Privacy and Security


This course is composed of two parts, the second one coming as a specification of the issues discussed in the first one. The first part aims to provide an overview of the main issues at stake within the balance between privacy and security, namely, to analyse the concept of privacy and the main forms of digital surveillance for purposes related to national security and the maintenance of public order. This analysis will be carried out considering relevant caselaw in Europe, especially the European Court of Human Rights and the Court of Justice of the European Union. The second part will specifically consider some mechanisms of State surveillance (facial recognition, metadata, internet of things, digital profiling) and critically assess their legal framework in light of the norms in place in Europe.

General characterization





Responsible teacher



Weekly - 3

Total - 36

Teaching language



Not Applicable


Degli Esposti, S., Ball, K. and Dibb, S. (2021), What's In It For Us? Benevolence, National Security, and Digital Surveillance. Public Admin Rev, 81: 862-873.


European Union Agency for Fundamental Rights and Council of Europe, 2018. Handbook on EU Data Protection Law. Available at


Humble, Kristian P.  (2021). "International law, surveillance and the protection of privacy". The International Journal of Human Rights, 25:1, 1-25, Doi:10.1080/13642987.2020.1763315


Raposo, Vera Lúcia (2022). "The Use of Facial Recognition Technology by Law Enforcement in Europe: A Non-Orwellian Draft Proposal". Eur J Crim Policy Res,


Raposo, Vera Lúcia (2021). "Big Brother Knows That You Are Infected: Wearable Devices to Track Potential COVID-19 Infections"  Journal of Law, Innovation and Technology, 13(2), 422-438, Doi: 10.1080/17579961.2021.1977214


 Violante, Teresa, "How the Data Retention Legislation Led to a National Constitutional Crisis in Portugal", VerfBlog, 2022/6/09. Available at, DOI: 10.17176/20220610-032725-0.





Digital Rights Ireland Ltd v. Minister for Communications, Marine and Natural Resources and Others and Kärntner Landesregierung and Others (2014) CJEU [GC] Joined cases C-293/12 and C-594/12,  ECLI:EU:C:2014:238


Schrems v Data Protection Commissioner (2015) CJEU Case C-362/14, ECLI:EU:C:2015:650


Tele2 Sverige AB v Post- och telestyrelsen and Secretary of State for the Home Department v Tom Watson and Others (2016) CJEU, Joined Cases C-203/15 and C-698/15, ECLI:EU:C:2016:970  


Schrems and Facebook Ireland v Data Protection Commissioner (2020) CJEU Case C-311/18, ECLI:EU:C:2020:559


Privacy International v Secretary of State for Foreign and Commonwealth Affairs and Others (2020), CJEU, C-623/17, ECLI:EU:C:2020:790


La Quadrature du Net and Others v Premier ministre and Others (2020), CJEU, C-511/18, ECLI:EU:C:2020:791


Criminal proceedings against H. K. (2021), CJEU, C-746/18, ECLI:EU:C:2021:152



Note: Additional case law and references might be indicated throughout the course.



Teaching method

The course is structured in sessions that combine theoretical exposition with the practical solution of life cases and with the debate of controversial issues.

The teaching materials include not only the indicated references but also short videos that will be integrated to streamline the classes and give them a more practical content.

Evaluation method

The evaluation can be carried out in two ways:


i) Final assessment: Final exam, with consultation of all materials




ii) Ongoing assessment:


(a) Participation in classes - 30%


(b) Written report, to be presented at the end of the semester, on an issue to be previously agreed with the professor, between 3000 and 4000 words (not counting bibliographic references) - 70%


Subject matter


1.Privacy in a world of digital surveillance


1.1.Concept of privacy


1.2.Legal framework for digital surveillance


1.3.National security and privacy


1.4.Analysis of specific legal frameworks (EU, Council of Europe, UN)



2.Specific forms of surveillance


2.1.Facial recognition




2.3.Internet of things