concerned” about foreign investments in American companies that handle personal information.
These companies “pose a risk of exposing personal data, like genetic testing results and private financial transactions, to harmful actors in China and elsewhere,” Rubio said.
The Republican senator added, “We need to strengthen CFIUS’s oversight authority of these transactions to protect Americans and mitigate this serious national security threat.”
The senators noted in their joint release that there are currently limited circumstances in which CFIUS is able to require companies to make a mandatory declaration prior to completing a transaction.
Beijing has for years been collecting large amounts of American health care data, using illegal methods such as cyber hacking, investments in American biotech companies, and partnerships with hospitals and universities to gain access to sensitive information.
Shenzhen-based company Beijing Genomics Institute (BGI), for example, has been previously flagged by lawmakers for purchasing U.S. companies. On Sept. 30, Sen. Tom Cotton (R-Ark.), and Rep. Mike Gallagher (R-Wis.) on Sept. 30 called on the Biden administration to blacklist the BGI and others, saying that it is working to “undercut the global DNA sequencing market” using state subsidies.
Such data can also be weaponized to target individuals in the country for intelligence and military operations, according to the NCSC.