Data protection is an extremely important topic that people should know more about. There are plenty of resources out there, many of them very good. But some are too simple, some too complicated, and some are misleading or outright incorrect.
“We’ve tried to make sure that the course is as accessible as possible. The biggest goal here is to get the information out there and try to inform everyone about the law,” says Postdoctoral Researcher Sam Wrigley.
The course is a massive open online course, or MOOC, which anyone can complete independently online at any time. The course is intended for anyone interested in the topic and requires no prior knowledge of data protection or law. The course is free for all and available at https://digicampus.fi/.
”We wanted to create something that is easily accessible, reliable and freely available to everybody, and which provides enough information for people to get to grips with the basics and a solid foundation for people who want to learn more. A MOOC fit the bill perfectly,” says Wrigley.
Practical training for businesses
The primary target group for the course is anyone who wants to learn about data protection law, but doesn’t currently know anything about it.
“We don’t claim to teach you everything you have to know, or to give you a complete image of the law. Rather, what we do is give you a flavour, an introduction, to the law,” says Wrigley.
Data protection law is everywhere nowadays and especially online; we are constantly surrounded by cookie popups, consent requests and long privacy policies, and very few people actually have time to delve into all of that. But data protection is still very important, and people should be aware of how their data is being used.
“The amount of choices about data we are required to make in our everyday lives can sometimes feel overwhelming but understanding how the law works and what it aims to protect can help to navigate the field,” says Doctoral Researcher Tuulia Honkasalo.
One user group for which the course could be very practical is businesses. In many businesses, data protection matters are handled by individuals who have not been trained in law.
“It’s not easy to train them for data protection duties. For example, assigning them a book to read doesn’t enable you to verify whether they have actually learned something from it. This course will provide you with everything you need in a handy package, and it is also practical in terms of making it possible to monitor students’ progress,” says Docent Tobias Bräutigam.
Accessible and interesting
The structure of the course is set up to make it as accessible and interesting as possible to learn the basic principles and justifications of European data protection law.
The course starts with an introduction to the history and context of data protection law, setting out the necessary background. Next, it briefly introduces the relevant basics of the EU and the legal structures around the General Data Protection Regulation (GDPR), to make the course accessible to non-lawyers. After that, the most important thing is vocabulary.
With these basic principles covered, the course moves on to more substantive issues, going through the legal bases for processing, the data subject rights, and the data processing principles. Finally, it covers enforcement.
The topics are presented through a combination of video lectures and reading assignments, including a range of primary and secondary sources.
After completing the course, students should have a familiarity with the basic elements of the GDPR. Among other things, you should be able to cut through some of the most common GDPR buzzwords; identify some key GDPR provisions, what they do and why they are useful; and have a solid understanding for further investigation.