Justin Sherman

@jshermcyber
63 Followers
47 Following
24 Posts
Technology, policy, and geopolitics @ Global Cyber Strategies, Duke University, and Atlantic Council. Columnist at Slate and WIRED. He/him. All views my own.
Justin ShermanJul 19, 2023
Justin HendrixJul 12, 2023

China’s New UN Internet Proposal Could Resonate with Growing Economies

Justin Sherman @jshermcyber and Konstantinos Komaitis @kkomaitis say the US, Europe and their allies lack a clear, salient vision for the future of the internet:
https://techpolicy.press/chinas-new-un-internet-proposal-could-resonate-with-growing-economies/

China’s New UN Internet Proposal Could Resonate with Growing Economies

The US, Europe and other allies lack a clear vision for the future of internet governance, say Justin Sherman and Konstantinos Komaitis.

Tech Policy Press
Justin ShermanJul 19, 2023
New for @lawfare: A new bill would require app stores to label some apps with “country of origin” and require developers to provide that information to app stores. The bill would (attempt to) make app stores remove apps that do not comply. Here’s what to know — including its strange scoping around “user data transfers” and the continued Congressional focus on “country of origin” as a risk determinant: https://www.lawfaremedia.org/article/examining-a-new-bill-to-label-apps-made-in-china
Examining a New Bill to Label Apps “Made in China”

A new bill would require app stores to label apps from certain countries. It’s another piece of legislation focused on data, security worries, and country of origin.

Default
Justin ShermanJul 11, 2023
Surprise surprise — tech lobbyists fighting a Massachusetts bill to ban the sale of location data, one of the data broker industry's most dangerous practices, instead say it should be "opt-out" — aka putting burdens on consumers and business-as-usual. https://www.engadget.com/massachusetts-weighs-outright-ban-on-selling-user-location-data-191637974.html
Engadget is part of the Yahoo family of brands

Justin ShermanMay 26, 2023
New for @lawfare: The FTC just took action against fertility tracking app Premom, which shared users’ unencrypted health data with third parties and weakly encrypted geolocation data with companies in China. Congress needs to act, as I describe within. https://www.lawfareblog.com/ftc-fertility-app-premom-and-sharing-consumer-health-data
The FTC, Fertility App Premom, and Sharing Consumer Health Data

The FTC shows again that some companies widely share Americans’ health data—and Congress needs to do more.

Lawfare
Justin ShermanMay 16, 2023
NEW: The G7 leaders summit is this week, May 19-May 21. Here’s what to expect on technology — including talk of cross-border data flows, AI regulation, and China. https://globalcyberstrategies.substack.com/p/tackling-tech-at-the-upcoming-g7
Tackling Tech at the Upcoming G7 Summit

The G7 leaders summit is this week, May 19 to May 21. Here's what to know about its expected focus on technology.

Global Cyber Digest
Justin ShermanApr 1, 2023
My column for Slate: The TikTok debate is broken. https://slate.com/technology/2023/03/tiktok-ban-debate-broken-congress-biden.html
What Just About Everyone Is Getting Wrong About Banning TikTok

Why you would ban it. How you would ban it. And if we really, truly want to ban it.

Slate
Show threadJustin ShermanMar 30, 2023
Again, a company’s owner can be one source of risk. But it cannot be analyzed in isolation. It is also essential to analyze the extent to which the same or similar data is otherwise available & whether that company is sharing data in other ways via ad networks, SDKs, and more.
Justin ShermanMar 30, 2023

Grindr is a key case study on tech companies, foreign owners, & Americans’ data. Despite CFIUS compelling a Chinese firm in 2019 to sell it back to US owners, Grindr still shares data widely. Kamran Kara-Pabani and I @lawfare in 2021 on why ownership is *one* risk vector.

https://www.lawfareblog.com/how-norwegian-government-report-shows-limits-cfius-data-reviews

How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews

CFIUS forced a Chinese firm to sell Grindr in 2019. Yet the application is sharing data widely today, including to a company in China.

Lawfare
Justin ShermanMar 22, 2023
NEW: What can we expect in tomorrow's TikTok hearing? Predictions come with 1,000 caveats—but having been involved in the DC TikTok debate for 3+ years and invited to one of TikTok's closed-door, several-hour DC briefings on 'Project Texas'—some thoughts: https://globalcyberstrategies.substack.com/p/tiktoks-hearing-in-congress-what
TikTok's Hearing in Congress: What to Expect

The TikTok CEO is testifying Thursday, March 23 before the House Energy and Commerce Committee. Here's what to expect.

Global Cyber Digest
Justin ShermanFeb 13, 2023
🚨 NEW from our Duke data brokerage research team: former student Joanne Kim asked 37 data brokers about buying mental health data, 11 of which were willing to sell it. Advertised data included depression, insomnia, ADHD, anxiety, ... — some for just hundreds of dollars. https://techpolicy.sanford.duke.edu/data-brokers-and-the-sale-of-americans-mental-health-data/
Data Brokers and the Sale of Americans’ Mental Health Data - Tech Policy @ Sanford

Data Brokers and the Sale of Americans’ Mental Health Data The Exchange of Our Most Sensitive Data and What It Means for Personal Privacy  By: Joanne Kim   Overview: This...

Tech Policy @ Sanford