top of page
textbook - screengrab.png

Additional selections of Professor Matwyshyn's scholarship are linked below.  





Stanford University Press (2009) (editor and contributor).

(CYBER)SECURITY LAW AND POLICY: An Introduction to Problems in Computer

and Information Security (with Stephanie K. Pell)  - funded by the Hewlett Foundation

(in progress)




Computer science articles:

Artificial Intelligence and Machine Learning Applied to Cybersecurity, IEEE Spectrum (2018)

(with David Brumley, Robert Cunningham, Chris Dalton, Erik Debenedektis, Flavia Dinca,

William G Dubyak, Nigel Edwards, Rhett Hernandez, Bill Horne, Brian David Johnson,

Aleksandar Mastilovic, Avi Mendelson, Dejan Milojicic, Katie Moussouris, Adrian L. Shaw,

Barry Shoop, Trung Tran, Mike Walker).

Ethics in Security Vulnerability Research, 8 IEEE Security & Privacy 2 (2010)

(with Sal Stolfo, Angelos Keromytis, Ang Cui, Computer Science, Columbia University)

Twitter (R)evolution: Privacy, Free Speech and Disclosure, Proceedings of International World Wide Web Conference,

May 13–17, 2013, Rio de Janeiro, Brazil in WWW 2013 Companion (ACM 978-1-4503-2038-2/13/05). (with Lilian Edwards)

Major legal articles:

Fake (with Miranda Mowbray), 43 Cardozo Law Review 643 (2021).  


The Internet of Bodies, 60 William & Mary Law Review 61 (2019).

Broken (with Stephanie K. Pell), 32 Harvard Journal Law & Technology 279 (2019).

CYBER!,  2017 BYU Law Review 1109 (2018).

Privacy, the Hacker Way, 87 Southern California Law Review 1 (2014).

Hacking Speech, 107 Northwestern Law Review 795 (2013).

The Law of the Zebra, 28 Berkeley Technology Law Journal 1 (2013).

Generation C: Childhood, Code and Creativity, 87 Notre Dame Law Review 1979 (2012).

Hidden Engines of Destruction: The Reasonable Expectation of Code Safety and the Duty to Warn in Digital Products, 62 Florida Law Review 1 (2010).

Imagining the Intangible, 34 Delaware Journal Corporate Law 3 (2009). 

Technoconsen(t)sus, 85 Washington University Law Review 529 (2007).

Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities Regulation, 3 Berkeley Business Law Journal 129 (2005).

Of Nodes and Power Laws: A Network Theory Approach to Internet Jurisdiction through Data Privacy, 98 Northwestern Law Review 493 (2004).

Other law review articles and projects:

It’s Morning Again in Pennsylvania: Rebooting Computer Security Through a Bureau of Technology Safety, Lawfare (2024) - AUDIOBOOK

Unavailable, 81 University of Pittsburgh Law Review 2 (2019). 

Cyber Harder, 24 BU Technology Law Journal 450 (2018) .

User Resilience: Building Better Users, 63 Federal Communications Law Journal 391 (2011). 

Corporate Cyborgs and Technology Risks, 11 Minnesota Journal of Law, Science & Technology 573 (2010).

Data Devolution: Corporate Information Security, Consumers and the Future of Regulation symposium (organizer, editor and contributor), 84 Chicago Kent Law Review 713 (2010).

Technology, Commerce, Development, Identity, 8 Minnesota Journal of Law, Science & Technology 515 (2007).

Penetrating the Zombie Collective: Spam as an International Security Issue, 4 SCRIPTed (2006).

Organizational Code: A Complexity Theory Perspective on Technology and Intellectual Property Regulation, FOREWORD, 11 Journal of Technology Law & Policy 1 (2006).

Silicon Ceilings: Information Technology Equity, the Digital Divide and the Gender Gap Among Information Technology Professionals, 2 Northwestern Journal of Technology & Intellectual Property 1 (2004).

Business journal and other articles:

The ‘Internet of Bodies’ Is Here. Are Courts and Regulators Ready?,  Wall Street Journal, Nov. 12, 2018.

Hackback in black,  The Hill, Nov. 6, 2017 (with FTC Comm. Terrell McSweeny)

The Big Security Mistakes Companies Make When Buying Tech, Wall Street Journal, March 13, 2017.


Discussion of Online Display Advertising: Targeting and Obtrusiveness by Avi Goldfarb and Catherine Tucker, _ Marketing Science _ (2010). 


CSR and the Corporate Cyborg: Ethical Corporate Information Security Practices, _ Journal of Business Ethics _ (2010).


Book review: Ian Kerr, Valerie Steeves, Carole Lucock (Eds.), Lessons from the Identity Trail (2009), _ IDIS _ (2009).

Behavioural Targeting of Online Advertisements and the Future of Data Protection, 20 Computers and Law _ (2009).

Book chapters:

Of Pandemics and Progress, in MARGARET HU (ED.), PANDEMIC SURVEILLANCE (2022).

Chapter 16: The New Intermediation: Contract, Identity and the Future of Internet Governance, In Research Handbook on Governance of the Internet, Ian Brown (ed.), Oxford Internet Institute, (forthcoming 2012)

Commentary: Social Media, Privacy and Children’s Development, in Diana T. Slaughter-Defoe, Race and Child Development, Karger (2012).

Mutually Assured Protection:  Development of Relational Internet Security Contracting Norms, Chapter in A. Chander, L. Gelman, M. Radin (eds.), SECURING PRIVACY IN THE INTERNET AGE.  Stanford University Press (2008).


Chapter 10, in Cronin et al. West Treatise on Data Security and Privacy Law: Combating Cyberthreats, West-Thompson (2006) (updating and revising work of previous author Stephen M. Foxman).

bottom of page