The Federal Trade Commission (FTC) has sent letters to 13 data brokers, reminding them of their responsibilities under the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (PADFAA). This law prohibits data brokers from selling or disclosing sensitive personal data about Americans to foreign adversaries, including countries like North Korea, China, Russia, and Iran.

PADFAA defines sensitive personal data to include various types of information such as health, financial, genetic, biometric, geolocation, and sexual behavior data, as well as account credentials and government-issued identifiers like Social Security numbers. The FTC emphasizes its commitment to enforcing this law and ensuring compliance among data brokers.

Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection, stated that the letters serve as a warning to data brokers to adhere to the law’s requirements. The FTC has identified instances where some recipients of the letters have offered insights related to individuals' military status, which falls under the law's purview.

The letters urge the companies to conduct thorough reviews of their business practices to ensure compliance with PADFAA. Violations of the act could lead to enforcement actions by the FTC, potentially resulting in civil penalties of up to $53,088 for each violation.