United States of America: Securing and Establishing Consumer Uniform Rights and Enforcement over Data Act (SECURE Data Act) including cross-border data transfer regulation was introduced to House of Representatives

On 21 April 2026, the Securing and Establishing Consumer Uniform Rights and Enforcement over Data Act (SECURE Data Act) was introduced in the House of Representatives. The SECURE Data Act would designate the United States Secretary of Commerce as the principal adviser to the President on policy relating to the international flow of personal data and the protection of personal data in international commerce. The Secretary of Commerce would be required to assess foreign government laws, regulations, requirements, frameworks, and practices for alignment with the SECURE Data Act and for impact on United States consumers, businesses, and economic and security interests, develop policy recommendations on international data flows, and establish frameworks, certifications, principles, and partnerships to facilitate the international flow of personal data. The Secretary of Commerce would be permitted to enter into agreements with foreign governments, international forums, or foreign political or economic unions to promote the international flow and protection of personal data, provided such agreements do not conflict with the SECURE Data Act and remain consistent with United States economic and security interests. Such agreements would be submitted to the Committee on Energy and Commerce of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate within 60 days of being entered into. Controllers would also be required to disclose in privacy notices whether personal data is transferred to, processed in, stored in, or sold to a covered nation. The cross-border data flow provisions of the SECURE Data Act would take effect two years after enactment.