Cybersecurity and privacy preservation techniques and digital security and privacy
A.A. 2024/2025
Obiettivi formativi
The objective of this course is to introduce the essential elements of cybersecurity and technical and organisational measures in the light of data protection regulations in EU, compared to USA and China approach to cybersecurity. The course is structured in legal and computer science lectures, in order to provide a better understanding of different situations where processing a personal data can trigger some legal considerations.
Risultati apprendimento attesi
The student will have knowledge and understanding of the fundamental legal principles concerning cybersecurity and protection of personal data from different perspectives; autonomous ability to read the new European standards on data protection and platforms regulations; ability to understand the goals and technological motivations that led to their adoption; ability to understand the implementation rationale of the new regulatory framework. The student will also be able to identify privacy risks in different proposed scenarios (marketing, cloud computing, IoT), and to propose and evaluate solutions to mitigate such risks.
Periodo: Primo trimestre
Modalità di valutazione: Esame
Giudizio di valutazione: voto verbalizzato in trentesimi
Corso singolo
Questo insegnamento può essere seguito come corso singolo.
Programma e organizzazione didattica
Edizione unica
Responsabile
Periodo
Primo trimestre
Programma
1. Introduction
2. The fundamental right to personal data protection
4. Data protection definitions
5. General Principles of European Data Protection Law
6. The Legal Conditions relating to processing of personal data;
7. The accountability of the controller and the duties of the processor
8. Cybersecurity and data protection
9. Risk based approach and the setup of a cybersecurity plan
10. Security measures and data protection
11. Pseudonymization and encryption
12. Data breaches and remedies to security incidents
13. The Data Protection Officer (part I)
14. The Data Protection Officer (part II)
15. Cybersecurity regulation in EU
16. Key concepts of criminal law and their application in the cybercrime field
17. Cybercrime regulation: Budapest Convention and UN convention
18. Liability for cybercrimes: individuals, corporations, states
19. Challenges of AI in cybersecurity
20. European regulation on AI systems: the AI Act
21. AI systems and tort liability
22. AI systems and criminal liability
23. Cross-border access to electronic evidence: EU E-evidence package and Second Additional Protocol to the Budapest Convention
24. Digital investigations and AI-generated evidence
2. The fundamental right to personal data protection
4. Data protection definitions
5. General Principles of European Data Protection Law
6. The Legal Conditions relating to processing of personal data;
7. The accountability of the controller and the duties of the processor
8. Cybersecurity and data protection
9. Risk based approach and the setup of a cybersecurity plan
10. Security measures and data protection
11. Pseudonymization and encryption
12. Data breaches and remedies to security incidents
13. The Data Protection Officer (part I)
14. The Data Protection Officer (part II)
15. Cybersecurity regulation in EU
16. Key concepts of criminal law and their application in the cybercrime field
17. Cybercrime regulation: Budapest Convention and UN convention
18. Liability for cybercrimes: individuals, corporations, states
19. Challenges of AI in cybersecurity
20. European regulation on AI systems: the AI Act
21. AI systems and tort liability
22. AI systems and criminal liability
23. Cross-border access to electronic evidence: EU E-evidence package and Second Additional Protocol to the Budapest Convention
24. Digital investigations and AI-generated evidence
Metodi didattici
Lectures and paper and case studies based discussions.
Materiale di riferimento
1. Handbook on European data protection law - 2018 edition, available at https://www.coe.int/en/web/data-protection
2. G. Fuster - L. Jasmontaite, Cybersecurity Regulation in the European Union: The Digital, the Critical and Fundamental Rights, 2020, available in Open Access at https://link.springer.com/chapter/10.1007/978-3-030-29053-5_5
3. Website on EU Digital Strategy with a focus on cybersecurity regulation: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies
4. P.G. Chiara, Towards a Right to Cybersecurity in EU Law? The Challenges Ahead, 2023, available on SSRN at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4537093
5. A. Gasco'n Marce'n, The Budapest Convention and the UN Cybercrime Convention negotiations, in A. Segura Serrano (ed.), Global Cybersecurity and International Law, Routledge, 2024
6. S. Gless - E. Silverman - T. Weigend, If robots cause harm, who is to blame? Self-driving cars and criminal liability, in New Criminal Law Review, Vol. 19, Number 3, 2016, 412 ss. [link SSRN: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2724592]
2. G. Fuster - L. Jasmontaite, Cybersecurity Regulation in the European Union: The Digital, the Critical and Fundamental Rights, 2020, available in Open Access at https://link.springer.com/chapter/10.1007/978-3-030-29053-5_5
3. Website on EU Digital Strategy with a focus on cybersecurity regulation: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-policies
4. P.G. Chiara, Towards a Right to Cybersecurity in EU Law? The Challenges Ahead, 2023, available on SSRN at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4537093
5. A. Gasco'n Marce'n, The Budapest Convention and the UN Cybercrime Convention negotiations, in A. Segura Serrano (ed.), Global Cybersecurity and International Law, Routledge, 2024
6. S. Gless - E. Silverman - T. Weigend, If robots cause harm, who is to blame? Self-driving cars and criminal liability, in New Criminal Law Review, Vol. 19, Number 3, 2016, 412 ss. [link SSRN: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2724592]
Modalità di verifica dell’apprendimento e criteri di valutazione
The exam is oral and consists of a discussion on the topics included in the mandatory references. The exam is aimed at ascertaining the preparation and argumentative capacity of the student.
IUS/01 - DIRITTO PRIVATO - CFU: 2
IUS/09 - ISTITUZIONI DI DIRITTO PUBBLICO - CFU: 2
IUS/14 - DIRITTO DELL'UNIONE EUROPEA - CFU: 2
IUS/09 - ISTITUZIONI DI DIRITTO PUBBLICO - CFU: 2
IUS/14 - DIRITTO DELL'UNIONE EUROPEA - CFU: 2
Lezioni: 40 ore
Docenti:
Fragasso Beatrice, Perri Pierluigi
Turni:
Siti didattici
Docente/i
Ricevimento:
Da concordarsi via mail
Dipartimento di Scienze Giuridiche "Cesare Beccaria", Sezione di Scienze penalistiche
Ricevimento:
Il docente riceve previo appuntamento da concordare via email.
Dipartimento "Cesare Beccaria" - Sezione di Filosofia e Sociologia del Diritto