Faculty Directory

Selected Works

• Books

  • Breached! Why Data Security Law Fails and How to Improve It (Oxford University Press, 2021)(co-author).
  • Privacy's Blueprint: The Battle to Control the Design of New Technologies (Harvard University Press, 2018).

• Selected Articles

  • “A Duty of Loyalty for Privacy Law,” 99 Washington University Law Review (forthcoming).
  • “The COVID-19 Pandemic and the Technology Trust Gap,” 51 Seton Hall Law Review 1505 (2021) (co-author).
  • “The Surprising Virtues of Data Loyalty,” 71 Emory Law Journal (forthcoming) (co-author).
  • “What is Privacy? That’s the Wrong Question,” 88 The University of Chicago Law Review 1677 (2021).
  • “A Duty of Loyalty for Privacy Law,” 99 Washington University Law Review (forthcoming 2021) (co-author).
  • “The COVID-19 Pandemic and the Technology Trust Gap,” 51 Seton Hall Law Review 1505 (2021) (co-author).
  • “An Education Theory of Fault for Autonomous Systems,” 2 Notre Dame Journal on Emerging Technologies 33 (2021) (co-author).
  • “A Comparative Study of Dark Patterns Across Web and Mobile Modalities,” ACM Conference on Computer Supported Cooperative Work (CSCW ’21). Virtual, October 2021 (co-author) (publication in proceedings).
  • “Towards an Understanding of Dark Patterns Privacy Harms,” CHI Workshop “What Can CHI Do About Dark Patterns?,” 2021 ACM CHI Conference (co-author) (publication in proceedings).
  • “A Relational Turn for Data Protection?,” 4 European Data Protection Law Review 1 (2020).
  • “BIPA: The Most Important Biometric Privacy Law in the US?,” 96 Regulating Biometrics: Global Approaches and Urgent Questions (AI NOW 2020).
  • “Privacy’s Constitutional Moment and the Limits of Data Protection,” 61 Boston College Law Review 1687 (2020) (co-author) (Winner of the Future of Privacy Forum’s Privacy Papers for Policymakers Award).
  • “The Inconsentability of Facial Surveillance,” 66 Loyola Law Review 101 (2019) (co-author).
  • “The Upsides of Deep Fakes,” 78 Maryland Law Review 960 (forthcoming 2019) (co-author).
  • “The Pathologies of Digital Consent,” 96 Washington University Law Review (forthcoming 2019) (co-author).
  • “The Public Information Fallacy,” 98 Boston University Law Review (2019).
  • “The Case Against Idealising Control,” 4 European Data Protection Law Review 423 (2019).
  • “The FTC Can Rise to the Privacy Challenge, but Not Without Help From Congress,”Lawfare (August 9, 2019).
  • “Why You Can No Longer Get Lost in the Crowd,”The New York Times (April 17, 2019).
  • “Body Cameras and the Path to Redeem Privacy Law,” 96 North Carolina Law Review 1257 (2018).
  • “Facial Recognition Is the Perfect Tool for Oppression,”Medium (August 2, 2018).
  • “Privacy and the Dark Side of Control,” The Institute of Art and Ideas (2017).
  • “The Indispensable, Inadequate Fair Information Practices,” 76 Maryland Law Review 952 (2017) (symposium).
  • “Privacy’s Trust Gap 126 Yale Law Journal” 1180 (2017) (book review with Neil Richards).
  • “Trusting Big Data Research” 65 DePaul Law Review 579 (2017) (symposium) (with Neil Richards).
  • “Taking Trust Seriously in Privacy Law,” 19 Stanford Technology Law Review  431 (2016) (with Neil Richards).
  • “Anonymization and Risk,” 90 Washington Law Review 703 (2016) (with Ira Rubinstein).
  • “The Internet of Heirlooms and Disposable Things,” 17 North Carolina Journal of Law and Technology 581 (2016) (symposium) (with Evan Selinger).
  • “Inefficiently Automated Law Enforcement,” 2015 Michigan State Law Review 1763 (2016) (with Gregory Conti, Lisa Shay and Jon Nelson).
  • “Unfair and Deceptive Robots,” 74 Maryland Law Review 785 (2015).
  • “The Scope and Potential of FTC Data Protection,” 83 George Washington Law Review 2230 (2015) (symposium) (with Daniel J. Solove).
  • “Surveillance as Loss of Obscurity,” 72 Washington and Lee Law Review 1343 (2015) (symposium) (with Evan Selinger).
  • “The FTC and the New Common Law of Privacy,” 114 Columbia Law Review 583 (2014) (with Daniel J. Solove).
  • “Reviving Implied Confidentiality,” 89 Indiana Law Journal 763 (2014).
  • “The Value of Modest Privacy Protections in a Hyper Social World,” 12 Colorado Technology Law Journal 332 (2014) (symposium).
  • “Social Data,” 74 Ohio State Law Journal 995 (2013) (symposium).
  • “Obscurity by Design,”  88 Washington Law Review 385 (2013) (with Fred Stutzman) (symposium).
  • “The Fight to Frame Privacy,” 111 Michigan Law Review 1021 (2013) (book review).
  • “The Case for Online Obscurity,” 101 California Law Review 1 (2013) (with Fred Stutzman).
  • “Big Data in Small Hands,” 66 Stanford Law Review Online 81 (2013) (with Evan Selinger).
  • “Chain-Link Confidentiality,” 46 Georgia Law Review 657 (2012) (symposium).
  • “Website Design as Contract,” 60 American University Law Review 1635 (2011).
  • “Promises and Privacy: Promissory Estoppel and Confidential Disclosure in Online Communities,” 82 Temple Law Review 891 (2009).
  • “Falling on Deaf Ears: Is the 'Fail Safe' Triennial Exemption Provision in the Digital Millennium Copyright Act Effective in Protecting Fair Use?,” 12 Journal of Intellectual Property Law 309 (2005).
  • “Gaining Momentum: A Review of Recent Developments Surrounding the Expansion of the Copyright Misuse Doctrine and Analysis of the Doctrine in its Current Form,” 10 Michigan Telecommunications and Technology Law Review 373 (2004).

