The University of Southampton
Courses

LAWS6141 Internet Intermediaries and Data Protection Law

Module Overview

The focus of this course is upon the regulation of Internet intermediaries’ personal data processing practices, e.g. data processing practices of Internet service providers, Web 2.0 platforms, search engines. There is not much point in protecting users’ personal data if Internet intermediaries regularly collecting and using personal data are not subject to clear restrictions. While it is true that the European Union has one of the most stringent data protection regimes, there are still important gaps in the law when applied to the key actors in the field: Internet intermediaries. It is still unclear how broad the category of data controllers is and which security measures they must put in place to abide by European standards. The following questions will thus be addressed: to which extent Internet intermediaries are constrained by data protection laws? To which extent are data protection laws and data retention laws in conflict? Do breach notification laws promote security? Given the fast-changing nature of the environment, this is a challenging course with a dynamic and evolving subject matter. Whilst seminar outlines and materials are provided, significant emphasis is placed on self-learning, enabling seminars to concentrate on specific topics and issues.

Aims and Objectives

Module Aims

• provide a critical overview of the rules governing the processing and retention of personal data by Internet intermediaries mainly in the UK and in Europe and eventually compare these rules with those adopted in other systems such as the US • allow students to identify and evaluate new technological trends and regulatory responses in the field • provide students with a range of opportunities to practice writing and communications skills in the field and undertake independent research

Learning Outcomes

Knowledge and Understanding

Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:

  • identify the legal and public policy challenges posed by the Internet and information and communications technology as regards the development of Internet services and Web 2.0 platforms;
  • identify the key features of international law, regulation and policy considerations in this area, with particular emphasis on the UK, EU, US regulation;
  • assess the fundamental principles of law, including decisions of the courts, that impact upon the processing and retention of personal data by Internet intermediaries with particular reference to European legislative instruments in the field.
Transferable and Generic Skills

Having successfully completed this module you will be able to:

  • Critically analyse legal and policy positions from a variety of sources;
  • Clearly communicate and discuss complex ideas and arguments in writing;
  • Undertake independent research.
Subject Specific Practical Skills

Having successfully completed this module you will be able to:

  • Developed research skills and knowledge of relevant legal resources in preparation for classes
  • Developed the ability to solve problems and undertake critical analysis of relevant legal issues:
  • Developed competence in the use of key online and offline legal resources;
  • Exercise time management skills.
Subject Specific Intellectual and Research Skills

Having successfully completed this module you will be able to:

  • apply privacy, data protection and data retention laws
  • evaluate the solutions adopted in the light of current Internet intermediaries’ practices and in particular their implications in terms of the monitoring of users;
  • critically assess how law, technology and policy operate and interact as regulatory modalities

Syllabus

The module intends to examine the legal and public policy ramifications of the processing and retention of personal data by Internet intermediaries. The focus of the course is therefore on the legal rules that aim at confining internet intermediaries’ practices when collecting, storing, using and transferring personal data. With this said, themes relevant throughout the module will be discussed, such as globalisation, jurisdiction, law enforcement, surveillance. Since the Internet is a cross-border network, sources will be drawn from around the globe but with an emphasis on the legal systems of the UK, the US, and the EU. The syllabus is centred on 3 themes: the processing of personal data by intermediaries, breach notification obligations and data retention obligations. Internet law is dynamic in nature, therefore an element of flexibility must be preserved vis-à-vis the syllabus, which must and will continue to evolve. Here is an indicative outline of what the syllabus could look like: Introduction to the course The different categories of intermediaries The different types of data Intermediaries as data controllers Consolidation seminar ISPs and deep packet inspection practices Breach notification laws The right to be forgotten Data retention obligations Presentation seminar

Learning and Teaching

Teaching and learning methods

·         Your ability to discuss key principles and their limitations with your peers;

TypeHours
Teaching20
Independent Study130
Total study time150

Resources & Reading list

Lloyd I. (2014). Information Technology Law. 

Rowland Dl (2011). Information Technology Law. 

Bainbridge D (2014). Information Technology and Intellectual Property Law. 

Murray, A (2013). Information Technology Law. 

Graham J H Smith Bird & Bird (2007). Internet Law and Regulation. 

Reed, C (2012). Computer Law. 

Assessment

Formative

Essay

Summative

MethodPercentage contribution
Research essay  (4000 words) 100%

Referral

MethodPercentage contribution
Research essay  (4000 words) 100%
Share this module Facebook Google+ Twitter Weibo

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×