Associate Dean for Innovation and Technology
Founding Faculty Director, Penn State PILOT Lab
Founding Faculty Director, Manglona Lab for Gender and Economic Equity
Professor of Law and Engineering Policy
Affiliate Faculty, Bioethics Program, College of the Liberal Arts
Ph.D., Human Development and Social Policy (applied developmental psychology), Northwestern University
J.D. with Honors, Northwestern University School of Law
M.A, International Relations, Northwestern University
B.A. with Honors, Northwestern University
(CYBER)SECURITY LAW AND POLICY: AN INTRODUCTION TO PROBLEMS IN COMPUTER AND INFORMATION SECURITY (forthcoming
2022) (with Stephanie K. Pell)
HARBORING DATA: INFORMATION SECURITY, LAW AND THE CORPORATION, Stanford University Press (2009) (editor and contributor).
Major Law Journal Articles
Fake, 42 CARDOZO LAW REVIEW 101 (2021) (with Miranda Mowbray)
The Internet of Bodies, 61 WILLIAM & MARY LAW REVIEW 77 (2019)
Broken 32 HARV. J.L. & TECH. 479 (2019) (with Stephanie K. Pell)
CYBER!, 2017 BYU LAW REVIEW 1109 (2018).
Privacy, the Hacker Way, 87 SOUTHERN CALIFORNIA LAW REVIEW 1 (2014).
Hacking Speech: Informational Speech and the First Amendment, 107 NORTHWESTERN LAW REVIEW 795 (2013).
The Law of the Zebra, 28 BERKELEY TECHNOLOGY LAW JOURNAL 1 (2013).
Generation C: Childhood, Code and Creativity, 87 NOTRE DAME LAW REVIEW 1979 (2012).
Salvatore Stolfo, Angelos Keromytis, Ang Cui, Ehtics in Security Vulnerability Research, 8 IEEE SECURITY & PRIVACY 2 (2010).
Hidden Engines of Destruction: The Reasonable Expectation of Code Safety and the Duty to Warn in Digital Products, 62 FLORIDA LAW REVIEW 1 (2010).
Imagining the Intangible, 34 DELAWARE JOURNAL CORPORATE LAW 3 (2009).
Technoconsen(t)sus, 85 WASHINGTON UNIVERSITY LAW REVIEW 529 (2007).
Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities Regulation, 3 BERKELEY BUSINESS LAW JOURNAL 129 (2005).
Of Nodes and Power Laws: A Network Theory Approach to Internet Jurisdiction through Data Privacy, 98 NORTHWESTERN LAW REVIEW 493 (2004).
Other Law Review Articles and Projects
Unavailable, 81 UNIVERSITY OF PITTSBURGH LAW REVIEW 349 (2019)
Cyber Harder, 24 BOSTON UNIVERSITY JOURNAL OF SCIENCE AND TECHNOLOGY LAW 450 (2018)
Artificial Intelligence and Machine Learning Applied to Cybersecurity, IEEE SPECTRUM (2018) (with David Brumley, Robert Cunningham, Chris Dalton, Erik Debenedektis, Flavia Dinca, William G Dubyak, Nigel Edwards, Rhett Hernandez, Bill Horne, Brian David Johnson, Aleksandar Mastilovic, Avi Mendelson, Dejan Milojicic, Katie Moussouris, Adrian L. Shaw, Barry Shoop, Trung Tran, and Mike Walker)
Twitter (R)evolution: Privacy, Free Speech and Disclosure, Proceedings of International World Wide Web Conference, May 13–17, 2013, Rio de Janeiro, Brazil in WWW 2013 Companion (ACM 978-1-4503-2038-2/13/05) (with Lilian Edwards)
Resilience: Building Better Users and Fair Trade Practices in Information, 63 Federal Communications Law Journal 391 (2011).
Corporate Cyborgs and Technology Risks, 11 Minnesota Journal of Law, Science & Technology 573 (2010).
Data Devolution: Corporate Information Security, Consumers and the Future of Regulation symposium (editor and contributor), 84 Chicago Kent Law Review (2009).
Technology, Commerce, Development, Identity, 8 Minnesota Journal of Law, Science & Technology 515 (2007).
Penetrating the Zombie Collective: Spam as an International Security Issue, 4 SCRIPTed (2006).
Organizational Code: A Complexity Theory Perspective on Technology and Intellectual Property Regulation, FOREWORD, 11 Journal of Technology Law & Policy 1 (2006).
Silicon Ceilings: Information Technology Equity, the Digital Divide and the Gender Gap Among Information Technology Professionals, 2 Northwestern Journal of Technology & Intellectual Property 1 (2004).
Business Journal and Other Articles
The 'Internet of Bodies' Is Here Are Courts and Regulators Ready?, Wall Street Journal, Nov. 12, 2018.
Hackback in black, The Hill, Nov. 6, 2017 (with FTC Comm. Terrell McSweeny)
The Big Security Mistakes Companies Make When Buying Tech, Wall Street Journal, March 13, 2017.
Discussion of Online Display Advertising: Targeting and Obtrusiveness by Avi Goldfarb and Catherine Tucker, 30 Marketing Science 409 (2011).
CSR and the Corporate Cyborg: Ethical Corporate Information Security Practices, _ Journal of Business Ethics _ (2010).
Book review: Ian Kerr, Valerie Steeves, Carole Lucock (Eds.), Lessons from the Identity Trail (2009), 3 IDIS 363 (2009).
Behavioural Targeting of Online Advertisements and the Future of Data Protection, 20 Computers and Law _ (2009).
Of Pandemics and Progress, in PANDEMIC SURVEILLANCE (2022) (Margaret Hu, ED.)
The New Intermediation: Contract, Identity and the Future of Internet Governance, in Ian Brown (ed.), In Research Handbook on Governance of the Internet, Edward Elgar (2013).
Commentary: Social Media, Privacy and Children’s Development, in Diana T. Slaughter-Defoe, Race and Child Development, Karger (2012).
Mutually Assured Protection: Development of Relational Internet Security Contracting Norms, Chapter in A. Chander, L. Gelman, M. Radin (eds.), SECURING PRIVACY IN THE INTERNET AGE. Stanford University Press (2008).
Chapter 10, in Cronin et al. West Treatise on Data Security and Privacy Law: Combating Cyberthreats, West-Thompson (2006) (updating and revising work of previous author Stephen M. Foxman).