Georgia Institute of Technology

Privacy Technology, Policy, and Law
Spring 2013
Syllabus

CONTENTS:

DESCRIPTION:

This mixed undergraduate- and graduate-level course examines the challenge of constructing and complying with privacy policies, technical requirements, and legislation. Is privacy a fundamental human right, an outmoded concept, or something inbetween? How should individuals, businesses, and governments consider privacy when developing or employing new technologies or policies? Students in the course will participate in extensive in-class debates of privacy challenges, including the ethical and legal foundations of privacy, development of privacy-related technologies, and the comparative differences between American and European approaches to privacy legislation. Course topics include social networks, surveillance, wiretapping, encryption, and web-based advertising. This course features a semester-long collaboration with an Atlanta-based healthcare company seeking to engage students in real-world privacy challenges; specifically, compliance with federal privacy regulations, assessment of security and privacy policies, and development of new, privacy-sensitive approaches to business analytics.

OBJECTIVES:

This will course will enable students to understand how privacy is defined, protected, and managed in the areas of technology, policy, and law. Specific objectives include:

  1. Examining the state-of-the-art for research and practice in information privacy, including methods, tools, notations and processes used in information systems;
  2. Understanding the legal and policy issues surrounding technologies that operate on sensitive information;
  3. Developing the multidisciplinary skills needed to analyze, manage, and resolve the challenges associated with privacy, technology, law, and policy;
  4. Gaining a basic grounding for future technical research in privacy via the examination of current research issues and problems; and
  5. Gain experience handling real-world privacy challenges through analysis of software and business artifacts using written and oral communication.

COURSE PURPOSE:

There is a great need for qualified privacy professionals in industry and government. One need look no further than the number of data breaches facing industry and government institutions. The the privacy field is maturing as evidenced by the fact that over 10,000 privacy professionals have joined the International Association of Privacy Professionals. IAPP certification requires an understanding of technology, law and policy; this course exposes students to the complex interplay of these areas. This course will guide students in acquiring the skills needed to effectively design privacy into software in various contexts. There is a great need for students to have a course that enables them to acquire the practical hands-on skills needed to be a successful privacy professional while also acquiring the basic grounding needed for more advanced software engineering research. This course is expected to increase the practical and research skills of students specializing in software engineering and privacy.

COURSE APPROACH:

This course requires the active participation of students in the course. Students are expected to read, critique, and discuss the assigned academic papers. One paper review will be submitted for a grade each week. In addition, some students will be expected to be "on call" to both ask and respond to questions when discussing papers each day. There are three projects this term: a project on the ethics of tracking technologies, a project on the privacy implications of cloud computing, and a project on the potential for re-identification of previously de-identified data.

COURSE TEXT:

All required material for this course will be available online through the course Website. Currently, no textbook is required for this course. There will be an extensive amount of required reading in the form of academic papers related to privacy, security, law, and technology as described in the Course Description.

We can recommend an optional texts that supplement the course for the interested student. This text addresses fundamental aspects of modern privacy concerns resulting from new technologies and policy discussions. Schneier’s book addresses the fundamental human concern underlying both privacy and security: Trust. The book covers how societies induce trust and what they do in situations where trust fails. This wide-ranging book covers numerous aspects of social science, history, economics, and psychology that all apply to security and privacy. Students choosing to read this book will find that it applies to every topic discussed in this class.

[Sch12] Bruce Schneier. "Liars and Outliers: Enabling the Trust that
Society Needs to Thrive", Wiley, 2012.  ISBN-10: 1118143302, ISBN-13:
978-1118143308

ACADEMIC INTEGRITY:

The course process will follow all relevant and appropriate Georgia Institute of Technology academic regulations (http://www.honor.gatech.edu) including those about academic integrity. All students are expected to maintain traditional standards of academic integrity by giving proper credit for all work. All suspected cases of academic dishonesty will be aggressively pursued. A student shall be guilty of a violation of academic integrity if he or she represents the work of others as his or her own or aid another's misrepresentation. Any violation associated with a homework, assignment, examination or quiz will result in a zero for the assignment and a failing grade for the course. Such violations will be reported to the Office of Student Conduct, which may impose penalties beyond those by the instructor.

Students are encouraged to read the ACM Code of Ethics (http://www.acm.org/constitution/code.html), particularly sections 1.3, 1.5, 1.6, 2.2 and 2.4.

STUDENTS WITH DISABILITIES:

The course process will follow all relevant and appropriate Georgia Institute of Technology academic regulations including those relevant to students with disabilities. Any students requiring additional assistance due to disabilities (e.g., learning disabilities) should contact the professor during the first week of the semester. Students requiring extra time for examinations and quizzes are asked to make arrangements at least three days in advance. You may contact the ADAPTS (http://www.adapts.gatech.edu) regarding campus services.