Academic Year 2020/2021 - 2° Year
Teaching Staff: Giuliana Amore
Credit Value: 6
Scientific field: IUS/01 - Diritto Privato
Taught classes: 40 hours
Term / Semester:

Learning Objectives

  1. Knowledge and understanding

The course of Private Law for Information Technology aims to analyze the impact of the Internet on legal rules and to identify the regulation of Internet behavior, with particular reference to the relationships between private subjects and to the complexity of the diffusion of artificial intelligence. The course aims also to give the keys to an adequate knowledge and understanding, as well as the normative sources and the relative interpretative principles, of the fundamental institutions of private law strictly connected to the Web in terms of subject regulation and protection of personal data, of the goods and of the circulation of internet rights, of the contract in general and of contracts on line.

2. Applying knowledge and understanding

At the end of the course, the student will be able to understand the legal issues raised by the technological context and to identify the solutions, both by reconstructing and interpreting the different situations and the legally relevant interests in the network on the private level, both by applying in practice the knowledge and tools acquired during the course of lessons and developed with a careful study of the subject.

3. Making judgements

The rapid development of information technology has exacerbated the need for robust personal data protection, the right to which is safeguarded by both European Union (EU) and Council of Europe (CoE) instruments. Safeguarding this important right entails new and significant challenges as technological advances expand the frontiers of areas such as surveillance, communication interception and data storage. This course is designed to familiarise students not specialised in data protection with this emerging area of the law. In particular, the student will be placed in a position to distinguish between positive and negative aspects, advantages and disadvantages associated with data protection regulation and the possible options between alternative forms of protection ready by the legislature. The teaching tends to let the student's ability to understand and explain key case law, summarising major rulings of both the Court of Justice of the European Union and the European Court of Human Rights.

4. Communication skills

The course must put the student in a position to transfer and apply the knowledge gained outside, using an exposure mode logical argument conforms to the main principles of matter and also suits a technically appropriate legal language. In particular, he must be able to provide opinions, advice and assistance on issues object of study.

5. Learning skills

Exceeding the matter must be based on a rigorous assessment in the examination of the achievement by the student of a level of preparation and competence that allows him to approach the study of the other teachings, also not legal, but which may present significant implications with them.

Course Structure

Lectures, classroom discussions, practical training on new legislation and case law; any course tests aimed at verifying the results and level of learning.

Required Prerequisites


Attendance of Lessons

Not mandatory.

Detailed Course Content

Context and background of European data protection law; data protection terminology, principles and rules; data subjects’ rights and their enforcement; international data transfer and flows of personal data; specific types of data and their relevant protection rules; modern challenges in personal data protection (big data, algorithms and artificial intelligence); data, contracts on line and digital signature.

Textbook Information

C. Giakoumopoulos - G. Buttarelli – M. O’Flaherty, Handbook on European data protection law, 2018 edition, EU publications; (and)

Course Planning

 SubjectsText References
1Note: Topics that will be the subject of discussion in class. Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus. 
21 Personal data concept Chapter 1 
32. The right to personal data protectionChapter 2 
43 Principles of European data protection: purpose limitationChapter 3 
54 The data minimization principleChapter 3 
65 The data accuracy principleChapter 3 
76 The data security principleChapter 3 
87 The accountability principleChapter 3 
98 Rules on lawful processingChapter 4 
109 Rules on security of processingChapter 4 
1110 Rules on accountability and promoting complianceChapter 4 
1211 The rights of data subjects: right to be informed and to rectification Chapter 6 
1312 The right to be forgottenChapter 6 
1413 Individual decision-making, remedies and liability Chapter 6 
1514 Data transfersChapter 7 
1615 Specific types of data: electronic communications and employment dataChapter 8 
1716 Health data and financial dataChapter 8 
1817 Big data, algorithms and artificial intelligenceChapter 10 
1918 Software and digital goodsLecture notes 
2019 Computer, data and contracts on lineLecture notes 

Learning Assessment

Learning Assessment Procedures

Multiple choice test.

Note: Learning assessment may also be carried out on line, should the conditions require it.

Examples of frequently asked questions and / or exercises

  1. “Accuracy” principle: definition and applications
  2. The right to be forgotten
  3. Benefits and risks of big data
  4. Types of data and their relevant data protection rules
  5. Contracts on line and digital signature.