• Selected Chapters

  • “Obscurity and Privacy” in The Routledge Companion to the Philosophy of Technology, eds. Joseph Pitt and Ashley Shew (2016) (with Evan Selinger).
  • “Do Robots Dream of Electric Laws? An Experiment in Law as Algorithm,” in Robot Law (Edward Elgar: Ryan Calo, Michael Froomkin, & Ian Kerr, eds. 2016) (with Lisa Shay, Greg Conti, Dominic Larkin, and John Nelson).
  • “Confronting Automated Law Enforcement,”  in Robot Law (Edward Elgar: Ryan Calo, Michael Froomkin, & Ian Kerr, eds. 2016) (with Lisa Shay, Greg Conti, and John Nelson).
  • “Terms of Use,” in Social Media and the Law: A Guide for Professional Communicators (Routledge: Daxton Stewart, ed. 2012).

• Commentary

  • “‘Dark Patterns’ in Consumer Data Privacy Garner Policy Attention,” Bloomberg Law (March 23, 2021).
  • “Facing Bias in Facial Recognition Technology,” The Regulatory Review (March 20, 2021).
  • “What Happens When You Click ‘Agree’?,” The New York Times (January 21, 2021).
  • “Banning Trump from Twitter and Facebook isn’t Nearly Enough,” Los Angeles Times (January 15, 2021).
  • “Twitter and Facebook Have the Right to Ban Trump’s Accounts. But That Won’t Stop the Violent Rhetoric,” Northeastern News (January 11, 2021).
  • “The Dangers of Tech-Driven Solutions to COVID-19,” The Brookings Institute (June 17, 2020).
  • “Boston City Council Hearing on Proposed Ordinance to Ban Face Surveillance,” ACLU's Data for Justice Project (June 9, 2020).
  • “Does Containing COVID-19 Mean Surrendering Our Privacy?,” Northeastern News (May 20, 2020). 
  • “Op-Ed: Coronavirus Tracing Apps Are Coming. Here’s How They Could Reshape Surveillance as We Know It,” Los Angeles Times (May 12, 2020).
  • “Professor Hartzog and Leading Technology Scholars Oppose Facial Recognition Bill,” Northeastern Law News Announcement (May 12, 2020).
  • “Don’t Use Face Recognition to Fight COVID: We Need Disease Surveillance, Not a Surveillance State,” New York Daily News (May 11, 2020).
  • “Will Contact-Tracing Apps Infringe on Data Privacy? Germany May Soon Find Out,”Northeastern News (April 30, 2020).
  • “A Scramble for Virus Apps That Do No Harm,” The New York Times (April 29, 2020).
  • “Masks and Our face-recognition Future: How Coronavirus (Slightly) Clouds the Picture Painted by Tech Firms,”  New York Daily News  (April 6, 2020).
  • “Coronavirus Testing Website Goes Live and Quickly Hits Capacity,”The New York Times (March 16, 2020).
  • “Why Europe's GDPR Magic Will Never Work in the US,”Wired (February 20, 2020).
  • “The Secretive Company That Might End Privacy as We Know It,” The New York Times (January 21, 2020).
  • “Award-Winning Paper: “Privacy’s Constitutional Moment and the Limits of Data Protection”,”Future of Privacy Forum (January 7, 2020).
  • “Think Alexa Is Too Creepy For Your Kitchen? Don’t Give It to Aunty Mary,”The New York Times (December 25, 2019).
  • “The Time for Privacy Reform is Now,”The Source (November 18, 2019).
