Module overview
The collection, processing, and governance of personal data cuts across contemporary human action in a data-driven economy. In today’s interconnected digital society, with the spread of Artificial Intelligence (AI) applications and cross-border data flows, it is almost impossible to individuals to go about their daily lives without leaving their data footprint behind. The use of personal data offers both opportunities to and generates risks for individuals, corporations, and public administrations. The processing of personal data may, for example, allow for the provision of personalised services or facilitate public safety; at the same time, it might undermine personal autonomy and privacy by revealing sensitive information about a person or recalibrate power relations where personal data is understood as a commodity.
The use of personal data can therefore both advance and weaken human wellbeing depending on how it is regulated at national and transnational level. One of the major challenges of data protection law is striking the right balance between diverse public interest objectives (e.g. free flow of data, national security) on the one hand, and competing fundamental rights and principles (e.g. freedom of expression, privacy), on the other. Simultaneously, the ever-growing deployment of digital tools, the spread of AI applications and cross-border data flows amplify existing risks and generate new ones, while making the effective protection of personal data a particularly difficult task.
To address the risk of personal data causing unintended consequences to individuals, corporations and public administrations, complex data protection regulatory eco-systems have been developed. The European Union has been leading an effort towards a holistic approach to Data Governance and its General Data Protection Regulation is still used as a template across jurisdictions. Nevertheless, these developments are perceived by some states as a potential threat to their regulatory sovereignty and seek to develop their own regulatory blueprints.
This module will offer students the opportunity to engage in a critical evaluation of the rules, principles, and institutional practices in the field of data protection. The module will focus on the European Union’s regulatory framework, which is the dominant ‘rulebook’ across the globe, while also offering insights into approaches adopted within distinct national legal systems and at the international level. In so doing, students will be encouraged to unpack the social, technological, and political issues that emerge within the legal context. Moreover, the module will explore the inter-connectivity of data law with other fields, including for example, fundamental rights, consumer law, and digital technologies, such as online platforms, AI and digital currencies. The module will also offer opportunities to examine and evaluate how data governance intersects with global sustainability goals by exploring how data-driven approaches can contribute to better aligning business priorities and policy concerns with sustainability objectives, while at the same time safeguarding privacy and personal data.
This module will be of interest to students interested in the field of law and technology, legal practitioners, corporate employees, public officials as well as those interested in civil society and human rights.