Data ProtectionGovernments of every era have claimed the need to collect information on their people. So, for example, the ancient Babylonians and held censuses mainly for military and taxation purposes and in English history the Doomsday book - a complete survey of the land and estates of England at that time' was produced in 1086 on the orders of William the Conqueror. Whilst the Doomsday Book took many years to complete, with the development of computers things are very different in the Information Age: not just governments but companies and private individuals have the capacity to accumulate, cross reference and analyse data to a remarkable degree. While data mining and data aggregation can prove useful and valuable to companies and governments (e.g. in the production of market research and for direct marketing purposes), such activities and profiling may lead to an infringement of individual's rights, such as privacy and human dignity. Against this background, data protection laws have been developed but they are complex and to a large extent unwieldy in the face of technological development; there are many 'grey areas' that still require interpretation by the courts. Nonetheless, data protection compliance is an essential legal requirement for all organisations within the EU (and to greater or lesser degrees, elsewhere).
This course will introduce the theoretical background to data protection and its relationship to privacy and human dignity and then explore some of the key concepts in data protection in Europe: what data is protected; what sorts of processing are permitted; who is under a responsibility to protect data; what is the position regarding transnational data flows? We will also look at the reverse of data protection: surveillance, and look at the circumstances in which governments are permitted and private parties required to invade third parties' privacy. A case study approach is adopted to ensure that the programme is as relevant to professional practice as possible, and we will look at the issues raised by common technologies/services such as social network sites; cloud computing and mobile services.