New Trade Bill Allows Customs to Share Your Online Marketplace Data Over 'Reasonable Suspicion' of Counterfeits

This legislation amends Section 628A of the Tariff Act of 1930, dramatically changing how U.S. Customs and Border Protection (CBP) fights imported counterfeit goods. In short, it makes it much easier for CBP to share sensitive information—including nonpublic business data—with intellectual property (IP) rights holders, like the owners of big-name brands.

The bill lowers the standard for CBP to share information about suspected counterfeit merchandise. Currently, CBP shares data when it “suspects” a violation. This bill changes that to “reasonable suspicion.” Think of it like this: if the previous standard was a yellow light, the new one is a flashing green—it gives CBP more flexibility to release information earlier in the process (Section 628A(a)(1)).

The New Data Frontier: Sharing Nonpublic Business Info

The biggest shift here is what CBP can now share. Beyond images of the merchandise and packaging, CBP can now share “nonpublic information” that was generated by third parties involved in the import process—specifically naming online marketplaces, express consignment operators (think FedEx or UPS), and freight forwarders. This means operational data these companies provide to CBP, such as specific shipping routes, logistics details, or even internal marketplace data, can now be shared with the rights holder (Section 628A(b)(2)).

For a small business owner who imports goods, this is a double-edged sword. If you’re importing legitimate products, this expanded sharing could help quickly identify and stop the bad actors who undercut you with fakes. However, if your shipment is flagged, even incorrectly, as having “reasonable suspicion” of a violation, your proprietary shipping and logistics data—which might reveal your supply chain secrets—could be handed over to a major brand owner.

Who Else Gets a Seat at the Table?

Another provision introduces significant vagueness. The bill expands the list of parties who can receive this sensitive information to include “any other party with an interest in the merchandise, as determined appropriate by the Commissioner” of CBP (Section 628A(b)(3)). This is a huge grant of discretion. Who qualifies as an “interested party”? It’s undefined. It could be a brand owner’s legal firm, a trade association, or some other entity entirely. This means highly sensitive, nonpublic data from your online marketplace or shipper could potentially be shared with groups whose interest is only loosely defined, raising real concerns about data confidentiality and potential misuse of proprietary business intelligence.

While the bill does require CBP to notify the rights holder when they transmit this third-party nonpublic information, this notification is procedural and doesn't offer protection for the businesses whose data is being shared. Ultimately, this legislation is a clear win for large IP rights holders, giving them more ammunition and earlier access to enforcement data. But for the online marketplaces, shippers, and importers whose operational data is now on the table, it introduces new risks regarding privacy and the confidentiality of their business operations, based on a lower standard of proof.