Ficha

Versión en español

Course: 2025/2026

Fundamentals of data protection and regime of proteccion of personal data

(12207)

Master in Telecommunications Law and Information Technology (Plan: 314 - Estudio: 299)

EPD

Coordinating teacher: SERNA BILBAO, MARIA NIEVES DE LA

Department assigned to the subject: Pascual Madoz Institute of Land, Urbanism and Environment

Type: Compulsory

ECTS Credits: 3.0 ECTS

Course: 1º

Semester: 1º

Requirements (Subjects that are assumed to be known)

Those required by the master program

Objectives

The main objective of this course is to provide specialized training in the fundamentals and legal framework of the right to personal data protection. The course aims to ensure that students acquire the essential and up-to-date knowledge of the various components of the syllabus, guided by instructors and professionals with expertise in the field. The training covers not only the theoretical framework but also the practical and technical aspects necessary to meet the requirements of the professional specialization programme in privacy and data protection, in line with the Data Protection Officer (DPO) Certification Scheme of the Spanish Data Protection Agency (AEPD). From this perspective, the course is designed to achieve the following general and specific objectives: General Objectives: ¿ To fulfil, apply, and develop the objectives of the professional specialization programme in privacy and data protection, in accordance with the DPO Certification Scheme of the Spanish Data Protection Agency. ¿ To develop the ability to interpret the legal and organizational framework governing data protection. ¿ To analyse, plan, evaluate, and manage the risks arising from non-compliance with data protection regulations. ¿ To foster critical analysis of legal texts for their proper interpretation and, where appropriate, their application to the subjects covered in the Master¿s programme. ¿ To assess the regulatory impact and its relation to users¿ rights. ¿ To apply acquired knowledge to specific situations, identifying solutions aligned with the legal system and technological developments. Specific Objectives: ¿ To understand the fundamentals and legal regime of data protection at the international, European, and national levels. ¿ To comprehend technological mechanisms and their impact on the right to data protection. ¿ To understand the legal limits on the use of technology, ensuring that its application does not violate the right to personal data protection. ¿ To interpret, analyse, and assess data protection regulations in order to provide legal advice on general matters. ¿ To distinguish the right to data protection from related rights, such as the right to privacy, the right to one¿s image, the right to honour, and the freedoms of information and expression, among others. ¿ To identify and understand the actors involved in the data protection sector, along with their rights and obligations. ¿ To identify the institutions operating in this field, including their competences, actions, and decisions. ¿ To be capable of providing legal advice in the exercise and protection of data subject rights.

Learning Outcomes

Link to document

Description of contents: programme

. Fundamentals of Data Protection and System Protection of Personal Data ( 3 ECTS ) . 1. Fundamentals of data protection at the international, European, and Spanish levels 2. The subject matter of data protection and types of data 3. Applicable principles, legal grounds for data processing, and data protection rights 4. Personal data management 5. Supervisory authorities: European, Spanish, and others 6. Practical case studies

Learning activities and methodology

Learning Activities ¿ Theoretical and practical classes ¿ Individual or group work, including presentation and oral defense in class ¿ Resolution of practical case studies Active student participation in sessions is essential. As this is an in-person Master's programme, class attendance is required to be eligible for evaluation. Students must comply with the attendance policy established in the Master's academic regulations and on Aula Global. Teaching Methodology The methodology to be followed in this course is as follows: ¿ In-class lectures delivered by different instructors using digital and audiovisual resources, presenting the main concepts of the subject and offering recommended readings to support students' learning ¿ Critical reading of texts recommended by the instructor to broaden and reinforce knowledge of the subject, possibly followed by class discussions ¿ Resolution of case studies or preparation of legal reports, opinions, etc., as proposed by the instructor for individual or group completion ¿ Presentation and discussion in class¿moderated by the instructor¿of educational materials related to the subject, including comprehension and explanation of such materials Tutoring Students will have access to tutoring sessions with the course coordinator. Tutoring is intended to support the teaching and learning process through interaction between the student and the instructor, with the aim of: (i) Guiding students in their independent and group work (ii) Exploring specific aspects of the subject in greater Depth (iii) Supporting the student¿s academic and holistic development Tutoring sessions will take place at the times and under the conditions specified on Aula Global.

Assessment System

% end-of-term-examination 50
% of continuous assessment (assigments, laboratory, practicals...) 50

Calendar of Continuous assessment

The purpose of assessment is to determine the extent to which the intended learning objectives have been met. The final grade reflects the knowledge acquired by students, based on the following assessment components and weightings:

(i) Final Exam (50%) ¿ An individual multiple-choice test including both theoretical questions and practical scenarios.
(ii) Continuous Assessment (50%) ¿ Based on several activities, primarily the resolution of practical cases and exercises, as well as the comprehension, presentation, and defense of assigned tasks.

Students are required to attend all scheduled theoretical and practical classes. Unjustified absences must not exceed 15% of total in-class hours for each course (not of sessions or calendar days). In the case of justified absences, the maximum allowed is 25%. If a student exceeds these limits, they will receive a grade of ¿0¿ in continuous assessment. 

Lower levels of attendance, even within the allowed limits, may negatively affect the final continuous assessment grade.
In the extraordinary examination session, if the student has completed continuous assessment, their grade may be taken into account (if beneficial). If they have not completed continuous assessment, they will be entitled to take a final exam worth 70% of the total course grade.

