HR1153-118

Reported

To provide a clarification of non-applicability for regulation and prohibition relating to sensitive personal data under the International Emergency Economic Powers Act, and for other purposes.

118th Congress Introduced Feb 24, 2023

Analysis under review: This bill has generated analysis that may be too generic or incomplete. Clause-level evidence remains available below.

Summary

What This Bill Does

The DATA Act addresses the transfer of sensitive personal data to China and the national security risks posed by Chinese-controlled connected software applications, particularly TikTok. Title I clarifies that sensitive personal data is not protected under the IEEPA informational materials exemption and directs the Treasury Secretary to prohibit transactions with entities transferring such data to China. Title II establishes a sanctions regime against foreign persons operating connected software applications linked to Chinese espionage, censorship, election interference, or malicious cyber activities. Title III specifically requires Presidential determinations every 180 days on whether ByteDance/TikTok meets sanctionable criteria.

Who Benefits and How

US national security interests benefit from closing a loophole that allowed sensitive personal data to flow to China under the IEEPA informational materials exemption. US citizens benefit from protections against foreign surveillance and data exploitation. Competing US-based social media companies benefit from potential restrictions on TikTok.

Who Bears the Burden and How

ByteDance and TikTok face direct sanctions risk and ongoing presidential scrutiny every 180 days. Foreign persons and entities connected to China that handle sensitive personal data face transaction prohibitions and asset blocking. US persons doing business with entities transferring sensitive data to China face new restrictions. The Treasury Department bears the burden of issuing directives and implementing the new regime within 180 days.

Key Provisions

  • Clarifies sensitive personal data transfers are not exempt under IEEPA informational materials provisions
  • Directs Treasury to prohibit transactions with entities transferring sensitive personal data to Chinese-connected persons
  • Creates sanctions authority to block assets of foreign persons operating Chinese-linked software applications involved in espionage, censorship, or election interference
  • Mandates Presidential determination on ByteDance/TikTok every 180 days for 3 years
  • Includes 5-year sunset clause for Title II sanctions authority

Evidence Chain:

This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers.

At a Glance

What This Bill Does

Clarifies that the IEEPA informational materials exemption does not apply to sensitive personal data transfers, prohibits US persons from transacting with entities that transfer sensitive personal data to China, and imposes sanctions on foreign persons operating connected software applications linked to China that facilitate espionage, censorship, election interference, or malicious cyber activities.

Key Policy Areas

National Security, Data Privacy, Trade & Sanctions, Technology Regulation

Primary Purpose

Clarifies that the IEEPA informational materials exemption does not apply to sensitive personal data transfers, prohibits US persons from transacting with entities that transfer sensitive personal data to China, and imposes sanctions on foreign persons operating connected software applications linked to China that facilitate espionage, censorship, election interference, or malicious cyber activities.

Policy Domains

National Security Data Privacy Trade & Sanctions Technology Regulation

Title I - IEEPA Clarification and Data Transfer Prohibition

Identified Gains
Contextual inference, no direct clause citation
  • US citizens whose personal data is at risk
  • US national security apparatus
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Identified Costs
Contextual inference, no direct clause citation
  • Entities transferring sensitive personal data to China
  • Treasury Department (implementation)
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Title II - Sanctions on Connected Software Applications

Identified Gains
Contextual inference, no direct clause citation
  • US national security interests
  • Competing US-based social media and tech companies
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Identified Costs
Contextual inference, no direct clause citation
  • Foreign persons operating Chinese-linked connected software applications
  • Persons facilitating transactions for sanctioned entities
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Title III - ByteDance/TikTok Determinations

Identified Gains
Contextual inference, no direct clause citation
  • US national security interests
  • Congressional oversight committees
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Identified Costs
Contextual inference, no direct clause citation
  • ByteDance and TikTok
  • ByteDance/TikTok subsidiaries and controlled entities
Model: N/A | Version: bill_summary_v2 | Source: rh

Contextual inference, no direct clause citation

Legislative Progress

Reported
Introduced Committee Passed
May 16, 2023

Additional sponsor: Mr. Smith of New Jersey

May 16, 2023

Reported from the Committee on Foreign Affairs; committed to the …

Feb 24, 2023

Mr. McCaul introduced the following bill; which was referred to …

Stakeholder Effects

cui bono?

How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.

Technology
8 mentions across 6 clauses
+1 positive -7 negative

ByteDance Ltd., Chinese-connected software application operators (including TikTok/ByteDance), Companies transferring sensitive personal data to/from China

Positive-direction: US-based social media competitors

Negative-direction: ByteDance Ltd., Chinese-connected software application operators (including TikTok/ByteDance), Companies transferring sensitive personal data to/from China, Entities connected to China handling US personal data, Foreign persons operating connected software applications, Sanctioned foreign persons and entities, TikTok

Government
3 mentions across 3 clauses
+2 positive -1 negative

Congressional oversight committees, Federal agencies implementing the Act (Treasury, Executive), US national security interests

Positive-direction: Congressional oversight committees, US national security interests

Negative-direction: Federal agencies implementing the Act (Treasury, Executive)

Financial Services
2 mentions across 2 clauses
-2 negative

Entities facilitating transactions for sanctioned persons, US financial institutions (compliance with blocking orders)

Data Brokers & Analytics
1 mention across 1 clause
-1 negative

Data brokers dealing with Chinese entities

General Public
1 mention across 1 clause
-1 negative

US persons transacting with Chinese-connected entities

Media & Entertainment
1 mention across 1 clause
-1 negative

TikTok content creators and advertisers

7/12
sections analyzed
Full impact breakdown

Bill Structure & Actor Mappings

Who is "The Secretary" in each section?

Domains
Data Privacy Trade & Sanctions
Actor Mappings
"the_secretary"
→ Secretary of the Treasury
Domains
National Security Trade & Sanctions
Actor Mappings
"the_president"
→ President of the United States
Domains
National Security Technology Regulation
Actor Mappings
"the_president"
→ President of the United States

Note: The Secretary refers to the Secretary of the Treasury in Title I, while the President is the primary actor in Titles II and III

Key Definitions

Terms defined in this bill

3 terms
"China" §5_china

The People's Republic of China, its government, and any entity acting on its behalf or benefit

"connected software application" §5_connected

Has the meaning given in Executive Order 14034 relating to protecting Americans' sensitive data from foreign adversaries

"election interference" §5_election_interference

Activities originating from outside the US (or allied country) that tamper with, alter, or misappropriate information to interfere with election processes

We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.

Learn more about our methodology