Explorations in Data Privacy, AI and Law

Course Descripton: This course provides an experiential, non-technical introduction to legal aspects of data privacy as they relate to the digital age and Artificial Intelligence. We will use real-world scenarios and simulations to explore the intersection of technology and law in the evolving modern economy. This course is intended for attorneys and those in other functional roles with an interest in the legal implications of Artificial Intelligence. 

Course Objectives: 

• Summarize legal aspects of privacy in the digital age
• Describe basic concepts of Artificial Intelligence (AI) and Machine Learning (ML)
• Explain legal implications for the use of AI in real-world scenarios

Time Commitment: The course will meet 8 times, for 90 minutes each week from Monday, June 5 to Monday, July 31 (skip date July 3). This course will include a mix of interactive presentations, discussion, and group activities. This course requires a time commitment of roughly 60-120 minutes outside of class per week.

Format and Location: The course will be taught virtually Mondays from 4:00-5:30 EST. 

Credential: Participants earn a Level 2 Northeastern University badge, a micro- credential which can be shared on professional network profiles to highlight learning achievements. Upon successful completion of all courses, participants will receive a digital badge from Northeastern University’s School of Law.

Cost: $2355 per learner

Course Outline: 

• Week 1: Privacy in the Digital Age. Examine privacy from different corporate perspectives, consider the cost of privacy compliance and the risk/cost of noncompliance. What does it take to secure personal data? What happens if those steps fail? This approach will help attorneys navigate these issues for their clients and within their organizations.
• Week 2: Legal Aspects of Privacy. Examine where legal obligations under privacy laws intersect or conflict with other legal requirements. We will discuss privacy in the media, surveillance performed by various entities, and the different approaches to privacy laws across the globe. We will discuss the current state of privacy law in the United States and the legal history of both federal and state legislative efforts.
• Week 3: Ethics and technical competence. What attorneys need to know about data-driven decision making and the language of data. We'll discuss how clients use data, data structures, where data is kept, and how we can protect data related to contracts and relationships.
• Week 4: Summary of Weeks 1-3, Legal Exercise. Building on the prior week, participants will undertake an exercise to consider the legal implications/benefits/risks of using data and communicating with data. The exercise will focus on a hypothetical of creating a business model from data usage and the role of counsel in the development of the business.
• Week 5: Artificial Intelligence and Machine Learning. Examine this technology from different perspectives and the way it is accessed. Attorneys will develop a solid understanding of AI and ML, and the critical legal issues presented by its use in our practices and by our clients. Looking back to modules on data and privacy, we will present use cases to dig into applications and dependences of AI, what issues must be addressed in the use of AI models, and risks associated with machine learning in our organizations.
• Week 6: ESG, Supply Chain and Privacy in Transactions. Close look at current resources and privacy laws in various jurisdictions, including the EU, India, Canada and the US, and their application to various transactions, all through the lens of social responsibility.
• Week 7: Digital Economy Risk. This week, the focus is on risk inherent in the digital economy and how attorneys advise on risk associated with threats to privacy, as well as essential steps to protect organizations against threats. Similarly, we will take a deep dive into the risk of deploying AI, the ubiquitous use of smart devices and mobile computing, and how it is impacting our practices, businesses and the blurring of boundaries in our lives.
• Week 8: Experiential Simulation: The final module will bring together all previous content for a tabletop exercise involving a data breach and response. Participants will look at statutes from multiple jurisdictions and determine how the first twenty-four hours after knowledge of an incident will unfold. 

Prerequisite: None.

Program Eligibility

These courses are appropriate for:

• Attorneys at law firms and in-house counsel who want to better understand legal aspects of data privacy and its relationship with Artificial Intelligence.
• Employees in functional business roles who have an interest in the legal implications of Artificial Intelligence, such as C-suite or software engineering.
• Data scientist executives who want to manage risk for their organizations.