Students who do not take the final exam in either the ordinary or extraordinary session will be marked as Not Submitted.


Guidelines on the Use of Artificial Intelligence Tools

In this course, artificial intelligence tools may be used under the conditions set forth on the University Library website:
https://uc3m.libguides.com/TFM/IAGenerativa

However, it is mandatory to include a properly completed ¿Declaration of Use of Generative AI¿, available at:
http://uc3m.libguides.com/ld.php?content_id=35415901

Additionally, any results obtained through AI systems must be explicitly and clearly cited in the written work, in accordance with the guidance published on the Library website. Failure to submit this declaration, or submitting false information, will result in a failing grade (0) and may lead to the initiation of disciplinary proceedings, in addition to other possible consequences.

Basic Bibliography

JAVIER PUYOL. LIBRO DE TEST DELEGADO DE PROTECCIÓN DE DATOS (DPO) DOMINIO I. TIRANT LO BLANCH. ULTIMA EDICIÓN
UE. El Manual del DPD (Delegado de Protección de Datos) Guía para los Delegados de Protección de Datos en los sectores públicos y semi-públicos sobre cómo garantizar el cumplimiento del Reglamento General de Protección de Datos de la Unión Europea; . Elaborado para el proyecto ¿T4DATA¿ financiado por la UE. . https://www.aepd.es/documento/el-manual-del-dpd-korffgeorges-esp.pdf
UE. Manual de legislación europea en materia de protección de datos: . Luxemburgo: Oficina de Publicaciones de la Unión Europea, 2019: . https://fra.europa.eu/sites/default/files/fra_uploads/fra-coe-edps-2018-handbook-data-protection_es.pdf
VVAA. Comentario al Reglamento General de Protección de Datos y a la Ley Orgánica de Protección de Datos personales y Garantía de los Derechos Digitales. Civitas, 2021, ISBN: 978-84-9197-927-2. 2021

Electronic Resources *

BOE · Código Electrónico de Protección de Datos- : http://https://www.boe.es/biblioteca_juridica/codigos/codigo.php?modo=2&id=055_Proteccion_de_Datos_de_Caracter_Personal
AGENCIA ESPAÑOLA PROTECCIÓN DE DATOS · AGENCIA ESPAÑOLA PROTECCIÓN DE DATOS : //www.agpd.es/
AGENCIA VASCA DE PROTECCION DE DATOS · AGENCIA VASCA DE PROTECCION DE DATOS : //www.avpd.euskadi.eus/s04-5213/es/
ANDALUCIA · - Consejo de Transparencia y Protección de Datos Andalucía: : http:// https://www.ctpdandalucia.es/area-de-proteccion-de-datos
AUTORIDAD CATALANA DE PROTECCION DE DATOS · AUTORIDAD CATALANA DE PROTECCION DE DATOS : //http://www.apd.cat/es
Aracne Editrice · European review of digital administration & law : http://https://www.erdalreview.eu/
COMITÉ EUROPEO DE PROTECCIÓN DE DATOS · UE : https://europa.eu/european-union/about-eu/institutions-bodies/european-data-protection-board_es
COMITÉ EUROPEO DE PROTECCIÓN DE DATOS · UE : https://european-union.europa.eu/institutions-law-budget/institutions-and-bodies/search-all-eu-institutions-and-bodies/european-data-protection-board-edpb_es
La Ley · Revista La Ley Privacidad : http://https://www.laley.es/
Supervisor Europeo de protección de datos: · UE : http:// https://european-union.europa.eu/institutions-law-budget/institutions-and-bodies/search-all-eu-institutions-and-bodies/european-data-protection-supervisor-edps_es
Thomson Reuters Aranzadi · Revista Aranzadi de Derecho y Nuevas tecnologías : http://http://www.aranzadi.es/
de la Serna, MN., Fonseca, F., Galán Pascual C y Galan Cordero C. · Derecho de las Tecnologías de la Información : https://ocw.uc3m.es/course/view.php?id=341

Additional Bibliography

J. Verdaguer López. Todo Protección de Datos 2012. CISS,. 2012
P. LUCAS MURILLO DE LA CUEVA. La Protección de los Datos de carácter personal en el Horizonte de 2010¿,. Anuario de la Facultad de Derecho, núm. 2, págs. 131-142. 2009
R. MARTÍNEZ MARTÍNEZ, (Coord.), . DERECHO Y CLOUD COMPUTING. EDIT. CIVITAS. 2012
SUPERVISOR EUROPEO DE PROTECCION DE DATOS . Resumen de conclusLa política y la gobernanza de internet; el papel de Europa en la configuración de la gobernanza de internet¿. SUPERVISOR EUROPEO DE PROTECCION DE DATOS. 2014

Electronic Resources *

AEPD · 12 PREGUNTAS : http://http://www.agpd.es/portalwebAGPD/revista_prensa/revista_prensa/2016/notas_prensa/news/2016_05_26-ides-idphp.php
Catálogo de la Redbiun · CRUE : http://http://rebiun.crue.org
Guardia Civil · Grupo de Delitos Telemáticos : http:// https://www.gdt.guardiacivil.es/webgdt/home_alerta.php
administración pública · Punto de acceso : http://https://administracion.gob.es/

(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN

The course syllabus may change due academic events or other reasons.

More information: https://www.uc3m.es/master/derecho-telecomunicaciones