This course examines the legal frameworks in place to protect consumer privacy and maintain necessary information security protections for privately owned and operated infrastructure, with a strong focus on regulatory and compliance issues. Taught collaboratively with the Schools of Law and Information Sciences, students will collaborate on projects simulating the types of problems both legal and technical professionals confront in actual practice. Some individual writing will be required, and a written paper option may be available for students in lieu of group projects with the consent of the Instructor.
Topics covered will include the privacy and information security regulatory activity of the Federal Trade Commission, the Department of Health and Human Services, federal financial regulators, and other state and federal actors. A basic introduction to the concepts of cyberlaw, the Internet, and other information technologies will be provided, and other topics will include the data breach notification regime, the role of computer crime law in information security, and other exigent privacy and security policy topics.