A

You're listening to TechTank, a BI weekly podcast from the Brookings Institution exploring the most consequential technology issues of our time. From racial bias and algorithms to the future of work, TechTank takes big ideas and makes them accessible. Welcome to the Tech Tank Podcast. I am co host Nicole Turner Lee, the director of the center for Technology Innovation at the Brookings Institution, founder of the AI Equity Lab, and editor in Chief of the Tech Tank blog. Now, many of us in today's conversations about artificial intelligence and emerging technologies, we're sort of caught on these conversations on responsible, ethical, inclusive AI. I know I am, but one of the areas where we don't talk enough about is national security. As concerns around data flow, supply chains, semiconductors and cloud infrastructure drive US national security policy, the government relies on a growing, complex set of regulatory tools to protect critical technologies. As I think about it, I'm actually not that far off from this conversation. Just last year I was part of a critical infrastructure group that was organized by former Secretary of Homeland Security, who brought together just a a range of stakeholders to talk about AI's potential attack on critical infrastructure. So I had to correct myself because I know a little bit more about this than I probably think I did. But today I have an expert who knows more than me, and I've known this person for quite some time, so I know you will be delighted. He has an upcoming book, Navigating Technology and National Security, which offers a clear and detailed look at these tools that I just talked about that are protecting critical technologies and in particular, how they're shaping US Technology governance. Justin Sherman, I'm going to tell you a little bit more in a moment. He examines in this book key programs such as the Committee on Foreign Investment in the United States and Team Telecom and others to provide insights into how these systems work, why they matter, and what their future means for innovation and national security and honestly, what's becoming a rapidly changing world. I I'm pleased to have Justin join us. He is the founder and CEO of Global Cyber Strategies, as well as a fellow at the Atlantic Council's Cyber Statecraft Initiative. He's also an adjunct professor at Georgetown University's Master's School of Foreign Service. He's advised companies and government on cybersecurity, data policy, tech governance. You know, I know him from his days in civil society, where we often were conjoined at the hip looking at issues related to data privacy as well as national security and the digital divide. So I'm so happy, Justin, that you can join me today. Welcome to the podcast.

B

Thanks very much for having me.

A

I cannot believe that you also wrote a book. You know, Justin, I wrote a book as well. Right. You know that, right?

B

And I got. I have the book on my shelf.

A

Oh, thank you so much. And I have yours now, sort of like in a PDF, so make sure I get a signed copy. Okay. Of the book. Now, I want to ask you a question that many people often ask me when I'm talking about the book I wrote. And. And again, I've known you for quite some time, and so I'm just so excited that you put pen to paper, because I remember the days when both you and I had no time to put pen to paper. So I want to know what motivated you to write your upcoming book. What gap in public understanding of policy did you, like, really want to address? Like, what got you to sit down and craft what I had found as I looked through the book and read it. You know, something quite interesting in terms of that preview copy.

B

It's always, as you said, such an interesting question for anyone who writes something longer of this length. I mean, my motivation was really a couple of things. One is we hear a lot about how technology today, whether it's artificial intelligence models, whether it's robotics, whether it's biotechnology is impacting security, geopolitics, and so on, but there's often a lack of understanding of how the US Government in practice actually approaches some of these challenges. And the second motivation for writing this book was, and obviously you and your colleagues have been a huge driver of this as well, there's a lot of really important debate about technology regulation from the perspective of consumer protection, from the perspective of civil rights, from the perspective of equity and so on. And so what I wanted to do with this was look as well at how the US Government actually already governs a lot of technology, but not for, unfortunately not as much for consumer protection reasons, but really for a lot of national security reasons. And so all to say, that's kind of what I try to tell in this book, is the history of how the US Government has come to govern so much technology, so much data, through national security powers, why it does it that way. What are the pros? Right. Sometimes there are national security issues that maybe a consumer focused law wouldn't address. And what are some of the cons? Right? National security law can be very secretive. Right. It's focused on protecting a very particular set of interests that might not always equal the public's interest or the interests of every American. And so I kind of wanted to untangle some of that in this era, because we're seeing more of these debates than ever. And shedding a light on how we got here, I think is critical to sort of charting the next chapter.

