Postgraduate Course: EU Data Protection Law (LAWS11384)
|School||School of Law
||College||College of Arts, Humanities and Social Sciences
|Credit level (Normal year taken)||SCQF Level 11 (Postgraduate)
|Course type||Online Distance Learning
||Availability||Not available to visiting students
|Summary||This course will examine the new EU data protection regime as set out in the General Data Protection Regulation ((EU) 2016/679) on the protection of individuals with regard to the processing of personal data and the free movement of such data (GDPR). It will provide you with an overview of the terminology and underlying principles of data protection and address specific areas and requirements for data controllers and processors that are subject to the new EU regime.
The course will consider:
1. the history of EU data protection law;
2. the scope and key concepts of EU data protection law, in particular, the concept of personal data;
3. the data protection principle, including fair processing, data minimisation, purpose limitation, accuracy and data security;
4. the rights of the data subject, including the right to be forgotten,
5. the right to object to processing, the right to data portability
6. the right to subject access;
7. the legal framework governing cross-border data transfers;
8. the sanction for data protection breaches and the challenges of enforcement at the national, regional and global level, with a particular focus on the processing of personal data in the online environment;
9. various specific contemporary challenges for data protection including cloud computing, data collection through Adtech, tracking and smart devices and the Internet of Things, and Big Data.
A wide-ranging international approach will be adopted, with contributions sought from students in respect of their own jurisdictions.
The aims and objectives of this course are to:
1. Give an introduction to the history of EU data protection law
2. Provide an overview of the basic principles of data protection law in an European and international context.
3. Explore the rights of data subjects and how they have developed over time and in response to technological evolution
4. Discuss the data protection issues arising when personal data is exported to third countries.
5. Examine the special rules that apply to electronic communications
Week 1: Introduction to the EU data protection framework: provides an overview of historical developments in EU data protection law and an introduction to the structure of the new regime.
Week 2: The General Data Protection Regulation: Scope and key defined terms: discusses the material and territorial scope of the GDPR and the main definitions, including data controller, data processor, data subject, etc.
Week 3: What is 'personal data'?: discusses EU and UK approaches to the concept and nature of personal data and sensitive personal data in an offline and online environment (including anonymisation, pseudonymisation, and the nature of online identifiers)
Week 4: Data protection principles I: discusses the first data protection principle ('fair and lawful processing'), focusing on the legal grounds for data processing (consent, legitimate interest and other commercial and public policy grounds)
Week 5: Data protection principles II: discusses purpose limitation and data minimisation principle, and their particular relevance in the age of Big Data
Week 6: Data protection principles III: discusses the accuracy, data security and accountability principles and the particular obligations they impose on controllers and processors
Week 7: Rights of the data subject: including the right to object, the right to be forgotten and the right to subject access.
Week 8: Cross-border transfers of personal data: discusses the conditions on which personal data may be transferred outside the EEA, including recent case law and regulatory and legislative developments in this area
Week 9: Enforcement and sanctions: regulatory and civil sanctions (fines, damages, etc.) and the challenges of global enforcement of regional/national rules
Week 10: Contemporary issues of data protection: likely to change from year to year, but currently likely to include cloud computing, smart devices and the Internet of Things and Big Data.
Entry Requirements (not applicable to Visiting Students)
||Other requirements|| Please contact the online learning team at firstname.lastname@example.org
|Additional Costs|| Students must have reliable access to the internet.
Course Delivery Information
|Academic year 2022/23, Not available to visiting students (SS1)
|Learning and Teaching activities (Further Info)
Lecture Hours 40,
Programme Level Learning and Teaching Hours 4,
Directed Learning and Independent Learning Hours
|Assessment (Further Info)
|Additional Information (Assessment)
||One essay of up to 4,000 words (60%); one piece of assessed work (20%); a portfolio of contributions made to weekly online discussions throughout the semester (20%).
Requirements for all course assessments will be outlined to students within the individual courses at the start of each semester.
||Students will have the opportunity to obtain formative feedback over the course of the semester. The feedback provided will assist students in their preparation for the summative assessment.
Details of the School's feedback policy will be available at the start of the course.
|No Exam Information
On completion of this course, the student will be able to:
- A general understanding of the fundamental principles of the EU data protection regime and information privacy
- A detailed and specific knowledge of data protection issues arising in the specific contexts.
- An appreciation of some of the current challenges faced by data controllers, data subjects, policy makers and regulators.
- A basic grounding in research skills and techniques in the area of data protection and information privacy.
|A detailed list of key resources will be available at the start of the course.|
|Graduate Attributes and Skills
||Students will develop their skills and abilities in:
1. Research and enquiry, through e.g. selecting and deploying appropriate research techniques;
2. Personal and intellectual autonomy, e.g. developing the ability to independently assess the relevance and importance of primary and secondary sources;
3. Communication, e.g. skills in summarising and communicating information and ideas effectively in written form;
4. Personal effectiveness, e.g. working constructively as a member of an online community;
5. Students will also develop their technical/practical skills, throughout the course, e.g. in articulating, evidencing and sustaining a line of argument, and engaging in a convincing critique of another's arguments.
||This course is taught by online learning.
|Additional Class Delivery Information
||This course is taught by online learning.
|Keywords||GDPR,personal data,Data protection law,information privacy
|Course organiser||Mr Nicolas Jondet
Tel: (0131 6)51 4528
|Course secretary||Ms Clare Polson
Tel: (0131 6)51 9704