Privacy and Data Protection Law - LW921

Location Term Level Credits (ECTS) Current Convenor 2019-20
(version 2)
View Timetable
7 20 (10) DR P White







The module will explore emerging privacy and data protection issues, including Big Data, CCTV surveillance, Internet and cyber surveillance, and cross-border information flows, legal structures and privacy protection measures. Students will be challenged to critically examine how personal, financial, health and transactional data are managed and who has access to this information. It will require students to assess emerging legal, regulatory, data protection and personal privacy issues raised by widespread access to personal information, including genetic data. The module will focus on the legal data protection, human rights, consent, confidentiality, and IT data security questions that arise when personal information is accessed by the state, law enforcement agencies, corporations and business, employers, health clinicians and researchers.

The essential aims and objectives of the proposed LLM module are to equip students to undertake a sustained analysis of privacy and data protection law. Students will be asked to critically examine whether privacy protection, consent and confidentiality measures are proportionate to the legal requirements to protect personal information while balancing the requirements of economic commerce, the state and public administrations to collect, use and share personal information.


This module appears in:

Contact hours

Total study hours: 200
Contact hours: 18
Private study hours: 182


Autumn Term

Method of assessment

An essay of no more than 5,000 words (100%)

Indicative reading

• C. Bennett, Privacy Advocates: Resisting the Spread of Surveillance (MIT Press, 2008).
• P. Carey, Data Protection: a practical guide to UK and EU Law (Oxford: OUP, 2009).
• R. N. Charette, Online Advertisers Turning up the Heat Against Making "Do Not Track" Browsers' Default Setting, IEEE SPECTRUM,
• M. Hickman, 9 Things You Probably Shouldn't Do in the Presence of a Google Street View Vehicle, MOTHER NATURE ETWORK,;
• Artist Captures Bizarre Images Shot by Google’s Street View Cameras, N.Y. DAILY NEWS,
• L. Katz, (2013) 'Symposium on Cybercrime’. Jr. of Criminal Law and Criminology, 103 (3).
• A. Kenyon and M. Richardson, New Dimensions in Privacy Law (Cambridge: CUP, 2006).
• C. Kunar, International Data Privacy Law (Oxford: OUP, 2013).
• G. Laurie, Genetic Privacy: Challenge to Medico-legal Norms (Cambridge: CUP, 2002).
• D. Lyon, Surveillance Studies: An overview (Cambridge: Polity Press, 2007).
• R. A. Posner, (1981) The Economics of Privacy, 71 AM. ECON. REV. 405.
• M. D. Scott, (2008) Tort Liability for Vendors of Insecure Software: Has the Time Finally Come?, 67 MD. L. REV. 425, 442–50.
• Solove, P. Schwartz, Information Privacy Law (Harvard University Press, 2008).
• Solove, P. Schwartz, Privacy, Information, and Technology, 3nd edition (Aspen Publishing Co., 2012).
• D. Solove, Understanding Privacy (Harvard University Press, 2008).
o F. Westin, Privacy and Freedom (NY: Atheneum, 1967).
• A.F. Westin, (2003) 'Social and Political Dimensions of Privacy’, Jr. of Social Issues 59(2), 431-453.
• R. Williams, P. Johnston, Genetic Policing: The Use of DNA in Criminal Investigations (Willan Publishing, 2008).
• R. Williams, Making Identity Matter (York: Sociology Press, 2000).

See the library reading list for this module (Canterbury)

Learning outcomes

1. Demonstrate an advanced grounding in concepts, principles and rules of data protection, consent, and privacy.
2. Demonstrate a systematic understanding of the origins and development of EU and UK data protection laws and Corporate Binding Rules (US Safe Harbours) protection.
3. Critically analyse emerging issues in data protection: Big Data, social media, data matching, data anonymization, tracking, data access controls, state and commercial surveillance, and blurred boundaries among clinical, research and administrative uses of personal information (genetic exceptionalism, biobanks, electronic health records, client and ethnic profiling)
4. Demonstrate a critical awareness of, and the ability to evaluate legal and regulatory actions taken in response to the failure to protect data and ensure confidentiality.
5. Critically analyse and evaluate the permeability of public/private boundaries in the workplace, in public and commercial spaces, on the Internet and in cyber space.
6. Demonstrate a critical understanding of the public and private tensions involved in privacy and data protection.


Stage 1

University of Kent makes every effort to ensure that module information is accurate for the relevant academic session and to provide educational services as described. However, courses, services and other matters may be subject to change. Please read our full disclaimer.