A

So that's what I thought was interesting in the book. Right. Because this is a very vast regulatory landscape, I guess. When you were putting this together and you were doing the research and sort of coming up with your recommendations, were you. Are there any findings that particularly surprised you? Right. Because you and I know there are often misperceptions or misconceptions among policymakers, investors, industry leaders that you're hoping to either correct or amplify within the book. So tell me a little bit more about that. Like what were your surprises?

B

It was really interesting to see how many patterns. Any historian listening is laughing that I find this surprising. But, you know, to see how many patterns repeat themselves in these debates. Right. And I'll get to, in a minute. Things that are different and misconceptions we need to fix in terms of what's new today. But the book starts before the United States was founded because the colonies actually were already the American colonies were already using export controls and trade embargoes to restrict the sale of different goods to foreign entities, in that case, you know, Britain, and then goes forward from there, right. Through many more years of export controls. Looking at in the 70s, the US started screening investments coming into the US for national security risks through the Committee on Foreign investment in the U.S. we now have programs that regulate telecoms for national security. We have programs that regulate cloud services, data transfers, and so on. And so I'll just say it was very interesting to me throughout the couple hundred years that a couple of themes have really persisted. One is that over time, industry has pretty consistently complained about a lack of transparency into this governance, saying, you know, you're coming in and you're preventing us from selling goods to Germany or Korea or now China, let's say. Right. Or you're investigating a lot of our business practices or you're blocking investments in U.S. companies for security reasons. And throughout this period, it's been pretty similar feedback from companies that they don't feel they have a good insight into how or why the US Government makes these decisions. Companies pretty consistently have asked over the years for specific lists of technologies that the US Government does see as a risk or doesn't see as a risk. And so anyway, so that was one interesting theme to sort of see the same consistent criticism and pushback. Another consistent theme is that let's say we're regulating data, right? We could always have a debate about how much data is sensitive, right? Or what's that number at which data becomes dangerous. Or in the 90s, I talk about this was the debate with supercomputers and Russia, right? Was during the Cold War, the US government had a lot of export controls limiting the sale of supercomputers to the ussr. After the Soviet Union collapsed, the Clinton administration relaxed a lot of those export controls because they said, we want this burgeoning US computer industry, as they called it then. You know, we want this computer industry to thrive, so we want to sell more technology to Russia. It was the same debates then of at some point you have to pick a number, right? And so they said, okay, this is the line where anything above it you can't sell, it's too dangerous. Anything below it, you're totally good to sell. But we've seen that theme again throughout these time periods is the government at some point has to draw a line around what constitutes a national security issue with technology, what's too great a risk, what that number looks like. And so that creates interesting questions. The third thing I'll just say to wrap on this question is you also had mentioned misconceptions. And so one misconception among others that I highlight is how today, when we talk about AI, we talk about software, we talk about data. Policymakers are talking about governing a lot of digital, intangible things, AI, model weights, source code, data points in a file, right? But a lot of the regulatory structure we have to govern, technology in this security area was built for physical, tangible goods, right? An actual device, copies of paper that had written on them, technical schematics, military equipment. So one misconception I talk about is, okay, if we're going to have these debates today about how do we control the spread of AI, we're talking about modern issues, but the tools we have to address them are not always well suited because they were built for an era where you couldn't just share information and upload things on the Internet so easily.

A

I think what you're also leading into is sort of the maze, right, that has come with the US's National Security Regulatory landscape. You know, there are key structural features of this maze, and it's challenging, I think, for not just industry and investors, but even for policymakers to sort of understand that. And I'm very sensitive to your comment that you just made around our tech policy really being closely aligned with national security interests as to whether or not we're going to support or strip US Infrastructure, particular technologies which maybe we can get into a little later. But how would you describe that maze that I'm sort of suggesting? I mean, are there other features of it that are worth mentioning, Justin, that you also talk about in the book?

