Privacy and Data Security from a Legal, Business and Technological Perspective

This course will focus on Technological, Business, Economic, and Legal Perspectives relating to Privacy and Data Security. From a technological perspective, the course will cover topics such as cryptography and cryptographic systems, interoperability, the design of the internet, data de-anonymization, and data linking. We will also look at how information theory relates to problems of identification of users. The course will consider “threat modelling” as a technique to evaluate risks in relation to privacy and data security. We will look at common ways information systems are hacked, for example malware, Trojan horses, identity theft, denial of services, etc. Standards in relation to data security will be assessed. This course will also focus on the business models employed by those who collect and monetize personal information, for example the implications of the attention economy, network effects and digital rights management. The application of economic theory to privacy and data security issues will be introduced. Key topics such as the impact of information asymmetries, moral hazard, insurance and price discrimination on security and privacy will be discussed. We will consider the incentives and disincentives for hacking or other criminal activities, as well as the economic motivations of software vendors and others. This course will also consider some key legal perspectives on privacy law, looking at whether privacy should be consider as based in values, effects or goals such dignity, distributional effects, or power relationships.