Chris Jay Hoofnagle is Professor of Law in Residence at the University of California, Berkeley, School of Law, where he teaches cybersecurity, programming for lawyers, and torts. He is affiliated faculty with the Simons Institute for the Theory of Computing and the Center for Security in Politics. In Spring 2024, Hoofnagle is visiting King’s College Department of War Studies.

Hoofnagle’s new book with Golden G. Richard III is Cybersecurity in Context (Wiley forthcoming 2024). Previous works include Law and Policy for the Quantum Age (with Simson Garfinkel, 2022) and Federal Trade Commission Privacy Law and Policy (2016), both with Cambridge University Press.

An elected member of the American Law Institute, Hoofnagle is of counsel to Gunderson Dettmer LLP, is a longtime advisor to Palantir Technologies, and is a member of the National Academies Intelligence Science and Technology Experts Group (ISTEG).

With Professor Daniel Solove, Hoofnagle founded the Privacy Law Scholars Conference.

Chris Hoofnagle

Research

  • Cybersecurity in Context

    Cybersecurity in Context

    Every one now has a stake in the healthy functioning of communications and control networks, in the devices and services dependent on network, and by implication, in all the complicated infrastructure required to keep networks, devices, and services operating. As we have become more affluent and as the economy has become more interconnected, we are […] read more

  • The Techcons

    The Techcons

    Revisiting Arthur Leff’s Swindling and Selling Yale Law Professor Arthur Leff wrote a powerful, market-structure analysis of consumer fraud in his 1976 Swindling and Selling. That work is more or less lost to history. Leff explained that con artists attempted to impose a false economy on marks. In a perfect congame, such as the Spanish Prisoner, […] read more

  • What is consumer privacy?

    What is consumer privacy?

    In this essay for a lecture at Stanford University, I attempt to explain consumer privacy as a deterrence theory strategy. I argue that privacy does have methods of analysis, based in fair information practices, while popular use of the term “privacy” is loose, a shibboleth representing uncertain values. This wide-ranging essay then goes on to […] read more

  • The Quantum Age

    The Quantum Age

    Quantum technologies use quantum effects to provide some utility. These capabilities are so different from our conventional intuition that quantum technologies seem to ride the fine border between science fiction and fantasy—yet many quantum technologies can be commercially purchased today, and more are just around the corner. With Simson Garfinkel, I recently completed Law and Technology for […] read more

  • Digital Consumer Protection

    Digital Consumer Protection

    As products and services merge, we need new kinds of marketplace signals and rules to ensure that consumers understand the exchange, and so that competition is fair and vigorous. In a series of works with Case Western University Professor Aaron Perzanowski and Berkeley JSD/Yale JD candidate Aniket Kesari, we have used legal/empirical analyses to elucidate […] read more

  • “Zero Price” != Free: How “Free” Can be Anti-Competitive

    “Zero Price” != Free: How “Free” Can be Anti-Competitive

    In articles with University of Washington Professor Jan Whittington (Ph.D., UC Berkeley 2008), we explore consumer-oriented internet services through the lens of transaction cost economics. This work shows how personal information transactions—“free” exchanges—can be uneconomical: consumers cannot exit these arrangements; they create lock-in; and ultimately this is a deep moat against competition. Free transactions enable companies to […] read more

  • Internet Tracking & Cybercrime

    Internet Tracking & Cybercrime

    We have performed terabyte-scale studies of internet tracking and of cybercrime networks, using a series of tools including Palantir Gotham, Palantir Contour, mitmproxy, STATA (Here is my STATA Cheat Sheet), Python, and a custom-built crawler. This has led to several insights, including new forms of consumer tracking in the wild (flash cookies, cache cookies), the demonstration […] read more

  • Federal Trade Commission Privacy Law & Policy

    Federal Trade Commission Privacy Law & Policy

    This book is a historical account, an institutional study, and a discussion of policy choices made by the U.S. FTC. The FTC’s creation in 1914 represented a turning point in American history where skepticism of expertise and central regulatory authority was overcome by the need to address contemporary market conditions. My book connects today’s tussles over privacy […] read more

