Logo UAB
2020/2021

Legislation

Code: 102745 ECTS Credits: 3
Degree Type Year Semester
2502441 Computer Engineering OB 3 2
The proposed teaching and assessment methodology that appear in the guide may be subject to changes as a result of the restrictions to face-to-face class attendance imposed by the health authorities.

Contact

Name:
Cristina Blasi Casagran
Email:
Cristina.Blasi@uab.cat

Use of Languages

Principal working language:
spanish (spa)
Some groups entirely in English:
No
Some groups entirely in Catalan:
No
Some groups entirely in Spanish:
Yes

Teachers

Josep Cañabate Pérez

Prerequisites

There are no prerequisites

Objectives and Contextualisation

Objectives.

The aims of this subject consists on the acquisition of the following knowledge and skills:

1. Knowledge:

- Discover and discern the juridical implications of technology

- Learn about the fundamental juridical frames that are applicable in IT fields.

- Distinguish lawful facts from illicit behaviours

- Learn the different levels of unlawfulness in the computer practices.

2. Skills in the field of IT law:

- Identify the values protected by the existing legislation

- Identify the technological control needed according to the law

- Distinguish potential normative conflicts

- Detect the commission of illicit practices

- Analyse the legal framework and take decisions to preventin possible illicit practices

- Incorporate the legal requirements in the design of IT projects and services

Competences

  • Acquire personal work habits.
  • Act ethically and professionally.
  • Analyse and evaluate the social and environmental impact of technical solutions and understand the ethical and professional responsibility of the activity of an IT engineer.
  • Capacity to design, develop, select and evaluate computer applications and systems, ensuring reliability, security and quality, in accordance with ethical principles, and applicable standards and legislation.
  • Have the capacity to produce a list of technical conditions for a computer system that fulfils applicable standards and regulations.
  • Know the standards and regulations regarding computers in the national, European and international fields.
  • Know, understand and apply the necessary legislation when exercising the profession of an IT engineer and manage compulsory specifications, regulations and standards.

Learning Outcomes

  1. Assume and respect the role of the various team members , as well as different levels of dependence on the team.
  2. Critically evaluate the work done.
  3. Discover and filter the social implications and polyvalence of technologies.
  4. Identify the regulations (laws, standards…) susceptible to application to a computer system.
  5. Know and understand the technical conditions sheet of a computer system.
  6. Know the legislative and normative framework in relation to the IT profession in the pertinent field.
  7. Respecting the diversity and plurality of ideas, people and situations.
  8. Understand and know the current ethical principles, legislation and regulations applicable to computer systems.
  9. Understand the legislative and normative framework in relation to the IT profession.

Content

Lesson 1: Introduction to law and general legal considerations
Law as a normative order: classes of norms. - Functions of law. The sources of law. - The Right and the Justice. Morality and legal values. - Legal security.- Protection of human rights. - The validity and entry into force of a right. - The problem of loopholes in the law. The concept of analogy. - The individual as subject of law. Legal personality and the ability to act. - The contract as an instrument of action in economic traffic. - The branches of law. - The Spanish legal system.

Lesson 2: Internet regulation
Origin, evolution and future of new technologies. - Regulation of online content in the EU. - International jurisdiction and applicable law. - Legal regime of the information society services, audiovisual services and telecommunications services. - Net neutrality. - Liability of intermediaries.

Lesson 3: Fundamental rights of communication
Right to information. - Freedom of expression. - Right to privacy and secrecy of communications. - Right to honor. - Right to self-image. - IT control in the workplace

Lesson 4: Privacy and data protection in digital environments
Key concepts: data protection v Privacy. - Origins of European data protection legislation. - Case law of the CJEU. - The General Data Protection Regulation. - European developments in the field of data protection. - The Spanish data protection law.

Lesson 5: Intellectual property rights in the digital environment
European copyright laws. - European Jurisprudence on copyright. - Trademark laws. - Patent law.- Free software licenses.

Lesson 6: E-commerce and online marketing
E-commerce in the context of the single market. - Online marketing and behavioral advertising. - Cookies management.- Consumer protection. - Digital identity and electronic payment.

Lesson 7: Procurement of goods and services on information technology
Computer contracts.- Service Level Agreements / Operating Level Agreements- Software development contract.- SCROW contract.- Cloud Computing contract

Lesson 8: Security and auditing of information systems
ISO 27001 (Information Security Management System) - The audit of information systems. -Electronic Signature and Digital Certificates - PCI-DSS (Payment Methods) Regulations - National Security Scheme.