B

Look, yeah, it's a good question. A lot of these, there are a couple general. If we say, okay, what are we actually talking about with these regulations on this governance regime? There are a couple models for how these laws and regulatory regimes work. One is a licensing based regime which is a US company building a certain technology or doing something in the tech sector can't do a certain thing unless the government explicitly provides permission. So one example is export controls, right? This is how they've worked for some time. A company generally making chips, let's say, or certain kinds of microelectronics might be prohibited since 2022 from selling that technology to Russia or to certain countries known to share technology with Russia. But the US Government if it wants, could say here's a license, you are permitted to actually go forward with this particular sale because we've granted you an exception. So they sort of set up these, these blocks on what the private sector can do and then you can get case by case exceptions. The, the, the date the bulk data transfer program set up in the Biden administration, I worked a lot on this was set up to similarly control how can companies share and transmit Americans data in large data sets overseas. And it's similarly based around licensing, right? So certain things are blocked by default. But then there's a licensing process where you can get an exception. A second model of this maze is that the government will actually go do case by case reviews of particular business decisions. So I mentioned the committee on foreign investment in the US cfius. I put that in this bucket where if a US company is taking an investment, let's say from an Israeli venture capital firm or maybe an Australian private equity fund or perhaps a state owned entity in Eastern Europe, they might have to alert the US government to that investment. If they're in certain sectors, let's say a critical military technology or even just a cloud company broadly, they might have to report that investment. The U.S. government will review it. This is also how summary cable licenses work. A company wants to hook up one of these undersea cables to the U.S. they similarly go through a review process, right? It's not a license with an exception. They have to go through a case by case, basically audit. So all to say it very much is a maze because these different programs the US has set up over time Overlap. Some of this is new technologies. We didn't have cloud computing as we do today. Fifty years ago, we didn't have, even though as you've written about and talked about at length, so please correct me, but while some of the AI techniques and methodologies existed a while ago, we didn't quite have LLMs like we do today. So some of this maze is hard to parse because of new technologies. But part of it, as I said, is also the challenge of we're taking these years old laws and regulations and trying to apply them to a world of hacking and really global technology and a really complicated and fast moving threat and technology landscape.

A

Well, and that makes sense. I mean, I think this is something that we're seeing across the board, that our policy regimes are not necessarily structured, right. For these emerging technologies in which we're seeing. And your research sort of speaks to why it is we need to have this regulatory toolkit. I mean, I think that's one of the benefits of the book. It's like there are these blind spots, right, that we have to address and there are tools that, you know, do not either get as much attention as they could be applicable, right, to this new landscape. And then there are some tools that we might need to create ourselves in the, in this context, in time. I mean, I want to talk to you a little bit about that because. Come on, Justin, the regulatory toolkit is something that we as policymakers, this is part of our speak, right, in terms of trying to make sure there's something that everybody can find, a resource that works for them in the policy and regulatory landscape. Talk to me a little bit about why we still need to stay tethered to this idea of the regulatory toolkit. And then where you see some of the major weaknesses though, or blind spots of doing such a.

