European Citizens' Data Protection, Data Governance and Cybersecurity
A.Y. 2020/2021
Learning objectives
The Course has the specific purpose of giving students:
· a thorough knowledge of the topics covered by the course, both from a technical and legal point of view, on the assumption of the acquisition of the first basic elements during the previous university career;
· the ability to critically address issues and resolve legal issues through the revision of the concepts learned;
· strengthening the technical and IT language relevant to the subject;
· the ability to link the different topics in order to elaborate useful proposals for the solution of concrete cases, also through casuistic cutting lessons carried out with the active participation of the students
· a thorough knowledge of the topics covered by the course, both from a technical and legal point of view, on the assumption of the acquisition of the first basic elements during the previous university career;
· the ability to critically address issues and resolve legal issues through the revision of the concepts learned;
· strengthening the technical and IT language relevant to the subject;
· the ability to link the different topics in order to elaborate useful proposals for the solution of concrete cases, also through casuistic cutting lessons carried out with the active participation of the students
Expected learning outcomes
At the end of the course the student who has successfully learned the subject will have an in-depth knowledge of the topics of the course, with the acquisition of a reasoning method suitable for dealing with more specific and complex IT-legal subjects with respect to institutional notions.
Lesson period: First semester
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course cannot be attended as a single course. Please check our list of single courses to find the ones available for enrolment.
Course syllabus and organization
Single session
Responsible
Lesson period
First semester
Due to the health emergency, the course is held on the Microsoft Teams platform, with streaming lessons. The program will be slightly adapted to the new delivery methods, but the course contents will remain the same. Attending students will be able to discuss a final paper on the topics of the course.
Course syllabus
The Course aims to provide students with a complete knowledge of the main legal issues related to new technologies and their evolution in the legal framework of the European Union, in order to allow independent evaluation procedures, useful for the future professional context. The program will be divided into 24 two-hour lessons, during which the Professor will focus on the importance of data governance, information protection, cybersecurity and issues related to the rights of European citizens in the technological society.
· First lesson (2 hours): The legal concept of data, big data and data processing.
· Second lesson (2 hours): Security and cybersecurity in the European legal framework
· Third lesson (2 hours): The "economy" of data.
· Fourth lesson (2 hours): Personal data and fundamental rights of the European citizens.
· Fifth lesson (2 hours): An introduction to GDPR.
· Sixth lesson (2 hours): Personal data processing in non-EU Countries.
· Seventh lesson (2 hours): Privacy by design, privacy by default.
· Eighth lesson (2 hours): The idea of data portability.
· Ninth lesson (2 hours): Risk analysis and privacy impact assessment.
· Tenth lesson (2 hours): The right to be forgotten.
· Eleventh lesson (2 hours): Big data and intellectual property rights.
· Twelfth lesson (2 hours): Data processing and law in the public sector.
· Thirteenth lesson (2 hours): Data protection in hospitals and health management systems.
· Fourteenth lesson (2 hours): Data protection and critical infrastructures.
· Fifteenth lesson (2 hours): Big data and big data analysis.
· Sixteenth lesson (2 hours): Free circulation of data within the European Union.
· Seventeenth lesson (2 hours): Pseudonymisation and anonymisation of data.
· Eighteenth lesson (2 hours): The idea of "non-personal data" and the regulation.
· Nineteenth lesson (2 hours): Artificial intelligence and law.
· Twentieth lesson (2 hours): Data processing and criminal procedure issues.
· Twenty-first lesson (2 hours): The "capitalism" of big data
· Twenty-second lesson (2 hours): The European Union cybersecurity legal framework
· Twenty-third lesson (2 hours): The right to be forgotten and the platforms 'responsibilities
· Twenty-fourth lesson (2 hours): European Union, big data and information warfare
· First lesson (2 hours): The legal concept of data, big data and data processing.
· Second lesson (2 hours): Security and cybersecurity in the European legal framework
· Third lesson (2 hours): The "economy" of data.
· Fourth lesson (2 hours): Personal data and fundamental rights of the European citizens.
· Fifth lesson (2 hours): An introduction to GDPR.
· Sixth lesson (2 hours): Personal data processing in non-EU Countries.
· Seventh lesson (2 hours): Privacy by design, privacy by default.
· Eighth lesson (2 hours): The idea of data portability.
· Ninth lesson (2 hours): Risk analysis and privacy impact assessment.
· Tenth lesson (2 hours): The right to be forgotten.
· Eleventh lesson (2 hours): Big data and intellectual property rights.
· Twelfth lesson (2 hours): Data processing and law in the public sector.
· Thirteenth lesson (2 hours): Data protection in hospitals and health management systems.
· Fourteenth lesson (2 hours): Data protection and critical infrastructures.
· Fifteenth lesson (2 hours): Big data and big data analysis.
· Sixteenth lesson (2 hours): Free circulation of data within the European Union.
· Seventeenth lesson (2 hours): Pseudonymisation and anonymisation of data.
· Eighteenth lesson (2 hours): The idea of "non-personal data" and the regulation.
· Nineteenth lesson (2 hours): Artificial intelligence and law.
· Twentieth lesson (2 hours): Data processing and criminal procedure issues.
· Twenty-first lesson (2 hours): The "capitalism" of big data
· Twenty-second lesson (2 hours): The European Union cybersecurity legal framework
· Twenty-third lesson (2 hours): The right to be forgotten and the platforms 'responsibilities
· Twenty-fourth lesson (2 hours): European Union, big data and information warfare
Prerequisites for admission
There are no particular pre-requisites for adequately addressing the contents of the course. The first lessons are, in fact, dedicated to an introduction to the themes that can guarantee a basic preparation for the whole class.
Teaching methods
The Course consists of 40 hours of classroom lessons held by the Professor.
Teaching Resources
The material to be studied, all freely available online, will be indicated in class and on the course website (https://sites.unimi.it/eudatagov/datagov1/).
Assessment methods and Criteria
The final exam takes place orally in the exam session, with a question consisting of at least three questions on three different parts of the program. At the end of the course, it is possibile for the student who attended at least 75% of the lesson hours to have the exam in the form of an essay or a Multiple Choice test with 30 multiple choice questions, depending on the student's preferences
Educational website(s)
Professor(s)
Reception:
thursday 10:30 - 11:30 (send an email to [email protected])
Dipartimento "Cesare Beccaria"