DOJ's Bulk Data Rule Turns One: Compliance
Exploring the costs of DOJ's data compliance regime
Model Diplomat8 min readNorth America

DOJ's Bulk Data Rule Turns One: What Compliance Actually Costs
The DOJ's 28 CFR Part 202 is now a live enforcement regime — here's how the Data Security Program is reshaping AI training, health data deals, ad tech, and cross-border vendor contracts with China.
The Justice Department's Data Security Program — the January 2025 Final Rule implementing Executive Order 14117 — has quietly become the most consequential US cross-border data statute of the decade, and one year past its April 8, 2025 effective date it is functioning less as a privacy law than as an export control on Americans' health, genomic, financial, geolocation and identifier data — a $459-million-a-year compliance tax that hits hospitals, biotech, ad-tech, and multinational HR systems far harder than it hits the data brokers Congress and the White House said they were targeting. The rule's real bite is not its headline prohibitions on selling data to China. It is the machinery underneath: mandatory data compliance programs, annual officer certifications, audit trails, and a "knowing" standard that reaches vendor chains most US companies have never mapped. On July 8, 2026 — one year past the end of DOJ's enforcement grace period — the compliance calendar has caught up with the rulebook.
The rule, in one paragraph a general counsel can act on
The Final Rule, codified at 28 CFR Part 202 and published at 90 Fed. Reg. 1636, does two things. It flatly prohibits US persons from knowingly engaging in "data-brokerage" transactions or human 'omic-data transactions with a "country of concern" — China (including Hong Kong and Macao), Russia, Iran, North Korea, Cuba, Venezuela — or a "covered person" tied to one. And it restricts a much broader universe of vendor, employment, and investment agreements unless the US party implements CISA-issued security requirements, builds a written data compliance program, submits to annual audits, and files reports. The
American Journal of International Law notes that this is the first time DOJ has been handed regulatory authority over private-sector transactions involving personally identifiable information — a jurisdictional shift that puts data flows into the same enforcement lane as sanctions and export controls, with penalties borrowed directly from Section 206 of IEEPA, 50 U.S.C. §1705.
The thresholds that define "bulk" under 28 CFR §202.205 are low enough to catch mid-sized businesses, not just data brokers: 100 persons for human 'omic data, 1,000 devices for precise geolocation, 10,000 persons for personal health or financial data, 100,000 for covered personal identifiers, all measured over a rolling 12-month period. Combine any two categories and the lower threshold applies. A regional hospital chain, a Series B genomics startup, a mid-market fintech, and a US mobile app with a modest advertising business are all inside the perimeter.