  • “Whhat Happens When Employers Can Read Your Facial Expressions?,”The New York Times (October 17, 2019).
  • “Why You Can’t Really Consent to Facebook’s Facial Recognition,” OneZero (September 30, 2019) (co-author).
  • “Tech Addiction and the Dark Art of Persuasive Design,” Al Jazeera's All Hail The Algorithm Series (July 31, 2019).
  • “Cute Robots, Smart Underwear, and Facial Recognition in Church: Have We Gone Too Far?,”Northeastern news (March 28, 2019).
  • “You Give Apps Sensitive Personal Information. Then They Tell Facebook,”The Wall Street Journal (February 22, 2019).
  • “It’s Time to Try Something Different on Internet Privacy,”The Washington Post (December 20, 2018).
  • “Facebook’s Failure to End ‘Public by Default’,”Medium (November 7, 2018).
  • “Obscurity by Design: One thinker proposes a shift in the way we think about user privacy,”Postlight (November 7, 2018).
  • “Product Design as an Exercise of Power and Manipulation,” The Privacy Advisor Podcast (August 24, 2018).
  • “Uber Fills 'Critical' Role of Chief Privacy Officer,” CNN News (July 18, 2018).
  • “Amazon Needs to Stop Providing Facial Recognition Tech for the Government,”Medium (June 21, 2018).
  • “User Agreements Are Betraying You,”Medium (June 5, 2018).
  • “Amazon: Stop Giving Dystopian Facial Recognition Tech to the Government,”The Guardian (July 6, 2018).
  • “Amazon Needs to Stop Providing Facial Recognition Tech for the Government,”Medium (June 21, 2018).
  • “User Agreements Are Betraying You,”Medium (June 4, 2018).
  • “We Know You’re Not Reading All Those New Terms of Service Emails. You might Want To,”Northeastern News (May 22, 2018).
  • “What is GDPR and Why Should You Care?,” WIRED (May 24, 2018).
  • “How the Internet Tricks You Out of Privacy Using 'Dark Patterns' of Design,” ABC News (April 29, 2018).
  • “With In-Car Delivery, Amazon Tests Whether Customers Will Sacrifice Privacy for Convenience,” Los Angeles Times (April 25, 2018).
  • “Facebook Fuels Broad Privacy Debate by Tracking Non-Users,” Reutuers (April 15, 2018).
  • “Fact-checking Facebook CEO Mark Zuckerberg's Congressional Testimony,” PolitiFact (April 12, 2018).
  • “What's at Stake for Facebook's Mark Zuckerberg as He Testifies Before Congress,” USA Today (April 10, 2018).
  • “Click by Click, Drowning in Data, We Internet 'Users' Are Being Used,”The Boston Globe (March 28, 2018).
  • “With No Clear Liability Against Facebook, Professor Calls for Stronger Data Privacy Laws,”Northeastern News (March 22, 2018).
  • “Should Robots Have Rights?”Northeastern News (December 8, 2017).
  • “The Story Behind the Pentagon Papers, Told by the Journalists Who Lived It,” Northeastern News (November 29, 2017).
  • “SCOTUS Case Could Redefine 'Reasonable Expectation of Privacy',” Northeastern News (November 29, 2017).
  • Podcast: “Hartzog on Robocops and Automated Law Enforcement,”Philosophical Disquisitions (October 28, 2017).
  • “The Evolving Law and Rules Around Privacy, Data Security, and Robots,”Northeastern News (September 6, 2017).