Directs agency heads to provide prompt access to relevant records and rescind guidance that hinders such data sharing. Additionally, agencies must secure data access from state programs receiving federal funding.

Acting IRS Commissioner Melanie Krause is resigning over an agreement share immigrants's sensitive tax data with Immigration and Customs Enforcement. ICE would use the data to indentify and deport undocumented people living in the United States. The agreement was signed Monday by Treasury Secretary Scott Bessent and Homeland Security Secretary Kristi Noem. Several IRS officials have resigned or been fired over access to sensitive financial and personal data since the president's inauguration.

The order directs Federal agencies to revoke any active security clearance held by Christopher Krebs. It instructs the Attorney General, the Director of National Intelligence, and other relevant agencies to suspend any active security clearances held by individuals associated with Krebs, including those at SentinelOne, pending a review. Additionally, the Attorney General and the Secretary of Homeland Security are directed to review Krebs' activities as a government employee, including his leadership of the Cybersecurity and Infrastructure Security Agency (CISA), and to evaluate all of CISA’s activities over the last six years, with a joint report to be prepared upon completion. [Editor: Christopher Krebs is a former Trump I administration cyber-security official. Later he was a cyber-security official in the Biden administration. He was critical of the president in November of 2020 as the president sought to spread falsehoods about the election. The president fired Krebs via tweet.]

The order directs federal agencies to enforce the "Tools to Address Known Exploitation by Immobilizing Technological Deepfakes on Websites and Networks Act", or the “TAKE IT DOWN” Act. This law introduces criminal penalties for intentional disclosure of nonconsensual intimate visual depictions and mandates covered platforms to remove such content.

The order directs federal agencies to amend previous executive orders concerning the nation's cybersecurity. The Secretary of Commerce, through the Director of NIST, is instructed to establish a consortium with industry to develop secure software practices by August 1, 2025, update security and privacy controls for information systems by September 2, 2025, and develop a preliminary update to the Secure Software Development Framework by December 1, 2025. The order also addresses the security of internet traffic and the potential threat of quantum computing to public-key cryptography.

The administration provided deportation officials access to Medicaid personal data for millions of enrollees. The data includes enrollee immigration status. The dataset includes details on enrollees in several U.S. states, including California, Washington, and Illinois that allow non-citizens to enroll in Medicaid programs that pay for services using only state dollars.

The order directs federal agencies to extend the enforcement delay of the Protecting Americans from Foreign Adversary Controlled Applications Act, specifically as it applies to TikTok, until September 17, 2025. During this period, the Department of Justice is instructed not to enforce the Act or impose any penalties for noncompliance, including for actions related to foreign adversary controlled applications. The Attorney General is tasked with issuing written guidance to implement this directive and to confirm to each provider that no violations of the statute have occurred during the specified period.

The order directs federal agencies to extend the enforcement delay of the Protecting Americans from Foreign Adversary Controlled Applications Act to TikTok until December 16, 2025. During this period, the Department of Justice is instructed not to enforce the Act or impose any penalties against any entity for noncompliance with the Act. The Attorney General is also directed to issue written guidance and a letter to each provider stating there is no violation or liability for any conduct during the specified period.

The order directs federal agencies to implement the Protecting Americans from Foreign Adversary Controlled Applications Act, which regulates foreign-controlled applications, specifically TikTok and its parent company, ByteDance Ltd. The Act prohibits entities from distributing, maintaining, or updating these applications within the U.S. territory. However, the order also allows for a "qualified divestiture," which means TikTok can continue to operate if it is no longer controlled by a foreign adversary. A plan has been proposed for TikTok's U.S. operations to be operated by a new U.S.-based joint venture, which will be majority-owned and controlled by U.S. persons.

The order directs federal agencies to strengthen the nation's cybersecurity by focusing on protections against foreign cyber threats and improving secure technology practices. This includes advancing secure software development, adopting the latest encryption protocols, and refocusing artificial intelligence cybersecurity efforts towards identifying and managing vulnerabilities. The order also emphasizes the importance of personal cybersecurity measures such as using stronger passwords and regularly updating software.