Not available in 2017/18
LL4S4      Half Unit
Digital Rights, Privacy and Security

This information is for the 2017/18 session.

Teacher responsible

Dr Orla Lynskey NAB 6.23

Professor Andrew Murray NAB 7.11


This course is available on the MSc in Regulation, Master of Laws and Master of Laws (extended part-time study). This course is available with permission as an outside option to students on other programmes where regulations permit.

This course is capped at 30 students and priority is given to LLM and MSc in Regulation students when allocating places. Students must apply through Graduate Course Choice on LSEforYou


Basic knowledge of EU law is desirable but not essential for this course. 

Course content

Personal data is an important factor of production in data-driven economies, and the processing of personal data can generate significant economic and social benefits. However, personal data processing can also have a detrimental impact on established rights and values, such as autonomy, privacy and data protection. As a result, legal frameworks to regulate personal data processing have been enacted across the world, with the EU legal model used as a blueprint. Yet, despite the development of such legal frameworks, critical questions remain unanswered. For instance, the objectives of data protection frameworks differ with some prioritising a fundamental-rights approach to data protection regulation while others frameworks are based on an economic free-trade rationale. Disagreement also persists regarding how the balance should be struck between effective data protection and other rights (such as freedom of expression and freedom of information) and interests (such as innovation and national security).

This course will critically evaluate the legal framework applicable to personal data processing. It will be do this predominantly with reference to the EU framework, as this has served as a model for over 80 other jurisdictions. Participants will be introduced to techniques and technologies for monitoring and processing personal data in the information society. In order to bring key issues to life, a number of case studies will be considered: the application of data protection rules to online behavioural advertising; to the Internet of Things; and to State surveillance.


20 hours of seminars in the MT. 2 hours of seminars in the ST.

Formative coursework

All students are expected to contribute to a series of class exercises and to submit one piece of formative work for assessment. 

Indicative reading

Bygrave: Data Privacy Law: An International Perspective (OUP, 2015)

Kuner: Transborder Data Flows and Data Privacy Law  (OUP, 2013)

Lynskey: The Foundations of EU Data Protection Law (OUP, 2015)

Murray: Information Technology Law, The Law and Society (OUP, 2nd ed, 2013) 



Exam (100%, duration: 2 hours, reading time: 15 minutes) in the main exam period.

This is an open-book exam.

Key facts

Department: Law

Total students 2016/17: 27

Average class size 2016/17: 27

Controlled access 2016/17: Yes

Lecture capture used 2016/17: Yes (MT)

Value: Half Unit

Guidelines for interpreting course guide information

Personal development skills

  • Communication
  • Specialist skills

Course survey results

(2013/14 - 2015/16 combined)

1 = "best" score, 5 = "worst" score

The scores below are average responses.

Response rate: 73%



Reading list (Q2.1)


Materials (Q2.3)


Course satisfied (Q2.4)


Lectures (Q2.5)


Integration (Q2.6)


Contact (Q2.7)


Feedback (Q2.8)


Recommend (Q2.9)