The Master’s on Technology and Privacy has a multidisciplinary approach and comprises the following modules:
PRIVACY AND SURVEILLANCE CONCEPTS (I) [5 ECTS]
This module introduces students to the basic concepts used in the study of privacy and surveillance and provides a comprehensive theoretical grounding in the subject matter. The subject provides a view of the historical trajectory of surveillance, including different views on how totalizing and centralized it is. In addition, the module discusses data protection and its relation to privacy and surveillance, and gives an introduction to ways that surveillance has been conducted ‘from below’ (sousveillance) and in the pursuit of accountability (counterveillance).
In this module, the digital and technological elements of surveillance come to the fore. Students are introduced to concepts describing surveillance overreach and discrimination, and other concepts such as ‘dataveillance’ which describes the ways that information and communication technologies have facilitated new forms of surveillance. Identification, one of the practices ICT speeds up and widens, is treated in relation to its socio-technical ramifications. Students are also introduced to the economic elements of privacy and surveillance.
LAW, POLICY, AND TECHNOLOGY [5 ECTS]
In this module, the master’s programme takes a legal turn. First, it does so by providing students an introduction to privacy law and current policies on privacy in the EU and beyond. This includes a focus on data protection, which is an entry point into a broader exploration of the role of professionals of privacy (in anticipation of the later Chief Privacy Officer modules) as well as of national and supranational data protection agencies. The module remains topical and turns to problems related to recent revelations about government mass surveillance.
DESIGN OF SECURE SYSTEMS [5 ECTS]
As the pursuit of privacy protection increasingly requires knowhow in digital technologies, this module provides students with an understanding of the technical elements required for auditing a technological system, ensuring anonymity, protecting stored data, and cryptographical operations such as encryption and re-identification. Looking ahead to the next module on impacts, this module includes material on how societal impact can be accounted for in the very design of technological systems.
This module brings together policy, technology and societal values to provide students with an understanding of the tools used for measuring privacy, surveillance and data protection impacts. This involves showing the policy and implementation side of these assessments, which often require large organizational commitment, but also the values and ethics based rationales for them. In addition to providing instruction on policy cycles, this module introduces students to methods of engaging with multiple stakeholders and following responsible research and innovation (RRI) frameworks. The module draws strongly from ongoing Eticas research in EU-funded FP7 projects in which societal impact and RRI have been central lenses through which impact and technological design are considered.
TOOLS AND SECTORS [15 ECTS]
This module provides a sectoral approach to privacy issues, through the lens of law enforcement, health, smart cities, banking, and more. Examining privacy in these contexts, with an empirical focus, the module also discusses ‘data tools’. These tools are modes through which data is collected, treated, or through which the results of data treatments are applied. These include biometrics, databases, algorithms, and drones. By the end of this module, students will have a strong grasp of the landscape of privacy-invasive and privacy-enhancing tools.
PRIVACY MANAGER [6 ECTS]
This module addresses the now well-entrenched professionalization of privacy managers in the public and private sectors. Building on the knowledge acquired in all the modules, this module gives students a grounding in (1) the policy elements of privacy and data protection such as European and international data protection frameworks and (2) the technical and managerial elements of a role – the Chief Privacy Officer – that is in growing demand. This includes learning how to undertake a privacy impact assessment (PIA) and how to engineer principles such as privacy by design (PbD) and how to set an organizational privacy program.