LAW07068 0000 Data Protection and Freedom of Information

General Details

Full Title
Data Protection and Freedom of Information
Transcript Title
N/A %
Subject Area
LAW - Law
SOCS - Social Sciences
07 - NFQ Level 7
05 - 05 Credits
Start Term
0000 - The Beginning of Time
End Term
9999 - The End of Time
Breda McTaggart, Lorraine Murphy, Esther Quinn, Ruth Walsh
Programme Membership
SG_GLAWB_H08 202100 Bachelor of Arts (Honours) in Law and Business

This module will introduce the learner to the core principles, concepts and rules in relation to Data Protection and Freedom of Information in Ireland. 

The module will examine how the Data Protection landscape has changed significantly and analyse the new Data Protection framework focusing on the General Data Protection Regulations (GDPR). Learners will analyse how organisations comply with the regulation in practice and how they process personal data in line with 21st-century developments, like e-commerce, mobile data and the cloud.

This module also provides an in-depth analysis of the Freedom of Information framework and how organisations can comply with their obligations under the legislation. The module concludes with an analysis of the penalties for breaches of the legislation.

Learning Outcomes

On completion of this module the learner will/should be able to;


Distinguish between the Data Protection and Freedom of Information legislation.


Apply acquired knowledge to a range of data protection and freedom of information issues in practice.


Appraise subject access requests, legitimate processing, data retention, consent, and international data transfers.


Conduct a data privacy impact assessment and a data protection audit.


Categorise different types of cyber security threats and measures to mitigate risk.

Teaching and Learning Strategies

The teaching and learning strategy is one which is founded on student-centered active learning. This module will be delivered by a mixture of face to face, online delivery and tutorial support as appropriate.  A range of Computer-Aided Learning (CALL) packages are available to support this module (e.g. Moodle, Adobe Connect, Panopto, Teams). 

Discussion, communication and team working skills will be nurtured throughout the module, where students will have space and the support to articulate and present on their ideas within the learning environment.

Module Assessment Strategies

This module will be assessed by Continuous Assessment (40%) which may vary from a case study, presentation, moodle quiz, other, during the semester and by an end of semester exam (60%).

Students will also have the opportunity to reflect on their learning progress throughout the semester through formative assessments such as in-class discussions, polls and quizzes.

Repeat Assessments

Repeat exam/assessment will be developed as appropriate to assess failed components.

Indicative Syllabus

1. Introduction to Data Protection Law

  • General Data Protection Regulation (GDPR);
  • Data retention, legitimate processing;
  • Data Protection Commission.

2. Data Processing and Personal Rights

  • Data access requests;
  • Removal, amendments, rectification;
  • Compliance and enforcement.

 3. Data Protection Officer

  • Role of and requirement to have a DPO;
  • Privacy Impact Assessment.

4. Freedom of Information

  • Freedom of Information concepts and principles;
  • Office of the Information Commissioner (OIC);
  • Role of and requirement to have a FOI officer.

5. Cybersecurity and Cybercrime

  • Security Fundamentals;
  • Methods of detecting and preventing cybercrime;
  • Malware and threats.

Coursework & Assessment Breakdown

Coursework & Continuous Assessment
40 %
End of Semester / Year Formal Exam
60 %

Coursework Assessment

Title Type Form Percent Week Learning Outcomes Assessed
1 Case study, quiz, written report, other Continuous Assessment Assessment 40 % OnGoing 1,2,4

End of Semester / Year Assessment

Title Type Form Percent Week Learning Outcomes Assessed
1 Exam Final Exam Closed Book Exam 60 % End of Semester 1,2,3,4,5

Full Time Mode Workload

Type Location Description Hours Frequency Avg Workload
Lecture Flat Classroom In class learning 2 Weekly 2.00
Online Lecture Online Online learning 1 Weekly 1.00
Independent Learning Not Specified Self study 4 Weekly 4.00
Total Full Time Average Weekly Learner Contact Time 3.00 Hours

Required & Recommended Book List

Required Reading
2019 Data Protection Compliance
ISBN 1911611240 ISBN-13 9781911611240
Required Reading
2017-08-31 EU General Data Protection Regulation (GDPR) Itgp
ISBN 184928945X ISBN-13 9781849289450

Now in its second edition, EU GDPR - An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law.

Required Reading
2015-04-30 Freedom of Information Law
ISBN 185800683X ISBN-13 9781858006833

The new edition of Freedom of Information Law provides the user with a clear and comprehensive analysis of the Freedom of Information Act 2014, referring to decisions of the Information Commissioner and of the courts as well as to overseas FOI decisions. It also covers the separate legislative regime for access to environmental information. New to this edition * Deals with the Freedom of Information Act 2014 which replaces the Freedom of Information Acts 1997 - 2003 * Features numerous new decisions of the Information Commissioner * New High Court and Supreme Court decisions on FOI appeals are considered, including The Governors and Guardians Rotunda Hospital v Information Commissioner [2011] IESC 26, July 19, 2011. Key Features * An easy-to-understand reference that provides you with invaluable analysis and interpretation * A systematic and thorough explanation of the Freedom of Information Act 2014 * Up to date and including all important decisions of the Information Commissioner and case law * Each exemption provision is the subject of a full chapter * The system of review and appeal is thoroughly examined * Separate chapter on Access to Environmental Information * Explores in details the interplay between FOI and privacy/data protection Contents Background; The Freedom of Information Act 2014; Publication of Government Information, Records Management and Reasons for Administrative Decisions; Access; The Exemptions: General Issues; Meetings of the government; Deliberations of FOI bodies; Functions and Negotiations of FOI bodies; Parliamentary, Court and Certain Other Matters; Law Enforcement and Public Safety; Defence, Security and International Relations; Confidentiality; Commercially Sensitive Information Personal Information; Research and Natural Resources; Financial and Economic Interests of the State ; Enactments Relating to Non-Disclosure of Records; Access to and Amendment of Personal Records; Review and Enforcement;Access to Environmental Information; Freedom of Information and Data Protection; Freedom of Information and Archives About the author Professor Maeve McDonagh is an academic lawyer specialising in information law who has published widely in the field of information law. She has advised on the drafting and implementation of FOI legislation in various countries and she has been engaged as an expert on information law matters by the Organisation for Security and Cooperation in Europe (OSCE). Professor McDonagh was Deputy Chair of the Press Council of Ireland from 2007 - 2013. In 2013, she was appointed by the Irish government to the FOI Implementation Review Group.

Module Resources

Non ISBN Literary Resources

Journal Resources

Law Society Gazette

Irish Law Times

URL Resources;;;;;  

Other Resources
Additional Information