Lesson 9: Cybercrimes
Cybercrimes in the EU. - European Cybercrime Center. - Hate crimes online. - Limits of the right to information. Offences of revelation of secrets. - Computer sabotage.- Stalking - Child Grooming- Forensic Readiness and judicial Expertise.- Criminal Compliance (UNE 19601).

Methodology

The student will have to conduct several tasks in order to learn the contents in this course. Particularly, two types of activities will have to be completed:

1. Theoretical sessions: the lecturer will explain the contents of each lesson and students will be asked to carry out legal reflections from each of the concepts learned. Theoretical sessions will contribute to the consolidation of basic contents, necessary to perform the practical assignments defined in point 2.

2. Seminars: These sessions have for aim to put apply the concepts explained at the theoretical sessions using the methodology of resolution of practical cases. They will be divided in two types:

2.1. Non-evaluated activities: They will consist of a case study proposed at the start of the seminar which, using specific resources and materials will have to be resolved in small groups or individually. Before end the seminar, students will discuss the possible solution, guided by specific questions posed by the lecturer.

2.2 Evaluated activities. These activities are part of the continuous-assessment. They will evaluate the knowledge of the student through a case study, using material referred by the lecturer. It may be resolved individually or in small groups. At the end of the session, the solution will be proposed and debated.

At the end of the course, a final test will be completed. This test will allow to evaluate the knowledge and skills learned by students during the course.

Crosscutting competencies will be acquired and evaluated along the course. Specifically:

T02.08 Critical assessment through the case studies, students will assess realsituations and solve questions using specific legislation.

T05.01 Assume social, ethical, professional and legal responsibility through the knowledge of the applicable legislation and the consequences of its misusage.

T05.02 Respect of diversity and plurality of ideas, people and situations through the debates that will be generated during the theoretical sessions as well as the practical seminars.

 

Activities

Title Hours ECTS Learning Outcomes
Type: Directed      
Practical Sessions 10 0.4 1, 2, 9, 8, 6, 5, 3, 4, 7
Theoretical Sessions 15 0.6 1, 2, 9, 8, 6, 5, 3, 4, 7
Type: Supervised      
Individual and team work 43.5 1.74 1, 2, 5, 7

Assessment


Criteria

Both the knowledge acquired by the student in relation to the objectives set in the subject and the skills and competences developed will be taken into account for the evaluation..

a) Mid-term exam and activities

The course will include a mid-term exam in addition to the final evaluation test. In addition, there will be two evaluated activities. 

The mid-term exam will have a value of 30% and the evaluated activity will have a value of 20%. They may be delivered individually or in a group (according to the lecturer's instructions). The grades of each scored assignment will be published in the Moodle platform, and solutions will be debated in group sessions. If the student is not able to attend one of the evaluated activities, will have to express their situation in advance and provide the corresponding proof/ reasoned grounds for the absence. Only in such cases, an alternative will be proposed to the student.

A final evaluation test will be 50% and will be completed individually.

In order to pass the course, any student will need to score at least, 3.5 of the mid-term test and one of the evaluated assignments + 5 out of 10 in the final exam. In case of not reaching the minimum required in one or more of the activities, even if the final grade is equal to or greater than 5, the student will be scored 4.5 and the course will be failed.

There is the possibility to opt for a second call in the final test for those students that have not reached 5 out of 10 as final grade of the subject, once the percentages of the entire evaluation process have been weighted: 50% of the continuous assessment (mid-term test, 30% + practical assignment, 20%) + Final Test (50%). If students get 5 or more, they cannot have an option for second call. Those students who do not attend the final test in the first call and/or miss more than one of the 2 continuous-assessment activities, cannot opt for the second call even ifthey have failed the course.

There is no special treatment for students who have already taken this subject in previous years.

b) Schedule for evaluated activities

The dates of the activities part of the continuous assessment will be published in the Moodle platform at the beginning of the course. These dates may be subject to changes for reasons of adaptation to possible and unexpected incidents. Students will always be informed through Moodle about these changes, as the official mechanism for exchanging comunication between lecturer and students.

c) Second-call process

Students will be able to participate to the second call exam only if they have submitted at least one of the evaluated assignments and attend both the mid-term and the final exams. In other words, they need to have completed activities that represent a minimum of two thirds of the total grade of the course. That is, the final evaluation test (compulsory) + one of the two activities of the continuous assessment. There is no possibility to recover an failed assignment from the continuous evaluation.

d) Procedure for score reviewing

The continuous-assessment activities will be reviewed in group sessions after the publication of the grades. The final evaluation test can be reviewed individually, if requested by a student.

e) Scoring

- The grade of Not Evaluated will only be given to those students who do not participate in any of the evaluated activities, according to the evaluation process.

