This course provides an overview of the legal rights and liabilities associated with operation and use of computers and information, including the legal and regulatory compliance issues critical for chief information security officers. It discusses the key statutes, regulations, treaties, and court cases (in the United States and abroad) that establish legal rights and responsibilities as to computer security and information privacy. The course also helps students to learn how to reduce their risk of potential legal liability for computer security or information privacy failures, and how to enforce their security and privacy rights against other parties. Case studies and lessons learned from information security failures are used throughout the course.
Learning Objectives
- Identify and apply statutes, regulations, treaties, and court cases in the U.S. and abroad that establish rights and liabilities for the security of computer operations.
- Identify and apply statutes, regulations, treaties, and court cases in the U.S. and abroad that establish rights and liabilities for information privacy.
- Identify and apply security and data protection controls for proprietary and sensitive business information and records.
- Apply legal principles and the use of IRAC in order to address and reduce the risk of legal liability for security or privacy failures when operating or using computer systems.