Skip to main navigationSkip to main content
The University of Southampton

LAWS2030 Foundations in Data Protection Law

Module Overview

Data Protection law is an area which has seen rapid development in the 21st century. The pace of technological change, automatic data processing and the digitisation of society, mean it is assuming an increasingly critical role in our lives today. It regulates everything from legal responsibility for cyber-security breaches, to how social networking sites store and share data and even how its users share information about one another or others. This all-encompassing role seeks to strike a difficult balance between protecting the rights of individuals, whilst also facilitating the movement and use of data by organisations. The breadth of its application has resulted in it becoming a specialised area of practice, with many companies now under an obligation to employ specialist Data Protection Officers as part of their accountability programme. This module will enable you to explore some of the key concepts, rules and functions of data protection law. It is 'practice' orientated bringing together 'academic law' with the types of legal issues experienced by individuals and companies today. The central focus of the course is the interplay between UK Data Protection Law and the recent EU Data Protection Regulation. We will analyse and evaluate this interaction drawing on a range of sources, including policy, academic literature, advisory opinions and domestic laws and practices.

Aims and Objectives

Learning Outcomes

Knowledge and Understanding

Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:

  • The nature and functions of key areas of data protection law and the broader context in which it operates.
  • How data protection law seeks to balance the objectives of facilitating the movement and sharing of data, with the protection of privacy and data protection rights, and the challenges which inhere in this approach.
  • How academic law 'translates' into the provision of legal advice in the field of data protection law.
Subject Specific Intellectual and Research Skills

Having successfully completed this module you will be able to:

  • Describe and critically assess key areas of data protection law.
  • Deploy analytical and evaluative skills, in the form of legal advice, in relation to complex data processing situations.
  • Construct clear and coherent arguments as to how data protection law should apply to hypothetical scenarios, providing adequate support by reference to legal authority.
  • Examine uncertainties in data protection law and its application to the given facts and evaluate alternative approaches and arguments.
Transferable and Generic Skills

Having successfully completed this module you will be able to:

  • Analyse, interpret and evaluate complex material.
  • Formulate an effective, reasoned and structured argument.
  • Communicate and present written arguments supported by appropriate evidence.
  • Effectively apply knowledge to solve practical problems.


- Introduction to data protection law: sources and institutions - Key concepts I & II - Data Protection Principles - Data Protection Obligations - Data Protection Rights - Data Governance - Data Protection Exemptions - International Data Transfers - Jurisdiction

Learning and Teaching

Teaching and learning methods

Teaching will be by one 2-hour lecture per week and one 2-hour tutorial per fortnight. The tutorials are intended as occasions for detailed discussion of specific topics within the broader areas covered in lectures, and you are expected to come fully prepared. Reading and questions for preparation will be placed on Blackboard in advance of each tutorial. Tutorials are also occasions for you to raise problems and questions and to obtain feedback on your progress. Learning activities include: - Directed Reading (as per distributed reading lists on Blackboard). - Preparation for lectures and tutorials. - Preparing and writing formative coursework, with critical self-reflection on your own performance throughout this process. - Participation in class discussion (including small group work).

Preparation for scheduled sessions70
Follow-up work10
Wider reading or practice10
Completion of assessment task10
Total study time150

Resources & Reading list

Rosemary Jay (2012). Data Protection Law and Practice. 

Ian Lloyd (2015). Information Technology Law. 

Orla Lynskey (2015). The Foundations of EU Data Protection Law. 

Andreas Linder (2016). European Data Protection Law: General Data Protection Regulation 2016. 

Peter Carey (2015). Data Protection: A Practical Guide to UK and EU Law. 

Andrew Murray (2013). Information Technology Law. 





MethodPercentage contribution
Coursework 100%


MethodPercentage contribution
Written assessment 100%


MethodPercentage contribution
Written assessment 100%

Repeat Information

Repeat type: Internal & External


Costs associated with this module

Students are responsible for meeting the cost of essential textbooks, and of producing such essays, assignments, laboratory reports and dissertations as are required to fulfil the academic requirements for each programme of study.

In addition to this, students registered for this module typically also have to pay for:


The module does not carry any additional costs for you. The reading lists are drawn from materials already available in or through the University Library including electronic resources.

Please also ensure you read the section on additional costs in the University’s Fees, Charges and Expenses Regulations in the University Calendar available at

Share this module Share this on Facebook Share this on Twitter Share this on Weibo
Privacy Settings