716.01 CyberSecurity, Privacy and Government Surveillance

The acquisition, management, analysis, dissemination, and security of data are increasing important issues for individuals, commercial enterprises and governments.   New technologies create a more connected and personal digital society.  Every day, transactions engaged in by individuals generate ever expanding amounts of personal information, including credit card transaction information, purchasing histories, bank and other financial transaction information, location information, health information, real property ownership information, information relating to interactions with the criminal justice system, information shared on social media and other types of information.  Not only is the volume of personal information escalating rapidly; much of it is revealed in on line transactions, enabling it to be acquired for multiple uses, and much resides on servers and storage media where it can be accessible or potentially accessible to commercial enterprises and government agencies. New cybersecurity risks are demanding responses from governments as they address attacks on critical infrastructure, election interference and the potential for manipulation of the data used to train artificial intelligence tools.

In both the commercial sector and the government sector, the legal and policy issues associated with data, cybersecurity and surveillance are growing in importance.   Discussion of these issues in either sector cannot ignore the others, because the issues frequently intersect.  They also transcend national boundaries. For example, in President Obama’s proposals to revise government policy towards signals intelligence collection, he states that such policies implicate “the cooperation we receive from other nations on law enforcement, counterterrorism, and other issues; our commercial, economic, and financial interests, including a potential loss of international trust in U.S. firms and the decreased willingness of other nations to participate in international data sharing, privacy, and regulatory regimes …”[1]  This intersection of issues creates particular challenges for existing constitutional, legislative and international governance models.

In the government sector, increased risks such as nation state cyber threats now create new priorities to add to those efforts spurred by the terrorist attacks on September 11, 2001.  Combating and preventing terrorist and cybersecurity attacks relies heavily on the collection of information through electronic surveillance.  The tension between these efforts and individual privacy creates frictions that are forcing reconsideration of existing methods of mediating these interests.  This tension then creates challenges for long accepted ideas of nation state use of signals intelligence interception and other information gathering operations (such as the gathering of intelligence about potentially hostile governments).  Similar reconsideration is occurring in the commercial sector, where consumers’ desire for confidentiality in the data that relates to them can conflict with markets for information and commercial and entrepreneurial interests that wish to take advantage of such data to provide new goods and services that consumers value.  

[1] Presidential Policy Directive/PPD-28, p. 1 (January 17, 2014).


Special Notes:

Class meets at the Sanford School of Pulblic Policy

Fall 2021

Course Number Course Credits Evaluation Method Instructor
Course Credits
Reflective Writing
Research and/or analytical paper(s), 10-15 pages
Group project(s)
In-class exercise
Class participation
David Hoffman