B

There are. I appreciate you asking this because it's good to make me put a fine point on it. There are lots of reasons to have governance and regulation of technology that specifically focuses on national security. Part of this is that we live in a really complicated global environment where, you know, as we hear about all the time, technology is very interconnected. It's very easy for people around the world to hack into all kinds of systems. And so there's a need to look at the private sector tech landscape and say, okay, what are the threats facing different companies that are building innovative technologies that are collecting lots of data that are really big drivers of the American economy or provide really critical services to, let's say the healthcare sector or you know, for traffic light systems or water treatment plants. Right. So there's a real reason given hackers in China and Russia and cybercriminals and other threats to kind of look at the technology in the US and understand how we can better protect it. Another reason to have a lot of these regulations is that companies, you know, different companies have different motives, but generally most of the large tech companies in this country obviously are driven by profit. Right. And so, and I'm not, and I'm not suggesting, and I say this in the book, I'm not suggesting that US Companies should make all their decisions based off what the US Government wants. Like, I'm not saying that. And I think in the current moment we're seeing how bad that can be. But it's still true that, you know, if a cloud company wants to break into the market in China, for example, their first thought might be how do we expand our market share? Not what are the security risks of this activity. Right. Similarly, there are lots of really innovative companies that are competing to build AI systems to improve healthcare image analysis, or maybe they're building new biotech innovations or robotic systems and they want to grow their company. So they look to take investments from foreign investors, they look to build into global technology stacks. And it's not actually out of any malice or sort of active neglect, but just they're just not aware of maybe some of the national security implications of what they're doing. So all to say I think these are real strengths of these regulations is these are opportunities for the US Government to say, you know what, when a Chinese investor bought Grindr, the gay dating app, which happened a few years ago, they got access to tons of sensitive data and were actually concerned there. Or hey, you know what, if you're actually going to export this semiconductor or this other technology to this country in Europe, FYI, you might be actually passing it off to the Russians who might put it in a missile they fire at a hospital in Ukraine. Right. So there are lots of these real examples where there's real reasons to have it. Again, though, as I've mentioned, anytime you're governing something and it relates to national security, you're also going to have issues like limited transparency. It's harder for companies to navigate because of that. And so like anything, as you joked in our policy wonky land, there's lots of trade offs that come with the toolkit that we have.

A

Well, and it's so interesting too, I mean, because one of the things that I've said as it related to national security is that privacy or data privacy is a national security concern. And I want to go down this path. Right. Because I know you've written extensively about this, you know, in the past, as well, about privacy and data protection as it relates to national security. And if Congress were to create a baseline federal privacy law, I mean, wouldn't some of these elements that you're discussing also be addressed? Right. You know, the Grindr example is a great example where we kind of see what started out as more of a consumer issue becoming more of a national security issue. And we. We can even get into AI. Right. And how that's made it even more complicated when you start to think about this relationship between technological assets and, you know, the type of data disruption that we're seeing and data corruption that we're seeing in these spaces nowadays. So what do you think? I mean, does baseline federal privacy solve some of this, Justin? Or is it, you know, the toolkit in national security sort of has to be the one that sort of leads this discussion going forward.

B

I think you're right. And as you said, we've been banging this drum and many others have been banging this drum for years at this point, the privacy is a national security issue. I agree completely. I write in here. Right. That I think the primary approach we should be taking to tech governance is not a national security one. Right. Because first and foremost, we should worry about Americans privacy. Right. We should worry about inherently. Right. We should worry about issues like access to technology, can different types of people. I mean, again, back to a lot of your work, the equity issues, competition is another big one. Right. I think a lot of Democrats and Republicans are on the same page about this in terms of we need to break up some of the chokehold that only a few companies have on the tech sector. So there are lots of reasons to me to govern tech that don't have anything to do with national security. You help national security by doing it. I think, as you said with Grindr or something else, it would be helpful to have a comprehensive privacy law when the law that of course, covered a lot on this show, when Congress passed the law last year to ban or divest TikTok, when they originally wrote the law, I met with, you know, a number of the staff as they were doing it, and I sort of made the point that, you know, I don't disagree. Right. That there are security issues to look at at TikTok. But to the point you just made, Nicole, I said to them, you know, you're basically saying that if this company is in US Hands, there's no data problem. And I pointed out to them under the law that as they had written it, I said, you know, you realize that you're in this law itself, you're saying that if a US company owned TikTok and sold all of the data to a bunch of data brokers, that would be completely fine, but you're so focused on the ownership of China issue that you're missing it. So I say that as an example where if we have the comprehensive baseline, I think that helps us on the security front on top. Sure. We might need a few extra controls. Right. If you're trying to protect data from a criminal, you're going to need additional protections to protect it from a foreign spy agency. Right. That's just a difference in the magnitude of the threat. But I agree that we wouldn't need a lot of these complicated national security regulations for tech if we really double down on actually having comprehensive, consumer focused rights, focused governance for technology.

