Christopher Soghoian is a privacy researcher and activist, working at the intersection of technology, law and policy.
He is the Principal Technologist and a Senior Policy Analyst with the Speech, Privacy and Technology Project at the American Civil Liberties Union. He is also a
Visiting Fellow at Yale Law School's Information Society Project and a Fellow at the Center for Applied Cybersecurity Research at Indiana University.
He is based in Washington, D.C.
Soghoian completed his Ph.D. at Indiana University in 2012, which focused on the role that third party service providers play in facilitating law enforcement surveillance of their customers. In order to gather data, he has made extensive use of the Freedom of Information Act, sued the Department of Justice pro se, and used several other investigative research methods. His research has appeared in publications including the Berkeley Technology Law Journal and been cited by several federal courts, including the 9th Circuit Court of Appeals.
Between 2009 and 2010, he was the first ever in-house technologist at the Federal Trade Commission (FTC)'s Division of Privacy and Identity Protection, where he worked on investigations of Facebook, Twitter, MySpace and Netflix. Prior to joining the FTC, he co-created the Do Not Track privacy anti-tracking mechanism now adopted by all of the major web browsers.
He is a TEDGlobal 2012 Fellow, was an Open Society Foundations
Fellow between 2011 and 2012, and was a Student Fellow at the Berkman Center for Internet & Society at Harvard University between 2008-2009.
- The Spies We Trust:
Third Party Service Providers and Law Enforcement Surveillance
Ph.D. Dissertation, August 2012.
- Can You See Me Now: Toward Reasonable Standards for Law Enforcement Access to
Location Data that Congress Could Enact
Berkeley Technology Law Journal, Vol. 27, 2012.
- The Law Enforcement Surveillance Reporting Gap
- An End to Privacy Theater:
Exposing and Discouraging Corporate Disclosure of User Data to the Government
Minnesota Journal of Law, Science & Technology
Vol. 12, No. 1, 2011.
- Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL
Financial Cryptography and Data Security '11
- Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era
Journal on Telecommunications and High Technology Law,
Vol. 8, No. 2, 2010.
- Manipulation and Abuse of the Consumer Credit Reporting Agencies
Volume 14, Number 8, August 2009.
- The Human Factor in Phishing
Chapter in Information Assurance,
Security and Privacy Services
H. Raghav Rao and Shambhu Upadhyaya, eds,
Emerald Group Publishing Limited,
- Merx: Secure and Privacy Preserving Delegated Payments
- Legal Risks For Phishing Researchers
The Third Anti-Phishing Working Group eCrime Researchers Summit,
- The Threat of Political Phishing
The International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008),
- Caveat Venditor: Technologically Protected Subsidized Goods and the Customers Who Hack Them
Northwestern Journal of Technology and Intellectual Property,
Volume 6, Number 1, Fall 2007.
- Insecure Flight: Broken Boarding Passes and Ineffective Terrorist Watch Lists
IFIP WG 11.6 working conference on Policies & Research in Identity Management (IDMAN 07),
Republished as a chapter in Protecting Airline Passengers in the Age of Terrorism
Paul Seidenstat and Francis X. Splane, eds,
- The Problem of Anonymous Vanity Searches
I/S: A Journal of Law and Policy for the Information Society,
Volume 3, Issue 2, 2007.
- Mantis: A High-Performance, Anonymity Preserving, P2P Network
Johns Hopkins University Information Security Institute Technical Report,
TR-2004-01-B-ISI-JHU. June 17, 2004.