  • Consumer Knowledge & Attitudes

    Consumer Knowledge & Attitudes

    Alan Westin’s well-known and often-used privacy segmentation fails to describe privacy markets or consumer choices accurately. It describes the average consumer as a “privacy pragmatist” who influences market offerings by weighing the costs and benefits of services and making choices consistent with his or her privacy preferences. Yet, Westin’s segmentation methods cannot establish that users […] read more

  • Root Causes of Identity Theft

    Root Causes of Identity Theft

            In a trio of articles (for NSF-TRUST), I showed how identity theft is an externality of credit granting, where costs of fraud are spread among victims, merchants, and society generally. For instance, the image below is summary data on an identity theft victim who I interviewed–the impostor in the case made […] read more

  • Denialism

    Denialism

    Before coming to Berkeley, I worked in Washington, DC as a privacy advocate. I was struck by the character of policy debates there. Industries lobbied using a blend of libertarian and one-eyed public choice argument, repeating it so often that to me it sounded like simple cliché. In fact, it wasn’t debate, it was intransigence. […] read more

Teaching


  • Cybersecurity in Context

    Cyber Bear

    New course: Fall 2024! In fall 2024, I will teach Cybersecurity in Context in the Legal Studies program (LS 190). The course will be based on my new textbook with Golden G. Richard III. Course Description Cybersecurity has become instrumental to economic activity and human rights alike. But as digital technologies penetrate almost every aspect…

    read more


  • Cybersecurity Courses @ Cal

    Cybersecurity at Berkeley

    A growing number of faculty are offering cybersecurity courses at Cal. Consider taking: The Center for Security in Politics offers a graduate certificate in security policy. Many of the electives are open to undergraduates. They include GSPP PP 155/255 Introduction to Security Policy (Professors Janet Napolitano and Daniel Sargent) PPC285 and NUCENG 285C Nuclear Security: The…

    read more


  • Computer Programming for Lawyers

    Computer Programming for Lawyers

    Most recent syllabus: Spring 2023. Clients increasingly want their lawyers to understand their products and services on a technical level. Regulators need to understand how their rules will be implemented in code. Lawyers increasingly need tools to automate the process of collecting, organizing, and making sense of impossibly large troves of information. Computer Programming for…

    read more


  • Torts (1L)

    A train ticket

    Welcome to your first year of law school and to torts, a topic as rich as it is traditional in legal education. Torts provides an expansive lens to learn about the American legal system. This course will cover the basics of torts and in the process, the fundamental reasons and principles underlying doctrine. Learning Goals:…

    read more


  • Cybersecurity Working Group

    Cyber Bear

    We will discuss cybersecurity policy among a group of graduate, professional, and undergraduate students. The FCWG will be led by Andrew Reddie in Fall 2023 and Spring 2024. Chris Hoofnagle will lead it in Spring 2025 Previous syllabi (Fall 2023, Spring 2023, Fall 2022, Fall 2021, Spring 2021, Spring 2020, Spring 2019, Spring 2018, Fall 2017, Spring 2017)

    read more


  • Technology for Lawyers Workshop (TLW)

    A bear working at a computer

    Technology for Lawyers Workshop (TLW) is a self-paced, two-session workshop covering the computer skills most important to success in law school. By working along and doing the exercises, you’ll become a more efficient user of your computer, and in the process, develop Microsoft Word templates you can use for law school assignments.

    read more


  • Inactive Courses

    Privacy Law for Technologists Information privacy law profoundly shapes how internet-enabled services may work. Privacy Law for Technologists will translate the regulatory demands flowing from the growing field of privacy, information security, and consumer law to those who are creating interesting and transformative internet-enabled services. The course will meet twice a week, with the first…

    read more

Wait

By visiting this digital property,
you consent to any indignity that
increases my utility.