- The lecturer can assign Honors to those students who have excelled throughout the course, both for the grades obtained in the practical assignments and also final test, as well as for their participation in class. In order to qualify for the Honors, a minimum grade of 9 will be required at the end of the course.

f) Potential irregularities, copy and plagiarism

Without prejudice to other disciplinary measures, and in accordance with current academic regulations, irregularities committed by a student that may lead to a variation of the grade will be scored with a zero (0). For example, plagiarising, copying or similar practices will lead to failing the course with the grade zero (0). These activities will not be recovered.

 

The teaching methodology and the evaluation may undergo some modification depending on the restrictions on attendance imposed by the health authorities.

 

Assessment Activities

Title Weighting Hours ECTS Learning Outcomes
Continuous-Assessment activity 20% 3 0.12 1, 2, 9, 8, 6, 5, 3, 4, 7
Final Test 50% 2 0.08 1, 9, 8, 6, 5, 3, 4
Mid-term exam 30% 1.5 0.06 9, 8, 6, 4

Bibliography

Basic bibliography

-      Barberán, Pascual (2020): Propiedad Intelectual para estudios de grado. Con cuadros sinópticos, preguntas de autoevaluación y glosario español-inglés, 1ª ed., Tecnos, I.S.B.N.: 978-84-309-7924-0

-      Blasi Casagran Cristina (2016): Global data protection in the field of law enforcement: An EU perspective, Routledge. Taylor & Francis Group, Oxfordshire, UK, June 2016. ISBN-10: 1138655384.

-      del Rey Morató, Javier (2019): Comunicación política, Internet y campañas electorales. De la teledemocracia a la ciberdemocr@cia, Tecnos, Segunda edición, I.S.B.N.:  978-84-309-7720-8

-      López Calvo, José (2017): Comentarios al Reglamento Europeo de Protección de Datos, Sepin, Madrid, ISBN: 978-84-17009-04-5

-      Martínez González, Mª Mercedes (2014): Informática jurídica para estudiantes de derecho. Introducción a los sistemas de información y seguridad, Tecnos,  1ª edición, I.S.B.N.:  978-84-309-6193-1

-      Garrote Fernández-Díez, Ignacio (2015) La responsabilidad de los intermediarios en Internet en materia de Propiedad Intelectual. Un estudio de Derecho Comparado, Tecnos, 1era ed., I.S.B.N.:  978-84-309-6458-1

-      De Miguel Asensio, Pedro A. (2015): Derecho privado de internet, editorial Civitas, Madrid.

-      Santos García, Daniel (2012) Nociones Generales de la Ley Orgánica de Protección de Datos y su Reglamento”, Editorial Tecnos, segunda edición, Madrid (España), 2012.

-      Savin, Andrej (2013): EU Internet Law, Editorial Elgar European Law, Glos (UK), 2013.

-      Soler, Pere; Piattini, Mario; Elias, Eduard (dir). (2016): Manual de Gestión y contratación informática (comentarios, jurisprudencia actualizada y formularios de contratos comentados, modelos oficiales del COEINF), editorial Aranzadi, Pamplona.

Besides this bibliography, the lecturer may provide other appropriate and up-to-date resources, along with regulations and legal texts. In addition, the lecturer will indicate what pieces are of obligatory reading and study, and what are recommendable.                                            

Links web

-      Handbook on European Data Protection Law: https://fra.europa.eu/en/publication/2018/handbook-european-data-protection-law-2018-edition

-       Spanish Agency of Data Protection: http://www.agpd.es/

-       Spanish Institute of Cybersecurity: https://www.incibe.es/

-       Spanish Cryptologic Centre: https://www.ccn-cert.cni.es/

-       E.Signature Portal: http://firmaelectronica.gob.es/

-       Spanish Cybersecurity Law: https://www.boe.es/legislacion/codigos/abrir_pdf.php?fich=173

-       Spanish Security Scheme: https://www.ccn-cert.cni.es/ens.html

-       WIPO portal: http://www.wipo.int/portal/es/ 

-        PCI DSS Law (e-payment): https://es.pcisecuritystandards.org  

-       ISO 27001 Law: http://www.iso.org/iso/home/standards/management-standards/iso27001.htm