JJUA14230U European and International Data Protection and Privacy Law

The globalization of the world economy, the ever-increasing importance of the Internet, and the growth of electronic commerce have made data protection and privacy law an important area of concern for businesses, governments, and individuals. At present, governments around the world are seeking ever-increasing access to personal data for law enforcement and other purposes; companies are processing more personal data than ever; and many individuals publish their personal data on the Internet on a routine basis. Consequently most lawyers will come across data protection issues sooner or later in their work. Another consequence of these developments is that data protection and privacy law have evolved from being local issues to ones of global concern. Besides the EU Directives and laws in EU Member States on data protection, the subject has spread to countries as diverse as Australia, Canada, Japan, and the US, among many others. This course will concentrate on European data protection and privacy law, while providing students with an overview of the different legal systems of data protection and privacy around the world. The course will give students insight into how to analyze international data protection issues, both from a legal and policy perspective. It will also give an overview of the historical roots of data protection privacy law, and will examine relevant human rights issues. Besides analysis of the legal rules, the course will include extensive real-world examples and issues arising in areas such as transferring personal data outside of Europe; processing personal data on online services (such as social networks); the profiling of individuals in the context of electronic commerce; the use of data for electronic marketing purposes; and others. The course may also include a presentation from a leading outside expert from the business or regulatory community.

1. The course begins with an introduction to the basic principles and instruments of data protection law around the world. It will also provide an overview of the different systems for data protection and privacy law. The following topics will be covered:
• The historical background and development of data protection and privacy law
• The most important international legal instruments
• The various systems of data protection around the world, such as the European system; systems in common law countries (particularly the US and Canada); and systems in the Asia-Pacific region
2. The second part will focus on the basic content of the European system of data protection, in particular:
• An overview of EU institutions and general rules of EU law relevant to data protection
• The two main EU Directives on data protection (EU Directives 95/46 and 2002/58)
• Other important European legal instruments (Council of Europe Convention 108 etc)
3. The third part of the course deals with data protection as a human right, with a focus on the following:
• The historical roots of data protection
• International human rights instruments
• Case law of the European Convention on Human Rights
4. The fourth part of the course deals with the international transfer of personal data, including topics such as:
• Legal issues with regard to the international transfer of personal data
• Review of legal treatment of data transfers under different legal systems
• Real-world situations involving international data transfers and the legal questions they raise
5. The fifth part of the course will focus on issues involving the processing of personal data in the Internet and in electronic commerce, such as the following:
• applicable law and jurisdiction
• application of fundamental data protection concepts to electronic commerce (e.g., consent, personal data, data controller/data processor etc)
• data protection in online social networks
• electronic marketing issues
• drafting documentation for web sites
6. The final part of the course will look at likely future developments and directions in data protection around the world.