Sanford's research was front and center in Washington, D.C. today as the House Committee on Energy and Commerce invited Justin Sherman, Senior Fellow & Research Lead on Sanford’s Data Brokerage Project, to testify as an expert witness.
The hearing entitled “Who is Selling Your Data?” was led by Chair Morgan Griffith (R-VA) as part of the Subcommittee on Oversight and Investigations. During his opening statement, Griffith cited Sanford’s data broker research specifically as a catalyst for the hearing and warned of the dangers of private data sales to individuals, calling for more efficacy and transparency for users. House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) also recommended that Congress draft and enact federal privacy laws that would reign in the sale of personal data.
During his prepared opening statement (which can be read here), Sherman spoke on Sanford’s data broker research and the copious examples of abuses found by data brokers and their clients that have been revealed through that work. He emphasized three specific ways in which lawmakers could look to safeguard user data:
- Restricting the sale of data to foreign governments
- Banning the sale of health and location data, and any data on children
- Stopping data brokers from circumventing any laws by inference (aggregated data that could create a profile of an individual without their consent)
This is not the first congressional testimony for Sherman. In 2021, he provided testimony to the U.S. Senate Committee on Finance about the dangers to U.S. privacy and security. Sherman has also promoted Sanford’s Cyber Policy Program work to various prominent outlets including PBS Newshour, John Oliver’s Last Week Tonight, CNN and The Washington Post, among others. More information on that coverage can be found here.
Sanford Leading the Way in Tech Policy
Did you know John Oliver produced an in-depth segment on Sanford cyber policy research? Or that Sanford has a Cyber Cup competition? Or that the faculty member behind Sanford's Cyber Policy Program also helped create Duke’s Data Privacy Day symposium?