Andrea M. MatwyshynProfessor of Law
Northwestern University, BA, 1996
Northwestern University, MA, 1996
Northwestern University School of Law, JD, 1999
Northwestern University, PhD, 2005
Professor Andrea Matwyshyn is a legal academic studying technology innovation and its legal implications, particularly corporate information security regulation and consumer privacy. Her book, Harboring Data: Information Security, Law, and the Corporation, looks at common mistakes companies make, which breaches go unreported despite notification statutes and surprising weaknesses in the federal laws that regulate financial data privacy, children's data collection and health data privacy. Professor Matwyshyn addresses all of these topics and more in her courses, including Internet Law and Information Security Law.
Prior to joining the Northeastern law faculty, Professor Matwyshyn was in residence at the Center for Information Technology Policy at Princeton University and served as a faculty affiliate of the Center for Internet and Society at Stanford Law School. She serves as an member of the board of advisors to the European Union Network of Excellence in Internet Science (EINS) and NYU Poly's CRISSP INSPIRE program. In 2014, she served as the senior policy advisor and academic in residence at the US Federal Trade Commission. She has previously held appointments at the the Wharton School at the University of Pennsylvania, Northwestern University School of Law and the University of Florida Levin College of Law, as well as visiting appointments or affiliations at the University of Oxford, University of Cambridge, University of Edinburgh, Singapore Management University, Indian School of Business and University of Notre Dame. Prior to entering academia she was a corporate attorney in private practice, focusing her work on technology transactions.
Professor Matwyshyn has testified in front of Congress on issues of information security regulation and is frequently quoted by both United States and international media outlets on matters of information technology, data security and privacy law and policy.
Fields of Expertise
- Information Technology
- Data Security
- Privacy Law and Policy
Harboring Data: Information Security, Law and the Corporation (Stanford University Press, 2009).
- “Privacy, the Hacker Way,” 87 Southern California Law Review 1 (2014).
- “Hacking Speech: Informational Speech and the First Amendment,” 107 Northwestern Law Review 795 (2013).
- “The Law of the Zebra,” 28 Berkeley Technology Law Journal 1 (2013).
- “Generation C: Childhood, Code and Creativity,” 87 Notre Dame Law Review 1979 (2012).
- “Hidden Engines of Destruction: The Reasonable Expectation of Code Safety and the Duty to Warn in Digital Products,” 62 Florida Law Review 1 (2010).
- “Imagining the Intangible,” 34 Delaware Journal Corporate Law 3 (2009).
- “Technoconsen(t)sus,” 85 Washington University Law Review 529 (2007).
- “Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities Regulation,” 3 Berkeley Business Law Journal 129 (2005).
- “Of Nodes and Power Laws: A Network Theory Approach to Internet Jurisdiction through Data Privacy,” 98 Northwestern Law Review 493 (2004).
- “Apple Uses First Amendment in FBI Fight,” BloombergBusiness (February 24, 2016).
- “The Implications of Apple’s fight with the FBI,” news@Northeastern (February 19, 2016).
- “The Legal Landscape of Information Security,” news@Northeastern (October 26, 2015).
- “The EPA Opposes Rules That Could’ve Exposed VW’s Cheating,” Wired (September 18, 2015).
- “Apple v Samsung Patent Verdict Reconsidered in Court,” BBC (December 6, 2012).
- “Privacy, Please: This Is Only for the Two of Us,” The New York Times (June 3, 2012).