Who actually loses — and it is not primarily the data brokers
The Biden White House framed EO 14117 as closing the "data broker loophole," but the compliance burden falls hardest on operating companies that never thought of themselves as data merchants. The Atlantic Council has argued that the health-data provisions in particular reach into AI development pipelines — a US hospital system that outsources analytics, a biobank whose lab-information-management system is built by a vendor with Chinese engineers, or a pharma company training a model on de-identified patient records suddenly has to interrogate its subcontractor stack for "covered persons" as defined at
28 CFR §202.211. DOJ's own examples give the game away:
§202.301 treats a US subsidiary that licenses an AI chatbot trained on bulk US health data to its country-of-concern parent as a prohibited transaction, on the theory that the model can regurgitate its training data — a doctrine that effectively extends the rule to model weights, not just raw data.
The second-order losers are the compliance-lite mid-market. The DOJ's Final Regulatory Impact Analysis put the discounted annualized cost of the rule at approximately $459 million a year — a figure the
GAO reproduced without dissent — but that estimate is heavily front-loaded on companies that were not previously subject to CFIUS, OFAC, or Bureau of Industry and Security regimes. Large US banks and cleared defense contractors already run this playbook. A precision-medicine startup with a Shenzhen sequencing vendor does not.
Biotech is the sharpest case. The Prohibiting Foreign Access to American Genetic Information Act of 2024 named BGI, MGI, Complete Genomics, and WuXi AppTec as "biotechnology companies of concern." The DOJ rule goes further: it prohibits any vendor, employment, or investment agreement that provides a country-of-concern party access to bulk human 'omic data or biospecimens from which such data could be derived, with the threshold set at just 100 persons. On April 2, 2025, the National Institutes of Health barred researchers in China and five other countries from 21 biomedical databases as what
Science called a "technical update" to the DOJ rule — a step that BGI publicly protested as breaking "a shared human legacy." The winners here are US genomics platforms (Illumina, domestic sequencing service providers) and US-based cloud clinical-trial infrastructure vendors; the losers are cost-sensitive academic collaborations that had leaned on Chinese partners for scale.
Ad-tech is the second stress case. DOJ's own worked example at 28 CFR §202.302 treats a US mobile app that hands bulk geolocation and advertising IDs to a European ad exchange as a prohibited transaction unless the US company obtains a contractual commitment blocking onward transfer to any country-of-concern buyer. That maps onto real market plumbing: the geolocation threshold — 1,000 devices — is trivially small for any programmatic ad chain, and the "knowingly" standard in
§202.304 reaches attempts, evasions, and conspiracies, mirroring OFAC evasion doctrine. Publishers that cannot document the tail of their bid stream face binary choices.
The compliance machinery is now the enforcement risk
The trap is not in the prohibitions; it is in the paperwork. Under 28 CFR §202.1001, any US person engaged in restricted transactions had to have a written data compliance program in place by October 6, 2025, with risk-based procedures to verify data flows, log types and volumes of data in an auditable manner, and produce a written policy — annually certified by an officer or executive responsible for compliance — describing implementation of the security requirements defined at 28 CFR §202.248. Those security requirements themselves were drafted by the Cybersecurity and Infrastructure Security Agency and span organization, system, and data-layer controls, including data minimization, masking, encryption, and privacy-enhancing technology, as the
Atlantic Council documented in its cross-border health-data analysis. The annual certification is the enforcement pivot. Under IEEPA, a false certification is not merely a paperwork failure — it can support a criminal referral.
The "finding of violation" mechanism at 28 CFR §202.1305 gives DOJ an administrative middle gear it did not have in the sanctions context: it can issue an initial finding of violation, offer the company an opportunity to respond, and issue a final finding that constitutes final agency action reviewable in federal district court — without imposing a monetary penalty. That means DOJ can build a public record of "what non-compliance looks like" through low-cost enforcement actions long before it brings its first big-fine case. As of July 8, 2026, no such headline case has been publicly announced under Part 202. The absence is itself a signal: DOJ's National Security Division is telegraphing that it wants the compliance regime built out first.
The Trump-era twist: the rule survived, and got sharper
The rule's most surprising feature at this point is that it exists at all. President Trump's January 20, 2025 regulatory freeze directed agencies to consider postponing rules published but not yet in effect — a category that captured Part 202. The Data Security Program was not among the orders rescinded, and EO 14117 remained in force. The Trump DOJ then let the July 8, 2025 grace period expire on schedule and, through NIH, tightened the biomedical database restrictions in April 2025. The rule is now aligned with the administration's broader China-tech enforcement posture — the same posture that produced the
Supermicro AI-server indictment in March 2026 and the House Select Committee's
written testimony calling for expanded civil penalties as a complement to slow criminal prosecutions. Data controls and chip controls are now two prongs of the same enforcement architecture, and the DOJ NSD sits at the seam.
The historical parallel is instructive. The Committee on Foreign Investment in the United States took roughly a decade after FIRRMA to develop the enforcement cadence it now uses. The Data Security Program is compressing that timeline by borrowing IEEPA's ready-made penalty structure and OFAC's compliance-program-first enforcement philosophy. The RAND analysis that criticized EO 14117 for a narrow definition of "bulk data" — excluding code and video — has aged into a policy roadmap: expect the covered-data list to expand, not contract, as AI training-data controls converge with export controls.
What to watch next
Three catalysts will determine whether Part 202 becomes CFIUS-for-data or fades into paperwork.
- The first public DOJ NSD enforcement action. A "finding of violation" under §202.1305, even without a monetary penalty, will define the risk posture that every board and audit committee has to underwrite. Ad-tech and clinical-trial vendors are the likeliest first targets.
- The first annual officer certifications. Companies that stood up compliance programs by the October 6, 2025 deadline are now filing their first annual certifications; the false-certification exposure under IEEPA is the sharpest legal risk for CISOs and GCs.
- The re-export gap. The
German Marshall Fund flagged in 2024 that self-attestation is a weak backstop against third-country intermediaries. Watch for DOJ guidance — or a designated-covered-person action under §202.211 — that closes the third-country loophole through jurisdictional entities in Singapore, the UAE, or the Netherlands.
Diplomat View
The Data Security Program is the sleeper cross-border tech regulation of the Trump era: a Biden rule the Trump DOJ chose to keep and sharpen, an IEEPA-based authority reaching commercial data flows that no US administration had previously tried to regulate, and a compliance framework that is quietly training a generation of general counsel to treat data like a controlled export. The forecast: within 18 months, DOJ NSD brings at least one high-visibility enforcement action against a US ad-tech, health-data, or genomics company — not a data broker — pairing a §202.1305 finding with a modest IEEPA civil penalty to set precedent. That call is falsifiable. It would change if the NSD's data-security enforcement team is meaningfully cut in FY2027 appropriations, if a federal court accepts an IEEPA-scope or First Amendment challenge to Part 202 on Berman Amendment grounds, or if the administration folds Part 202 into a broader outbound-investment or ICTS supply-chain rulemaking that supersedes 28 CFR Part 202. Absent those breaks, the trajectory points one way: data joins semiconductors on the US Politics national-security enforcement docket, and every US company handling bulk sensitive data now has a de facto export-control problem whether or not it thinks of itself in those terms.
The Bottom Line
The DOJ's Final Rule on bulk US sensitive data is no longer a privacy regulation — it is a national-security export-control regime for personal data, and its heaviest costs land on operating companies in healthcare, biotech, and ad-tech rather than the data brokers Washington claims to be targeting. One year past the end of the enforcement grace period, the compliance machinery is live, the certifications are due, and the first DOJ National Security Division enforcement case is the shoe that has not yet dropped.
Discover more

US Politics
SNAP Food Assistance Faces Legal Challenges
In 2026, SNAP faces stricter eligibility rules and mounting legal challenges, threatening food assistance for the millions of Americans who rely on the program.

India
Congress Accuses Modi of Stalling Women's Law
Congress accuses Modi of stalling women's reservation law by linking it to delimitation, revealing a deeper electoral strategy.
US Politics
Congress Targets AI Chatbot Access for Terror
The House passed the Generative AI Terrorism Risk Assessment Act, focusing on AI's role in terrorism and potential surveillance implications.

Tech Policy
U.S. Grants UAE License-Free AI Chip Access
U.S. Commerce reclassifies UAE to Country Group A:5, granting license-free AI chip access to G42 and American tech giants, rewarding Emirati China divestment and Operation Epic Fury sacrifices.