PRIVACY AND DATA GOVERNANCE - 2026/7
Module code: LAW3140
Module Overview
This module introduces students to the key legal, policy and practical issues associated with privacy and data governance, as well as to the methods of analysis of those issues used both in law and in policy. The module focuses on two key legal instruments governing privacy and data governance ¿ the UK General Data Protection Regulation and the European Convention on Human Rights ¿ while focusing in on several key and current areas of regulation. The module helps students develop their thinking on how to think both legally and practically.
Module provider
Surrey Law School
Module Leader
BARCZENTEWICZ Mikolaj (Law)
Number of Credits: 15
ECTS Credits: 7.5
Framework: FHEQ Level 6
Module cap (Maximum number of students): N/A
Overall student workload
Independent Learning Hours: 47
Seminar Hours: 33
Guided Learning: 60
Captured Content: 10
Module Availability
Semester 1
Prerequisites / Co-requisites
None
Module content
Indicative content includes:
- Foundational ethical and policy questions around privacy and control of personal data.
- The development of global privacy and data protection regulation, and the factors influencing it.
- UK privacy and data protection law.
- Main problems in online content regulation (e.g. social media).
- Practical aspects of the obligations and role of a data protection officer, such as the completion of data protection impact assessments.
Assessment pattern
| Assessment type | Unit of assessment | Weighting |
|---|---|---|
| Coursework | Coursework | 50 |
| Oral exam or presentation | Oral Discussion | 50 |
Alternative Assessment
The oral discussion may be alternatively assessed online or via a written equivalent.
Assessment Strategy
The assessment strategy is designed to provide students with the opportunity to demonstrate achievement of module learning outcomes in respect of knowledge gained, critical/analytical ability and skills acquired. The assessment addresses all learning outcomes listed above.
Thus, the summative assessment for this module consists of:
- Coursework (50%); and
- Oral assessment (50%).
For the coursework, students will be provided with a draft data protection impact assessment which contains several legal issues. They will demonstrate their understanding of law and practice in privacy and data governance by firstly identifying and explaining such legal issues. They will then provide recommendations on how the organisation can improve its practices to comply with the relevant legal framework.
The oral assessment will test students¿ understanding of key legal, policy and practical areas of privacy and data governance. Students will be given a pool of possible topics to consider in advance of the oral presentation. Students will be expected to augment their understanding from the course with some additional research regarding law, policy, practice, and academic commentary.
Formative assessment and feedback:
- Formative (mock) coursework.
- Individual and general feedback provided to students, including on oral presentation skills.
- Other formative exercises may be set in or outside class.
Module aims
- Provide students with an understanding of the key legal, policy and practical issues associated with privacy and data governance
- Enable students to apply the methods of reasoning and analysis of those issues used in law, policy and practice
- Expose students to the challenges of interdisciplinary thinking about privacy and data governance.
Learning outcomes
| Attributes Developed | ||
| 001 | Demonstrate their understanding of the basic legal, policy and practical issues associated with privacy and data governance. | KC |
| 002 | Formulate and communicate their views of those issues supported by appropriate argument and evidence. | CPT |
| 003 | Critically analyse statements on law and policy associated with privacy and data governance. | KCPT |
| 004 | Use and critically engage with academic sources related to privacy and data governance law, policy and practice. | KCPT |
| 005 | Use and critically engage with policy sources related to privacy and data governance. | KCPT |
| 006 | Apply and critically assess legal and regulatory frameworks on privacy and data governance applicable in different commercial and governmental contexts. | KCPT |
Attributes Developed
C - Cognitive/analytical
K - Subject knowledge
T - Transferable skills
P - Professional/Practical skills
Methods of Teaching / Learning
Seminars will expose students to the complexities of each topic, evaluating and examining key theories in more depth and through the application of knowledge to real and hypothetical scenarios. The teaching strategy is also designed to encourage independent study and research. Students will be provided with preliminary reading references but will be expected to undertake additional research into each topic independently. During seminars students will be expected to demonstrate their ability to apply that research to discuss given legal and ethical problems, to demonstrate self-direction and originality in tackling and proposing solutions to such problems, and to evaluate critically current research and advanced scholarship in relevant areas.
The learning and teaching methods include:
- Seminars.
The module delivery is supplemented by guidance provided via the SurreyLearn module area and consultation hours during the Semester.
Indicated Lecture Hours (which may also include seminars, tutorials, workshops and other contact time) are approximate and may include in-class tests where one or more of these are an assessment on the module. In-class tests are scheduled/organised separately to taught content and will be published on to student personal timetables, where they apply to taken modules, as soon as they are finalised by central administration. This will usually be after the initial publication of the teaching timetable for the relevant semester.
Reading list
https://readinglists.surrey.ac.uk
Upon accessing the reading list, please search for the module using the module code: LAW3140
Other information
The School of Law is committed to developing graduates with strengths in Employability, Digital Capabilities, Global and Cultural Capabilities, Sustainability, and Resourcefulness and Resilience. This module is designed to allow students to develop knowledge, skills, and capabilities in the following areas:
Employability: The knowledge, understanding, qualities and skills that are developed through module seminars and assessments, provide students with the opportunity to develop important transferable skills required for future employment and professional identity, such as digital lawyering skills, adaptability, resilience, written communication skills, and time-management skills.
Digital Capabilities: This module places a special focus on the relationship between law and technology. Students develop skills in using technology for legal analysis, which is necessary in the field of privacy and data governance. Students develop analytical skills to solve complex problems, developing an understanding of both the theoretical and practical implications of technology on the law of privacy.
Global and Cultural Capabilities: This module allows students to gain global and cultural awareness, such as the different approaches to privacy regulation across major jurisdictions (the EU, the US, UK). Students acquire an insight into the global social, legal and economic implications of data-processing technologies and practices.
Sustainability: Students examine the sustainability aspects of new technologies alongside their privacy and data protection implications, as part of their assessment of how law- and policy-makers develop the law in this area.
Resourcefulness and Resilience: Law students will develop resourcefulness and resilience through embracing academic opportunities and the methodology adopted in this module. Students will actively participate during interactive seminars and assume responsibility to improve their learning. The module seminars and the assessment encourage students to think critically and to carry out research to address complex issues. This develops students¿ approach to deeper level of understanding and independent learning.
Programmes this module appears in
| Programme | Semester | Classification | Qualifying conditions |
|---|---|---|---|
| Law (Law, Environment and Sustainability Pathway) LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
| Law LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
| Law (Philosophy, Politics and Law Pathway) LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
| Law (Law and Technology Pathway) LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
| Law with Criminology LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
| Law with International Relations LLB (Hons) | 1 | Optional | A weighted aggregate mark of 40% is required to pass the module |
Please note that the information detailed within this record is accurate at the time of publishing and may be subject to change. This record contains information for the most up to date version of the programme / module for the 2026/7 academic year.