Students should have a basic knowledge of European Union law and the concepts of Information Law. It is recommended that students have already completed Foundations of Information Law.
This course is aimed at students in the Master's Programme in International Business Law (IBL). Other law degree students and law exchange students are welcome to attend this course as well, if there is space.
Students will undertake an in-depth analysis of the principles and justifications behind the General Data Protection Regulation and will become acquainted with key provisions. By performing a close deconstruction of the law, they will learn to give detailed and considered critiques of the GDPR’s policy and impacts, as well as develop their own opinions on wider data protection issues. At the end of the course, students will be able to give a normative evaluation of the law, its development and other relevant issues.
- Core concepts: The definitions of “personal data”, “controller”, “processor” and “data subject”
- Justifications for processing
- Data subject rights and the principles relating to processing
- Automated decision-making
- Controller and processor obligations
- International transfers of data
The course will be based on lecture materials, the text of the GDPR and e-articles available through Helka. No extra materials will be necessary.
Evaluation will be based on the completion of writing assignments (60%) and class participation (40%).
Attendance at 8 x 2hr mandatory seminars plus preparatory reading (30-40 hours). Seminars will involve a lecture, followed by student discussion about the lecture and reading material. Students will also have to complete 3 x 1,500-word writing assignments during the course (80-90 hours).