A

Yeah. And I think that's like such a great point. Right. That sort of spills into the national security debate, which actually, I love your book because it should also be something that we're sort of thinking about as we append some of the regulatory strongholds we've had in this space. I mean, I'm also thinking about, you know, this data broker issue that you just mentioned and sort of bringing in other countries outside of China. Right. Because that's all we talk about is China in this country. You've written about Europe's data broker market and its risks as well. And I'm, I'm just curious how you see the EU landscapes creating spillover risk for US Security and what can transatlantic partners do together. Right. Because again, you know, and you and I both know this, whenever we talk about national security, it's like us against China. Right. And the US is usually everybody else. Right. Outside of Russia. So I'm just curious, like, can we look at how Europe has dealt with that debt and broker market and see if there are things that the US can actually benefit from? On the transatlantic side, there's way too

B

much that the US should be doing with allies and partners in this area. I think the China example you just named is a great one where just the fact that so many countries might have a feeling that they're being pressured to sort of pick are you with China or are you with the United States? I think speaks to the importance of having these strong relationships. Right. And that's a very reductive view of looking at it. And I don't think that Policymakers should push that framing. But all to say, I think that it underscores the importance of the partnerships. The Europe data broker issue is interesting because GDPR in Europe is obviously so often pointed to as a gold standard for privacy legislation. It was roughly copied by Brazil. It was roughly copied by India. There are lots of other countries that look to it as a model, and there are lots of. There are parts of it that I think are really good in that respect, but there are also lots of issues. And I think one problem that Europe has had with technology, in my opinion, is actually they're really focused on the consumer and the market questions, which is very important. We have failed to do that properly in the United States, but in doing so, there's much less attention to the national security issues. So I had written recently, for instance, about how there are lots of data brokers operating in Europe right now that are actively selling data on European defense organizations that are actively selling data, actually about the US Military for when the US Military has a base, let's say, in Germany, and the European data broker will collect and sell all this Data about those U.S. troops. So it was an interesting illustration, I think, of this dynamic you're drawing out where we can work more with allies and partners to address these shared data challenges. We can also, as we're doing right now in the US Say, you know what, we're going to do it alone, and Europe doesn't know what they're doing, and we don't need to work with you. But then this creates opportunities like this for adversaries to say, oh, there's a great gap, you know, maybe in a different world. Europe's combining its thoughts on consumer privacy. The US Is bringing a different perspective, including national security, and we continue to figure out a way to make that mesh. But instead, we sort of have these issues that are left currently unaddressed for both the Europeans and us in the United States.

A

Well, and that seems so interesting because I know in your work you've advised just kind of taking it to the space that you're in, you know, both government and the private sector. And then on the company investor side, you know, all of what we're talking about just creates so much ambiguity, right, for people to understand it. Which is why I think your book will be just a useful resource as well for many people trying to get their handle on getting a handle on this. I mean, what practical steps, Justin, should people be taking now in light of these regulatory developments? I mean, they're one day hot, one day cold, right? And I think the national security space is not exempt from some of that ping pong that's going on right now. I mean, what would you say honestly to your people about how to sort of navigate these regulatory developments that we're seeing both in the United States and globally?

B

I'd say a few, and I do say a few things. One is to make sure you hire a really good group or reference a really good group to track all of the back and forth on tariffs and executive orders. I gave up.

A

That's right.

