6 ECTS credits
150 h study time

Offer 1 with catalog number 6022046FNR for all students in the 2nd semester at a (F) Master - specialised level.

2nd semester
Enrollment based on exam contract
Grading method
Grading (scale from 0 to 20)
Can retake in second session
Taught in
Faculty of Law and Criminology
International and European Law
Educational team
Joris VAN HOBOKEN (course titular)
Activities and contact hours
39 contact hours Lecture
Course Content

This Case Study will provide a hands-on opportunity to actively obtain skills on the practice of privacy and data protection law, in particular taking into account their global dimension. The course will immerse students in the role of privacy professionals by bringing them close to the work and perspectives of both Data Protection Authorities (DPAs) and Data Protection Officers (DPOs). The students’ activities are framed by European Union (EU) law, but operating in a global reality. The course thus invites the students to work on how to approach key data protection law notions ( ‘personal data’, ‘adequate protection’, ‘legitimate grounds’, etc.) and mechanisms ( ‘data protection by design’ and ‘by default’, ‘data protection impact assessments’, ‘data portability’, etc.). Substantially, the case study will illustrate the challenges of operating with data flows that systematically cross borders and jurisdictions. Throughout the case study, students will be faced with the challenge of interpreting and applying norms in a legally sound and effective manner in a constantly evolving global environment in which different actors might have different priorities, and each actor might have diverse objectives.

Additional info

In relation to teaching methods:

  • Classes will be primarily interactive, based on role-playing scenarios combining team work and individual performances.
  • Classes will be based on a single general scenario providing a consistent narrative throughout the case study, but will incorporate different sub-tasks or exercises.
  • The practical exercises in the class will be supported by suggested reading materials, in which students shall find elements to use actively.
Learning Outcomes

General competencies

The course improves students’ knowledge, skills and attitude in European and international Data law. It will stimulate their learning by raising specific challenges, and consolidate such learning by making the students operationalize what would otherwise be highly theoretical notions. In this sense, it will be especially useful to familiarize the students with what can be perceived as highly elusive legal distinctions (for instance in relation to the boundaries between the responsibilities of data controllers and processors) and technical procedures (including decision-making procedures of the European Data Protection Board (EDPB). It will strengthen their capacity to apply data protection law, and encourage the development of their analytical and persuasive skills. It will promote a rigorous and constructive attitude towards the study and practice of privacy and data protection law.


The final grade is composed based on the following categories:
Other Exam determines 100% of the final mark.

Within the Other Exam category, the following assignments need to be completed:

  • Participation in class with a relative weight of 1 which comprises 100% of the final mark.

Additional info regarding evaluation

The students will be evaluated on the basis of their individual performances while participating in the class.

Academic context

This offer is part of the following study plans:
Master of International and European Law: Standaard traject