In the News


Christopher Hoofnagle in the news:



The robot defense: how Google saw privacy before Snowden

Chris Hoofnagle quoted on PBS Frontline, May 20, 2014

“Gmail was a privacy disaster,” Chris Hoofnagle, director of the Berkeley Center for Law & Technology, told Frontline. “The moment you allow people to look at the content of your communication for some advertising purpose is the moment that the government is going to come along and say, ‘If you’re going to let them listen in for advertising, why don’t you let us listen in for anti-terrorism or for serious crimes?’”


Google fights e-mail privacy group suit calling it too big

Chris Hoofnagle quoted in Bloomberg Businessweek, February 27, 2014
Chris Hoofnagle … said in an e-mail that while the Google case is “very important,” courts “almost never award the full amount of potential statutory damages in privacy cases. Defendants in these cases often have mitigating circumstances that reduce damage awards, and they argue that extra-large awards violate their due process.”


Is Sacramento the world’s capital of Internet privacy regulation?

Paul Schwartz, Deirdre Mulligan, Chris Hoofnagle quoted in Forbes TECH blog, January 6, 2014
Paul [Schwartz] explained that the state-federal dialogue has broken down because the current Congress is gridlocked. Meanwhile, California continues enacting “a tidal wave of California privacy laws.” He cautioned against waiting for a “federal Godot,” i.e., expecting Congress to reengage productively on privacy regulation.

Deirdre Mulligan … praised California’s long reputation for privacy leadership. She said regulators outside California look to California as a laboratory of experimentation, and those experiments have ripple effects across the globe.

Chris Hoofnagle … said notice-and-choice is based on rational choice theory, but consumers don’t always act rationally…. He believes consumers see the words “privacy policies” as seals, i.e., certifications of minimum protections. He favors correcting this by establishing minimum substantive legal standards for anyone who uses the term “privacy policy.”


NSA using Internet ‘cookies’ to find targets

Chris Hoofnagle quoted in Washington Post, December 10, 2013

“On a macro level, ‘we need to track everyone everywhere for advertising’ translates into ‘the government being able to track everyone everywhere,’” said Chris Hoofnagle, a lecturer in residence at the University of California at Berkeley School of Law. “It’s hard to avoid.”


FTC explores risks of native deception, need for labeling

Chris Hoofnagle quoted in Online Media Daily, December 4, 2013

“Really smart people may come to different conclusions about what ‘sponsored’ means,” said Chris Hoofnagle, a lecturer in residence at the University of California, Berkeley, School of Law. Hoofnagle added that he thinks “sponsored by” indicates an arrangement—which was typical on PBS—where a company pays to have its name associated with a show that was created independently. Online, however, “sponsored by” often refers to content that an advertiser has created.


Advertisers scared as Internet giants look to cut cookies out of their diets

Christopher Hoofnagle interviewed by Marketplace, November 8, 2013

“What’s happening is the privacy risk is changing from 100s of trackers to just a handful of them,” Hoofnagle said. The word is that tech giants just might start tracking our devices. Hoofnagle says right now, consumers can set their browsers to block cookies. But if your device is being tracked? “People will not be able to block collection,” he said. “So you have to trust that they’ll use it responsibly.”


Cookies that track Internet users are dying out

Christopher Hoofnagle quoted in San Jose Mercury News, October 29, 2013

Chris Hoofnagle … predicted the new methods will give consumers “less privacy, because they will have less control.”


To what end are we connecting the world?

Christopher Hoofnagle writes for The Huffington Post, October 21, 2013

In The Circle, Dave Eggers describes a near future where a single company—The Circle—intermediates all communication. Convinced of its own benevolence, Circle employees expand the company’s offerings into creepier and creepier domains, while propounding punched-up versions of the philosophies of Larry Page, Eric Schmidt and Mark Zuckerberg.


Google reminds everyone that we are the product

Christopher Hoofnagle quoted in San Francisco Chronicle, October 11, 2013

So the move does no favors for the company’s tired mantra of “Don’t Be Evil,” something academics like Chris Hoofnagle, director of Information Privacy Programs at the UC Berkeley Center for law and technology have argued is “an albatross” and should be disregarded because most of Google’s self-described gallantry is prescribed by law anyway.


Online privacy concerns growing

Chris Hoofnagle quoted in the San Francisco Chronicle, October 2, 2013

“Google knows exactly who you are because there is so much authentication built into Google’s services,” Chris Hoofnagle…said in an e-mail. “We are moving to an authenticated Web where one is always signed in, and that authentication, even if on the surface (it’s) pseudonymous, typically indicates the user’s identity.”