B

I was gonna say I gave up. I gave up. I joked clients, I gave up three days in this year and trying to track it. But there are obviously lots of, you know, Brookings, other think tanks, csis, others that, that track it, that do the day by day. So I recommend folks stay on top of that. The, the, the second thing is even if there are shifts currently, it's very volatile with what's going on. Nvidia can sell chips to China. No they can't. Yes they can. Or you know, in the last two administrations a lot of people saying it's a national security risk to do too much AI or cloud or chips in Saudi Arabia and Qatar and UAE because of all the China connections. And now they're saying, oh no issue here. Right. So the second thing I say is a lot of people, including in the administration currently are actually not happy with some of these decisions. As you noted, there's a certain hard line that a lot of policymakers have towards China. And so that's the second thing I say to companies now is even if there's going to be a brief period of attempts at a trade deal with China or talks of a trade deal with China in this administration over the long, you know, and I'm talking 10, 20, 30 year horizon coming up. The general bipartisan consensus though is to have these restrictions vis a vis China. So, so that's kind of my second piece I say to companies is you can act now. If there's a gap, obviously that's your decision. But you should also plan for in the long term a lot of these controls are going to come back because even if we can't get our consumer act together, some of these national security issues, including on China, remain pretty strongly. If you talk to these members of Congress and such privately, pretty strongly a bipartisan issue.

A

I want to just go to one more question in your book which I think would be really interesting to the crowd to particularly as we see cloud computing become even more prominent in your book you write about, know your Customer protocols for cloud computing. And I find that to be such a great title as well as, you know, chapter, because what you're doing is with Frontier AI sort of increasingly relying on vast cloud compute. And Darrell west, my co host, and I just talked about data centers and compute. You know, I'm curious what you think successful regulatory regimes or corporate safeguards will look like for monitoring, training and then what efforts are going to be needed to sort of push this through the Trump administration. Because I find with cloud computing becoming much more prominent, there's sort of like this implicit notion that the cloud will be okay. Right. When in essence what we're actually seeing with some of these challenges we've had over the last few weeks with the cloud sort of going offline, you know, it's a pretty vulnerable asset as well. Right. And I'm just sort of saying that as my own experience of not being able to get on some of these websites because the cloud was down for some of these, you know, over the last couple of weeks. So just tell us a little bit more about like how a successful regulatory regime will look like and how you sort of massage that in this piece around know your customer protocols. And I want to hear what you think the Trump administration will do, if anything. Right. Because it is again becoming very prominent in terms of the cloud as a, as a huge element of dependency for the type of technology we're expecting with AI huge dependency.

B

I'll go in order of your question. So the know your customer concept basically is that the Commerce Department and this was actually initiated under the, the Trump administration one and it just took a while but to, to come to fruition. But the Commerce Department said we want to take the concept that was really implemented a lot after 911 to counter terrorist financing in the financial sector. We want to take the concept of know your customer, know who you're doing business with and apply that to cloud companies, specifically IaaS Infrastructure as a service providers in the United States so that they also know their customer. So they're not in the Commerce Department's concern for unknowingly helping an Iranian defense university perhaps train a bunch of drone related AI on a Microsoft cloud system. I'm making this up, right? Or accidentally have someone in China use it that they think is a security risk. And there's concerns about the concept of an AI race, which I don't entirely like, but that was kind of the motivating. And so this program says to cloud companies, you're going to have to set up, as you noted, some monitoring, some regimes internal to your company to look at, who are we selling to? What are they doing on the system? The challenges here are that there's a lot of industry pushback, which, as we know, under the Trump administration. To get to your last question, really resonates with this administration when there is industry pushback. There's a lot of cloud companies saying, we don't like this idea that say we have a hard enough time as it is selling in certain countries because they still think 12 years on from the Snowden leaks, that we're basically an arm of the US government. We don't want to have to go into these sales meetings and say, oh, by the way, we monitor half of what you do constantly on the system and track it so the US government can look at it. That's not something that the industry likes very much. There's also a challenge of implementation, as you said, AI and everything is moving so quickly. There's a lot of dependence on these cloud systems. They're important economically. They support critical sectors. So how do we ensure that what's being proposed here from a policymaker view is actually implementable on the technology side? So all to say, I think the Trump administration is going to be obviously really receptive to those industry arguments. Deregulation is the name of the game right now. And so I, I would be. I don't think the program is going to go away. A lot of this has been put in motion. But I would be shocked if the Trump administration started really enforcing these KYC rules anytime soon.

