May 21, 2025

DOJ Guidance on Bulk Sensitive Data Rules: Enforcement Grace Period and Prohibited Transactions

The DOJ has issued guidance to facilitate compliance with its final rules, referred to as the Data Security Program (DSP), implementing former President Biden’s Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern. Though much of the guidance material rearticulates language in the DSP, there was some notable new compliance information for organizations. This two-part article series highlights the key elements of the guidance, with commentary from Edward McNicholas, a partner at Ropes & Gray. This first installment covers the enforcement grace period, definitions of bulk data and covered persons, and prohibited transactions. Part two will distill guidance on restricted transactions, recordkeeping, reporting requirements, licenses and advisory opinions. See “Examining DOJ’s Final Rules on Access to Government and Sensitive U.S. Personal Data” (Feb. 12, 2025).

Will France Continue Aggressive Bribery Enforcement Efforts in the Wake of a U.S. “Pause”?

Over the last decade, France has reinvented itself as a leader in the global fight against corruption, with novel legal frameworks and an active enforcement culture. With U.S. FCPA enforcement on pause, France may be poised to take a more prominent role on the global enforcement stage. In a guest article, Proskauer partner Bryan Sillaman, along with counsel Sergon Sancar and associates Salomée Bohbot, Santiago Ramirez-Reyes, and Mélinée Aprikian, discuss how France has an opportunity to further distinguish itself as an influential partner in the global fight against corruption. See “How the New DOJ and PNF Corporate Enforcement Guidelines Affect Self-Reporting, Cooperation and Remediation” (Mar. 29, 2023).