Andrea M. Matwyshyn is a legal academic studying technology innovation and its legal implications, particularly corporate information security regulation and consumer privacy. She is currently a professor of law/professor of computer science (by courtesy) and co-director of the law school’s Center for Law, Innovation, and Creativity (CLIC) at Northeastern University. She is also a faculty affiliate of the Center for Internet and Society at Stanford Law School and a visiting research collaborator at the Center for Information Technology Policy at Princeton University, where she was the Microsoft Visiting Professor during 2014-15. Professor Matwyshyn is also a senior fellow of the Cyber Statecraft Initiative at the Atlantic Council, Brent Scowcroft Center on International Security.
Professor Matwyshyn received a US-UK Fulbright Commission Cyber Security Scholar award in 2016-2017. In 2014, she served as the Senior Policy Advisor and Academic in Residence at the U.S. Federal Trade Commission. Additionally, she has served as a member of the board of advisors to the European Union Network of Excellence in Internet Science (EINS) and NYU Poly's CRISSP INSPIRE program.
Professor Matwyshyn has previously held appointments at the Wharton School at the University of Pennsylvania, Northwestern University School of Law, and the University of Florida Levin College of Law, as well as visiting appointments or affiliations at the University of Oxford, University of Cambridge, University of Edinburgh, Singapore Management University, Indian School of Business, and University of Notre Dame. Prior to entering academia she was a corporate attorney in private practice, focusing her work on technology transactions.
Professor Matwyshyn has testified in front of Congress on issues of information security regulation and is frequently quoted by both U.S. and international media outlets on matters of information technology, data security, and privacy law and policy. Her book, Harboring Data: Information Security, Law, and the Corporation, looks at common mistakes companies make, which breaches go unreported despite notification statutes, and surprising weaknesses in the federal laws that regulate financial data privacy, children's data collection, and health data privacy.
Degree(s):
Ph.D., Northwestern University, 2005
J.D., Northwestern University, 1999
Doctoral Certificate, Northwestern University 1999
M.A., Northwestern University, 1996
B.A., Northwestern University, 1996