The Center for Law + Innovation will host its eighth annual summer institute in privacy and information security law from May 22 – June 9, 2017. Professionals seeking CLE credits register for courses with the Center for Law + Innovation. Professionals and J.D. students seeking academic credit should register for courses during the summer registration period with the Registrar.
May 22 – 25, 2017
Personal data has become the raw material for business models in industries ranging from online advertising, social networking, cloud computing, health, and financial services. Governments, too, rely on personal data for purposes such as national security and law enforcement, urban planning and traffic control, public health, and education. Emerging technologies greatly enhance data collection, storage and analysis. In this context, privacy laws strain to continue to protect individual rights. This course will place privacy within a social and legal context and will investigate the complex mesh of legal structures and institutions that govern privacy at state, national, and international levels. Students will be taught how to critically analyze privacy problems and make observations about sources of law and their interpretation, with an emphasis on the global nature of data. Students will be provided with the technological details needed to explore information security and management issues in domestic and international contexts. The final grade will be based on class participation, attendance, and an exam.
Prof. Tene is Vice President of Research and Education at the IAPP, administering the IAPP Westin Research Center and Fellowship Program. His long career in history and academia includes serving as a tenured member of the faculty at the College of Management School of Law, Tel Aviv, Israel, where he was also the Vice Dean. He maintains an active privacy practice and scholarship agenda as: a consultant to governments, regulatory agencies, and businesses on privacy, cybersecurity and data management; an Affiliate Scholar at the Stanford Center for Internet and Society; and a Senior Fellow at the Future of Privacy Forum. Prof. Tene has been teaching in the Information Privacy Summer Institute every year since its inception.
May 30 – 31, 2017
This course explores the extent to which employees have a right to privacy in the workplace. It covers an employer’s legal obligations from recruiting, to hiring, terminating, and post-termination. What rights do employers have to monitor employees’ email, phone calls, social media use, and even presence in the office? What obligations do counsel have to train employees on privacy as a component of the employees’ jobs? How can employment lawyers help other privacy and security teams with data minimization, authorization, and confidentiality systems? How far may employers go in disclosing employee information to government investigations? What is the role of international data protection laws on employee privacy? These and many more issues will be discussed in a pragmatic approach to how lawyers manage privacy in the workplace.
Prof. Egan Sussman is a privacy and data security partner based in Ropes & Gray’s Boston office. Her practice focuses on privacy, information security, and consumer protection. She routinely guides clients through the existing patchwork of US federal and state privacy laws, state breach notification laws, state information security laws, as well as existing self-regulatory frameworks, including those covering online advertising and payment card processing. She draws on her foundation as an employment lawyer when conducting internal investigations stemming from data incidents and when drafting comprehensive privacy and security programs for businesses operating across multiple jurisdictions and industry lines. She is a member of the International Association of Privacy Professionals and co-chair of the IAPP’s Boston KnowledgeNet group.
June 1 – 2, 2017
One of the most heavily regulated areas of information privacy law is in the health care industry, where privacy and data security issues are of paramount importance. This course explores the key data privacy and security issues facing health care enterprises and their vendors (and the broad variety of other entities that use and disclose health care information), including compliance with HIPAA and a broad variety of other state and federal privacy and data security laws applicable to healthcare data and the healthcare industry. We will discuss how health care privacy and data security law is evolving, what the key policy issues are for this debate, and will provide practical advice on evaluating and applying law, regulations, and best practices to the creation, use, and disclosure of health care data.
Prof. Nahra is a partner at Wiley Rein in Washington, D.C., where he specializes in privacy and information security litigation and counseling, along with a variety of health care, insurance fraud, and compliance issues. He assists companies in a wide range of industries in analyzing and implementing the requirements of privacy and security laws across the country and internationally. He also works with insurers and health care industry participants in developing compliance programs and defending against government investigations into their practices. A long-time member of the Board of Directors of the International Association of Privacy Professionals (IAPP), he is the editor of The Privacy Advisor, the monthly newsletter of the IAPP. He was named as the Co-Chair of the Confidentiality, Privacy, and Security Workgroup, a panel of government and private sector privacy and security experts advising the American Health Information Community (AHIC) on privacy and security issues arising from health information technology.
June 5 – 8, 2017
Big data analytics is becoming integral to American society. Businesses use it to become more productive, schools to provide personalized education, health care providers to tailor treatments, and law enforcement agencies to predict crime, to name but a few of its many uses. But along with these benefits come risks. Big data analytics can invade privacy, perpetuate bias and undermine transparency and fairness. Federal and state lawmakers are currently developing laws and policies to enhance big data’s benefits while reducing its risks.
Businesses and other organizations seeking to navigate this new data reality, and the lawyers that advise them, need to understand what big data is, the benefits and risks that it creates and the evolving legal structure that governs it. This four-day course on Big Data Law and Policy will build that competency. Day 1 will introduce big data analytics, its benefits and its risks. Day 2 will examine both the existing laws that govern big data analytics (e.g. the Fair Credit Reporting Act, the Fair Information Practice Principles, federal anti-discrimination laws, the Privacy Act, the Fourth Amendment, and others), and the gaps in those laws. Day 3 will explore how law and policy are evolving to address the challenges and opportunities that big data analytics presents. Day 4 will bring the prior days’ learning together into a coherent framework that students will apply to a realistic big data analytics use case. Students will leave the course with a working understanding of what big data analytics is, the laws and policies that govern it, and how this legal structure is likely to evolve in the future.
The course is relevant to those who work in businesses, government bodies or other organizations that employ big data analytics, and to the attorneys and other counselors who advise them. It will employ lecture, discussion and skills-building exercises in the classroom. It will assign popular and academic articles, white papers, and primary source legal and policy documents as outside readings. It will evaluate students based on class participation and an in-class examination that will test the basic concepts articulated in the classroom and in the readings.
Dennis Hirsch is Professor of Law and Director of the Program on Data and Governance at the Ohio State University Moritz College of Law. He also holds the title of Professor of Law at Capital University Law School in Columbus, Ohio.
In 2010, Professor Hirsch served as a Fulbright Senior Professor at the University of Amsterdam where he produced a leading study on collaborative Dutch data protection regulation. He is the Reporter for the Uniform Law Commission Drafting Committee on Employee and Student Online Privacy; the Chair of the American Association of Law Schools Section on Defamation and Privacy; and the Co-Organizer of the University of Amsterdam, Institute for Information Law, Summer Course on Privacy Law and Policy – a course in which he enjoys teaching each July.
A graduate of Columbia University and the Yale Law School, Professor Hirsch served as Articles Editor for the Yale Law Journal, as Law Clerk to the Hon. John M. Walker, Jr. of the U.S. Court of Appeals for the Second Circuit, as an Associate at Sidley Austin LLP, and as Counsel to Porter Wright Morris & Arthur LLP.