By Rick Sofield and Crystal Stapley
In addition to its other responsibilities, the Committee on Foreign Investment in the United States (“CFIUS”) reviews certain transactions involving U.S. companies that store or collect sensitive personal information about citizens that may pose a threat to national security. As defined by CFIUS, “sensitive personal data” includes, among other things, financial data, biometrics, health data, and geolocation data.
Vinson & Elkins’ national security practitioner Rick Sofield and commercial litigator Crystal Stapley examine each category and explain how CFIUS defines “sensitive personal data” for the purposes of evaluating transactions.