Cybersecurity and Privacy Preservation Techniques and Digital Security and Privacy
A.Y. 2023/2024
Learning objectives
The objective of this course is to introduce the essential elements of cybersecurity and technical and organisational measures in the light of data protection regulations in EU, compared to USA and China approach to cybersecurity. The course is structured in legal and computer science lectures, in order to provide a better understanding of different situations where processing a personal data can trigger some legal considerations.
Expected learning outcomes
The student will have knowledge and understanding of the fundamental legal principles concerning cybersecurity and protection of personal data from different perspectives; autonomous ability to read the new European standards on data protection and platforms regulations; ability to understand the goals and technological motivations that led to their adoption; ability to understand the implementation rationale of the new regulatory framework. The student will also be able to identify privacy risks in different proposed scenarios (marketing, cloud computing, IoT), and to propose and evaluate solutions to mitigate such risks.
Lesson period: First trimester
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course can be attended as a single course.
Course syllabus and organization
Single session
Responsible
Lesson period
First trimester
Course syllabus
1. Introduction
2. The fundamental right to personal data protection
3. Cybersecurity regulation in EU
4. Data protection definitions
5. General Principles of European Data Protection Law
6. The Legal Conditions relating to processing of personal data;
7. The obligations of the controller and of the processor (I part)
8. The obligations of the controller and of the processor (II part)
9. Cybersecurity and data protection
10. Risk based approach and the setup of a cybersecurity plan
11. Security measures and data protection
12. Pseudonymization and encryption
13. The territoriality principle and international data transfer
14. Data breaches and remedies to security incidents
14. The Data Protection Officer (part I)
15. The Data Protection Officer (part II)
16. Case study: metaverse and data protection.
17. Modern surveillance techniques and protection of personal data
18. The economic value of personal data
19. Computer crimes
20. Protection of minors online
2. The fundamental right to personal data protection
3. Cybersecurity regulation in EU
4. Data protection definitions
5. General Principles of European Data Protection Law
6. The Legal Conditions relating to processing of personal data;
7. The obligations of the controller and of the processor (I part)
8. The obligations of the controller and of the processor (II part)
9. Cybersecurity and data protection
10. Risk based approach and the setup of a cybersecurity plan
11. Security measures and data protection
12. Pseudonymization and encryption
13. The territoriality principle and international data transfer
14. Data breaches and remedies to security incidents
14. The Data Protection Officer (part I)
15. The Data Protection Officer (part II)
16. Case study: metaverse and data protection.
17. Modern surveillance techniques and protection of personal data
18. The economic value of personal data
19. Computer crimes
20. Protection of minors online
Prerequisites for admission
No prerequisites are required.
Teaching methods
Lectures and paper and case studies based discussions.
Teaching Resources
1. Handbook on European data protection law - 2018 edition, available at https://www.coe.int/en/web/data-protection
2. G. Fuster - L. Jasmontaite, Cybersecurity Regulation in the European Union: The Digital, the Critical and Fundamental Rights, 2020, available in Open Access at https://link.springer.com/chapter/10.1007/978-3-030-29053-5_5
3. Website on EU Digital Strategy with a focus on cybersecurity regulation: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies
4. P.G. Chiara, Towards a Right to Cybersecurity in EU Law? The Challenges Ahead, 2023, available on SSRN at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4537093
2. G. Fuster - L. Jasmontaite, Cybersecurity Regulation in the European Union: The Digital, the Critical and Fundamental Rights, 2020, available in Open Access at https://link.springer.com/chapter/10.1007/978-3-030-29053-5_5
3. Website on EU Digital Strategy with a focus on cybersecurity regulation: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies
4. P.G. Chiara, Towards a Right to Cybersecurity in EU Law? The Challenges Ahead, 2023, available on SSRN at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4537093
Assessment methods and Criteria
The exam is oral. The oral exam consists of a discussion on the topics included in the mandatory references. The exam is aimed at ascertaining the preparation and argumentative capacity of the student.
IUS/01 - PRIVATE LAW - University credits: 2
IUS/09 - PUBLIC LAW - University credits: 2
IUS/14 - EUROPEAN UNION LAW - University credits: 2
IUS/09 - PUBLIC LAW - University credits: 2
IUS/14 - EUROPEAN UNION LAW - University credits: 2
Lessons: 40 hours
Professor:
Perri Pierluigi
Educational website(s)
Professor(s)
Reception:
The tutoring will be delivered on appointment to be scheduled by email.