Paul Ohm
Professor of Law
Georgetown University Law Center
600 New Jersey Ave, N.W.
Washington, DC 20001
Office: 202-662-9685
Google Voice: 720-432-1411
Home Scholarship Courses Code Links Contact CV (pdf)


Paul Ohm is a Professor of Law at the Georgetown University Law Center. He specializes in information privacy, computer crime law, intellectual property, and criminal procedure. He serves as a faculty director for the Center on Privacy and Technology at Georgetown.

In his work, Professor Ohm tries to build new interdisciplinary bridges between law and computer science. Much of his scholarship focuses on how evolving technology disrupts individual privacy. His article Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization, 57 UCLA Law Review 1701, has sparked an international debate about the need to rethink fundamentally the way we regulate privacy.

Professor Ohm began his academic career on the faculty of the University of Colorado Law School, where he served as the Associate Dean for Academic Affairs and helped direct the Silicon Flatirons Center. In 2016, he was appointed by the White House to the Commission on Evidence-Based Policymaking. From 2012 to 2013, Professor Ohm worked for the Federal Trade Commission as a Senior Policy Advisor. Before becoming a professor, he served in the U.S. Department of Justice's Computer Crime and Intellectual Property Section as an Honors Program trial attorney, and clerked for Judge Betty Fletcher of the United States Court of Appeals for the Ninth Circuit and Judge Mariana Pfaelzer of the United States District Court for the Central District of California. He is a graduate of the UCLA School of Law.

Before becoming a lawyer, Professor Ohm worked for several years as a computer programmer and network systems administrator after earning undergraduate degrees in computer science and electrical engineering from Yale University. Today he continues to write thousands of lines of python and perl code each year.

Recent and Upcoming Publications [SSRN Author Page]

Desirable Inefficiency (work-in-progress) (with Jonathan Frankle).

Regulating Software When Everything Has Software, ____ Geo. Wash. U.L. Rev. ___ (forthcoming 2016) (with Blake Reid).

What if Everything Reveals Everything? (with Scott Peppet), in Big Data is Not a Monolith (Cassidy Sugimoto, Michael Mattioli, and Hamid Ekbia) (forthcoming 2016).

Necessity Rules in Criminal Procedure, in The Cambridge Handbook of Surveillance Law (Stephen Henderson and David Gray, eds) (forthcoming 2016).

The Computer Fraud and Abuse Act: Structure, Controversy, and Proposals for Reform in Information Security Policy (working title) (Trey Herr ed.) (forthcoming 2016).

Sensitive Information, 88 Southern California Law Review 1125 (2015).

Free for the Taking (Or Why Libertarians are Wrong About Markets for Privacy), Jotwell, May 26, 2014 (reviewing Katherine Strandburg, Free Fall: The Online Market's Consumer Preference Disconnect and Chris Jay Hoofnagle & Jan Whittington, Free: Accounting for the Internet's Most Popular Price) (online journal).

Book Chapter, What Do the Rules Say About Data Analysis? in Big Data, Privacy, and the Public Good: Frameworks for Engagement (Cambridge University Press) (Julia Lane, Victoria Stodden, Stefan Bender, and Helen Nissenbaum eds.) (forthcoming 2014).

Should Sniffing Wi-Fi be Illegal?, IEEE Spectrum (forthcoming 2014).

Branding Privacy, 97 Minnesota Law Review 907 (2013).

The Care and Feeding of Sticky Defaults in Information Privacy Law, Jotwell, May 20, 2013 (reviewing Lauren Willis, When Nudges Fail: Slippery Defaults) (online journal).

The Underwhelming Benefits of Big Data, 161 University of Pennsylvania Law Review Online 339 (2013) (responding to Paul M. Schwartz, Information Privacy in the Cloud) (online journal).

The Fourth Amendment in a World Without Privacy, 81 Mississippi Law Review 1309 (2012) (symposium).

Don't Build a Database of Ruin, Harvard Business Review blog network, August 23, 2012.

Electronic Surveillance Law and the Intra-Agency Separation of Powers, 47 University of San Francisco Law Review 269 (2012) (symposium).

Massive Hard Drives, General Warrants, and the Power of Magistrate Judges, 97 Virginia Law Review In Brief 1 (2011) (responding to Orin Kerr, Ex Ante Regulation of Computer Search and Seizure, 96 Va. L. Rev. 1241).

Cybersecurity Through Information Theory, Jotwell, May 19, 2011 (reviewing Derek E. Bambauer, Conundrum) (online journal).

Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization, 57 UCLA Law Review 1701 (2010).

The Argument Against Technology Neutral Surveillance Laws, 88 Texas Law Review 1685 (2010) (symposium).

Probably Probable Cause: The Diminishing Importance of Justification Standards, 94 Minnesota Law Review 1514 (2010) (symposium).

Book Review, Dr. Generative or: How I Learned to Stop Worrying and Love the iPhone, 69 Maryland Law Review 910 (2010) (with James Grimmelmann) (reviewing Jonathan Zittrain, The Future of the Internet--And How to Stop It).

I Always Feel Like Somebody's Watching Me, Jotwell, April 29, 2010 (reviewing Ryan Calo, People Can Be So Fake: A New Dimension to Privacy and Technology Scholarship).

When Network Neutrality Met Privacy, 53 Communications of the ACM 30 (2010).

Breaking Felten's Third Law: How Not to Fix the Internet, 87 Denver University Law Review DU Process 50 (2010) (symposium).

The Rise and Fall of Invasive ISP Surveillance, 2009 University of Illinois Law Review 1417 (2009).

[Full Listing]

Research Agenda

Professor Ohm writes at the intersection of computer science and law, attempting to bridge the two disciplines with rigor.

Current projects include:

  1. Privacy: Developing privacy-related works-in-progress including:
    • Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization: Arguing that the newly revealed power of reidentification and failure of anonymization should calls into question key tenants of modern information privacy law.
    • ISP Surveillance: Arguing that there is no greater threat to privacy in society than the ISP.
    • Justification Standards: Pointing out the flawed belief in the differences between probable cause and reasonable suspicion.
  2. The Path of Internet Law: Calling for recognition of a new sub-discipline of legal scholarship focusing on the Internet as a dynamic subject and incorporating cutting-edge engineering principles.
  3. Software Regulation Clearing House: Building a web-accessible, searchable database of Federal, State, and International laws and regulations that regulate software development.
  4. Case Law Natural Language Processing: Using machine learning techniques to analyze case law.
  5. Network Measurement Research Privacy Project: Working with Computer Science network researchers to develop rules, technologies, guidance, and processes to better protect the privacy of their research subjects.

Recent and Upcoming Presentations

Ethical and Policy Issues in the Statistical Use of Big Data, American Statistical Association, Joint Statistical Meetings, Boston, MA, August, 2014.

University of San Diego Center for Computation, Mathematics and the Law Inaugural Workshop, San Diego, CA, March 21-22, 2014.

Re-Identification Risk of De-Identified Data Sets in the Era of Big Data, AAAS Annual Meeting, Chicago, IL, February 16, 2014.

Workshop on the Social, Economic, and Workforce Implications of Big Data Analytics and Decision Making, NSF, Washington, DC, January 30-31, 2014.

Privacy, Information and Law, at REWIRED: How Law and Technology Shape Social Progress, Wayne Morse Center for Law and Politics, University of Oregon, January 22, 2014.


Professor Ohm has taught courses in Criminal Procedure, Introduction to Intellectual Property, Copyright, Information Privacy, Quantitative Methods and Computer Crime.

This document last modified June 13, 2017.