Information Privacy Summer Courses

Global Privacy Law:

2 credits/ 24 CLEs (May 24 - 28, 2021)
Professor Gabe Maldoff


Course description:
Personal data is the raw material for business models in industries ranging from online advertising, social networking, cloud computing, health and financial services. Governments, too, rely on personal data for purposes such as national security and law enforcement, urban planning and traffic control, public health and education. Emerging technologies greatly enhanced data collection, storage and analysis. In this context, public and commercial interests strain against individual rights, with privacy law serving as the mediator. This course will place privacy within a social and legal context and will investigate the complex grid of legal structures and institutions that govern privacy at state, national, and international levels. Students will be taught how to critically analyze privacy problems and make observations about sources of law and their interpretation, with an emphasis on the global nature of data. The final grade will be based on class attendance/participation, and a take-home exam.


Data Monopolies: Competition Law for Privacy Pros

1 credit/ 12 CLEs (June 1-2, 2021)
Professor Rita Heimes


Course description:
In the United States, the Federal Trade Commission enforces not just the Federal Trade Commission Act and its prohibitions against unfair and deceptive practices, but as well laws that prohibit restraints of trade and other anti-competitive practices. In recent years, giant U.S. tech companies like Apple, Facebook, Amazon and Google have come under scrutiny - if not congressional investigation and even litigation - for allegedly monopolizing digital markets. The European Commissioner for Competition is also keenly interested in the actions of these and similar players. This course will introduce students to competition law, including a comparative look at how the EU approaches it, to prepare them for legal and policy issues their clients might face as they collect, process, and share personal information globally, and even participate in the consolidation of data assets through mergers and acquisitions.  Grading will be pass/fail and based on class participation and a short in-class presentation.

Privacy, Artificial Intelligence, and Ethics

2 credit/ 24 CLEs (June 4-11, 2021)
Professor Chris Hart and Professor Brittan Heller


Course description:
Privacy has been a notoriously difficult issue to pin down, and changes in law and technology have made privacy a moving legal target, especially for compliance professionals.  On top of the complexities created by privacy laws, the increasing use of artificial intelligence technologies creates a new set of opportunities, and a new set of problems.  This course explores the current issues in the law around privacy, artificial intelligence, and the interactions between those two fields.  In addition to gaining an understanding of the state of the law, you will come away from the course with a better of understanding of what artificial intelligence actually is, how it’s used, and why it matters.  After exploring these concepts, we will consider the ethical questions surrounding data use and artificial intelligence, and implications for the future. This course concludes with an all-day conference organized by the University of Maine School of Law in collaboration with Northeastern University’s Roux Institute and Law School covering topics in AI, privacy and ethics. Grading will be based upon class participation, an in-class presentation, and a final paper.

Managing Global Data Transfers

1 credits/ 12 CLEs (June 10-11, 2021)
Professor Justin Weiss


Course Description:
In contrast to legal regimes that restrict localization of data to a single jurisdiction, omnibus data protection laws like the EU’s GDPR generally authorize the transfer of personal data across borders under appropriate circumstances. The policy objective of data transfer rules contained in such laws is to ensure that the level of privacy protection afforded by the exporting jurisdiction shall be maintained by the importing jurisdiction, while enabling the free flow of information. In the United States, privacy advisors to cloud providers, corporate affiliates, banks and consumer internet businesses alike must learn how to implement the safeguards used to enable these global data flowsIn 2020 this task was further complicated by the Court of Justice of the European Union’s decision in its landmark “Schrems II” ruling, which invalidated one commonly-used US transfer tool and created new rules for “supplemental safeguards” that are required to support transfers to various third countries, depending on the attributes of legal regimes in the countries themselves. This course will survey the international data transfer provisions contained in Chapter V of the EU’s GDPR with a special emphasis on the European Commission’s model contractual clauses, read in light of the Schrems II decision. Grading will be pass/fail and based on class participation and a short in-class presentation where each student will present their recommendations to support transfers to an assigned jurisdiction.

right body border
© Copyright 2017 Center for Law and Innovation | 246 Deering Avenue, Portland, ME 04102