A

Yeah, no, it's uncertain if they do. Right. But at the same token, it's to your point. It's like, do we really need to do that right at this moment? You know, I want to end with where do you expect the biggest changes in the US's regulatory direction? So, you know, spin your crystal ball here and let me know. Stronger data broker oversight, platform risk reviews, new rules for cloud and AI access or others. Like, what signals should our listeners be watching for? Justin, because this has been a fascinating conversation and I cannot wait for you to tell us more about how to get your new book, but just give me that prognosis of where you think we're headed in terms of the biggest changes of regulatory direction.

B

I'd boil it down to three things. One we just talked about, which is the US has this pretty big toolkit. CFIUS Team Telecom, the cloud kyc, the data broker program I referenced. There's now Outbound Investment Review. So if you're a VC firm, for example, investing in semiconductors in China. You will also now have to go through a review. So you know, the first point would be, as we were just talking about, we have this big toolkit, it's probably going to be underutilized in the Trump administration, but it's still sitting there. It's not, it's not good that it's on a shelf, but whoever is in office next, and probably the several after that will pick that toolkit back up and start using it. So that's the first thing. The second is I think anything related to China and data seems to be really salient for, for policymakers, but also state attorneys general and others who can actually bring lawsuits and litigation. Right. We've seen states that have been pretty active across the board against Meta, Google, TikTok, right? Pretty, pretty evenly in terms of suing for privacy violations. Then we've had other state attorneys general and other regulators that seem to, in my interpretation, care much more when it's TEMU or when it's TikTok than when it's Instagram. Right. So there's sort of this salience to, and we, and I could go on for 10 hours, which I won't do about if that's right or wrong. But, but, but, but that seems to be salient, right, that if there's the China connection. The third thing I'll mention is kids, right? And maybe this is now I'm not so much talking about my book, but just as a general, you know, point is anything related to kids, right? We've seen, and I, and I think a lot of this is great, right? We've seen a lot move around. How do we address chatbot harm to young children, especially young women and young girls, especially LGBTQ children and so on, right? How do we think about kids privacy? And there's also concern about China and kids privacy. So I think that would be the third kind of prediction, if you will, would be anything related to kids and protecting children, obviously, incredibly, incredibly vital to do is gonna drive a lot of US Regulatory direction in the next decade plus.

A

Perfect. I think we've got a plan, folks, in terms of just things to keep an eye out on. And I'm so excited again about your book, Navigating Technology and National Security. Tell us where we can find it and is it out yet? Can we get a copy of it in form where we can touch it?

B

Well, as you said, Nicole, you and your team will certainly be getting a hand delivered set of copies, but not if this, you know, if this ends up airing pre, pre December 16, then you know, you can pre order it and if this is after that, then you can go ahead and just order it. Amazon, Barnes and Noble, wherever you get your books.

A

Perfect. Well, we will definitely be waiting for our package and putting this out so others can hear about just how important this conversation is. We've talked about a lot of different areas here and I could have gone on and on and on, just even about some of the other things that you shared during the podcast in terms of export controls, etc. But you know, we need another hour just to go through all that stuff. Thank you so much for joining me.

B

Thanks again. I appreciate it.

A

Listen folks, this is what we do at the Tech Tank Podcast. We bring to you in depth content and if you want to hear more about this, please please please follow our Tech Policy Issues at Tech Tank newsletter, which is available on the Brookings site, which is accessible at brookings. Edu. Your feedback matters to us about the substance of this episode and others, so please leave a comment, Share it. Let us know your thoughts, suggest other topics you'd like for us to discuss in future episodes. This concludes another insightful segment of the Tech Tank Podcast. We make bits into palatable bites. Until next time. Thank you for listening. Thank you for listening to Tech Tank, a series of roundtable discussions and interviews with technology experts and policymakers. For more conversations like this, subscribe to the podcast and sign up to receive the Tech Tank Newsletter for more research and analysis from the center for Technology Innovation at Brookings.