The course "Protection of personal data and protection of fundamental rights - Privacy Law Clinic" (ECTS), from a Public Law perspective, allows the students to engage in practical activities, based on the theoretical lessons of the first part of the course, according to the "learning by doing" method.
The idea for the course comes from the awareness that the fundamental rights are now an established heritage of our legal tradition, both at national and european level: we now appreciate a multi-level protection of fundamental rights, made possible by the constitutional clauses that allow the opening to international and European Law.
In this context, the right to privacy, codified by the Privacy Code (Legislative Decree. N. 196/2003), is a fundamental human right, as a direct explication of dignity, also due to the contribution of Eu Law and ECHR.
Therefore, the right to privacy, both in the tradional sense and as protection of personal data, has now achieved a solid legal acknowledge: first of all, we should consider articles 7 and 8 of the EU Charter of rights and case law of both the Court of Justice and the Court of Strasbourg. Secondly, we need to mention EC (noe EU) Law, beginning with the Directive 95/46/ EC, folowed, at the national level, by law n. 675/1996 and then by the so-called Privacy Code (Legislative Decree no. 196/2003). Finally, the need for a more coherent framework at European level has led to the adoption of the new Regulation on data protection (EU Regulation 2016/679), which, by repealing Directive 95/46, produces a fundamental work of standardization of the national laws on the subject.
Once descrived the theoretical framework, there are two theoretical and practical focus on the legal framework (Legislative Decree. N. 196/2003 and EU Regulation 2016/679) and the activities of Data Protection Authority.
Such focus are the necessary link between the theoretical and the practical part, represented by a legal service to the administrative staff of the University. This activity will be conducted under the supervision of a teacher (and student graduating seniors / graduates), by students who have demonstrated the necessary theoretical knowledge.
The idea for the course comes from the awareness that the fundamental rights are now an established heritage of our legal tradition, both at national and european level: we now appreciate a multi-level protection of fundamental rights, made possible by the constitutional clauses that allow the opening to international and European Law.
In this context, the right to privacy, codified by the Privacy Code (Legislative Decree. N. 196/2003), is a fundamental human right, as a direct explication of dignity, also due to the contribution of Eu Law and ECHR.
Therefore, the right to privacy, both in the tradional sense and as protection of personal data, has now achieved a solid legal acknowledge: first of all, we should consider articles 7 and 8 of the EU Charter of rights and case law of both the Court of Justice and the Court of Strasbourg. Secondly, we need to mention EC (noe EU) Law, beginning with the Directive 95/46/ EC, folowed, at the national level, by law n. 675/1996 and then by the so-called Privacy Code (Legislative Decree no. 196/2003). Finally, the need for a more coherent framework at European level has led to the adoption of the new Regulation on data protection (EU Regulation 2016/679), which, by repealing Directive 95/46, produces a fundamental work of standardization of the national laws on the subject.
Once descrived the theoretical framework, there are two theoretical and practical focus on the legal framework (Legislative Decree. N. 196/2003 and EU Regulation 2016/679) and the activities of Data Protection Authority.
Such focus are the necessary link between the theoretical and the practical part, represented by a legal service to the administrative staff of the University. This activity will be conducted under the supervision of a teacher (and student graduating seniors / graduates), by students who have demonstrated the necessary theoretical knowledge.
teacher profile teaching materials
1) Protection of fundamental rights and protection of personal data: lectures about fundamental rights, in the national and European constitutional framework, with particular regard to the evolution of the right to privacy and protection of personal data. The teacher will guide students in reading and examinating the case-law, with reference to the Constitutional Court, the Court of Justice of the European Union and the European Court of Human Rights.
2) Focus on the Privacy Code and the new European regulation: lectures and seminars related to the legislation on protection of personal data, from a theoretical perspective:
- Legislative Decree no. 196/2003: the general principles of the Privacy Code; definition of controller, processor, recipient; transparent information and consent; data subjects' rights; the processing of personal data in the public and private sectors; duties and functions of the Data Protection Authority .
- Regulation on data protection (EU Regulation 2016/679): the approval process; material and territorial scope ; the general principles of processing personal data; protections for special categories of personal data; Relations between data protection authorities and consistency mechanism; principle of accountability (privacy by design and privacy by default, privacy impact assessment, the figure of the data protection officer.
3) Focus on Data Protection Authority: analysis of decision-making and advice of the Data Protection Authority in the most important areas; explanation of the main measures taken by the Authority to introduce safeguards and security measures, including the penalties imposed, in the following areas:
- Public and private health: electronic medical record and medical dossier, authorization on genetic data;
- Internet and electronic communication: spam and the profiling systems;
- Public administration: transparency in the light of the new FOIA;
- Journalism: guarantees for free expression including the relationship with the institutional communication.
4) Law Clinic: advice on legal issues related to data protection.
Programme
The Course will be scheduled as follows:1) Protection of fundamental rights and protection of personal data: lectures about fundamental rights, in the national and European constitutional framework, with particular regard to the evolution of the right to privacy and protection of personal data. The teacher will guide students in reading and examinating the case-law, with reference to the Constitutional Court, the Court of Justice of the European Union and the European Court of Human Rights.
2) Focus on the Privacy Code and the new European regulation: lectures and seminars related to the legislation on protection of personal data, from a theoretical perspective:
- Legislative Decree no. 196/2003: the general principles of the Privacy Code; definition of controller, processor, recipient; transparent information and consent; data subjects' rights; the processing of personal data in the public and private sectors; duties and functions of the Data Protection Authority .
- Regulation on data protection (EU Regulation 2016/679): the approval process; material and territorial scope ; the general principles of processing personal data; protections for special categories of personal data; Relations between data protection authorities and consistency mechanism; principle of accountability (privacy by design and privacy by default, privacy impact assessment, the figure of the data protection officer.
3) Focus on Data Protection Authority: analysis of decision-making and advice of the Data Protection Authority in the most important areas; explanation of the main measures taken by the Authority to introduce safeguards and security measures, including the penalties imposed, in the following areas:
- Public and private health: electronic medical record and medical dossier, authorization on genetic data;
- Internet and electronic communication: spam and the profiling systems;
- Public administration: transparency in the light of the new FOIA;
- Journalism: guarantees for free expression including the relationship with the institutional communication.
4) Law Clinic: advice on legal issues related to data protection.
Core Documentation
C. COLAPIETRO, Il diritto alla protezione dei dati personali in un sistema delle fonti multilivello. Il Regolamento UE 2016/679 parametro di legittimità della complessiva normativa italiana sulla privacy, Napoli, Editoriale Scientifica, 2018.Type of delivery of the course
Lectures and activities carried out within the legal advisory office.Type of evaluation
The exam consists of a final oral test. Students are also required to prepare a paper on the topics covered during the course, subject to evaluation as a mid-term exam.