Dr Orla Lynskey (NAB 6.23) 

Professor Andrew Murray (NAB 7.11) 

This course is available on the Executive LLM. This course is not available as an outside option.

This course will be offered on the Executive LLM during the four year degree period. The Department of Law will not offer all Executive LLM courses every year, although some of the more popular courses may be offered in each year, or more than once each year. Please note that whilst it is the Department of Law's intention to offer all Executive LLM courses, its ability to do so will depend on the availability of the staff member in question. For more information please refer to the Department of Law website. 

Basic knowledge of EU law is desirable but not essential for this course.

Personal data is an important factor of production in data-driven economies, and the processing of personal data can generate significant economic and social benefits. Personal data processing can also have a detrimental impact on established rights and values, such as autonomy, privacy and data protection. As a result, legal frameworks to regulate personal data processing have been enacted across the world, with the EU legal model used as a blueprint. Yet, despite the development of such legal frameworks across the globe, critical questions remain unanswered. For instance, the objectives of data protection frameworks differ with some prioritising a fundamental-rights approach to data protection regulation while other frameworks are based on an economic free-trade rationale. Disagreement also persists regarding how the balance should be struck between effective data protection and other rights (such as freedom of expression and freedom of information) and interests (such as innovation and national security).

This course will critically evaluate the legal framework applicable to personal data processing. It will be do this predominantly with reference to the EU framework, as this has served as a model for over 80 other jurisdictions. However we will also examine the US legal framework as it differs considerably from other global legal regimes. Participants will be introduced to techniques and technologies for monitoring and processing personal data in the information society. In order to bring key issues to life, a number of case studies will be considered: the application of data protection rules to online behavioural advertising; to the Internet of Things; and to State surveillance.

24-26 hours of contact time. 

All students are expected to produce one 2,000 word formative essay during the course.

Lynskey, The Foundations of EU Data Protection Law (OUP, 2015)

Mayer-Schönberger, Delete: The Virtue of Forgetting in the Digital Age (Princeton UP, 2009)

Kuner, Transborder Data Flows and Data Privacy Law (OUP, 2013)

Bygrave, Data Privacy Law: An International Perspective (OUP, 2015)

Assessment path 1
Essay (100%, 8000 words).

Assessment path 2
Take home exam (100%).