Protecting privacy hinges on reining in companies

Christopher Hoofnagle writes for San Francisco Chronicle, July 28, 2013

We have to limit the ability of firms to collect and maintain data. Firms take the same position on privacy as the NSA: They believe that collecting data does not raise any privacy interest; only the use of data can create a privacy problem. This is an appealing but dangerous position. It leaves personal information in the hands of institutions desperate to monetize it, with little ability for individuals to prevent or even detect objectionable uses of data.


Think twice before giving your zip code to a retailer

Christopher Hoofnagle quoted in WUSA9, June 25, 2013

“Stores can take this information to a data-broker and ask them to match up the name with the zip-code in order to get the person’s home address. And they can get other information too. They might be able to get an e-mail address or a phone number as well,” says Chris Hoofnagle with UC Berkeley Law School.


Stern words, and a pea-size punishment, for Google

Christopher Hoofnagle quoted in The New York Times, April 22, 2013

Enforcement is at a turning point, Mr. Hoofnagle said, and fines could blossom, especially if a tech company’s privacy violation caused serious harm. “We’re still working out as a society what the harms are for privacy violations, and we’re not likely to see hundreds of millions of dollars in fines unless blood is spilled,” he said. “But you can see how that could happen.”


Mobile wallet technology raises privacy, security concerns

Christopher Hoofnagle quoted in McClatchy Newspapers, March 18, 2013

Consumer protections for mobile payments aren’t really on policymakers’ agendas, said Chris Jay Hoofnagle…. “The FTC knows about these problems and it has written about them, but we’re very early in this process and these types of data transfers are not noticeable to the consumer, so one question is will the consumer ever object?” he said. “Going to mobile payments – unless rules are put in place – will be zero privacy,” he said.


Court to sentence AT&T hacker Andrew Auernheimer

Christopher Hoofnagle interviewed by National Public Radio, Morning Edition, March 18, 2013

“After all, we are talking about transparency, and many of us exist in a kind of Disneyland of false belief that these systems are well-secured and impervious against wrong-doers.”


bMail: Berkeley’s B-minus idea

Christopher Hoofnagle writes for The Daily Californian, March 18, 2013

CalMail appeared to be one of those poorly performing campus services best handled by a vendor…. And many other schools have outsourced their information technology services to Google and Microsoft. But if we think about this more deeply, we might conclude the opposite: Communications and information services are so critical to academic freedom that trusting them with an outside vendor can be problematic.


Google explains how it handles police requests for users’ data

Christopher Hoofnagle interviewed by National Public Radio, Morning Edition, January 28, 2013

“Most companies are very secretive about civil and law enforcement requests for user data,” says Chris Hoofnagle, who specializes in privacy issues at Berkeley Law…. “Google is going out on a limb here because, by making these statements, they might be creating customer expectations that certain process will be followed when their data is revealed to law enforcement.”


Instagram says users’ photos won’t appear in ads

Christopher Hoofnagle quoted in Associated Press, December 18, 2012

“These services are publicly advertised as ‘free,’ but the free label masks costs to privacy, which include the responsibility of monitoring how these companies sell data, and even how they change policies over time,” said Chris Hoofnagle, director of Information Privacy Programs at the Berkeley Center for Law & Technology.


Hacker locates John McAfee through smartphone tracks

Christopher Hoofnagle quoted in The Washington Post, December 4, 2012

The “metadata” that’s embedded in files is particularly treacherous, said Chris Hoofnagle, a law professor at U.C.-Berkeley. Businesses made so many accidental releases that several programs now are available to help scrub out comments and deletions in documents that are intended to remain private. Rules in some states govern what information lawyers can use when opposing counsel inadvertently shares private information in metadata fields. The rapid spread of smartphones has made it even harder for most users to monitor the creation and flow of personal information, Hoofnagle said. “It has trapped a lot of people, this problem. We’re often not aware of the metadata that’s created.”


Your online attention, bought in an instant

Chris Hoofnagle study cited in The New York Times, November 17, 2012

Among the trackers setting the most cookies on the top 1,000 Web sites in the United States, for example, BlueKai was first, with 2,562 cookies, while Rubicon came in second, with 2,470, according to research conducted last month by the Berkeley Center for Law and Technology.