LAW8131 : Cybersecurity Law and Policy
LAW8131 : Cybersecurity Law and Policy
- Offered for Year: 2025/26
- Module Leader(s): Professor Ben Farrand
- Owning School: Newcastle Law School
- Teaching Location: Newcastle City Campus
Semesters
Your programme is made up of credits, the total differs on programme to programme.
| Semester 1 Credit Value: | 20 |
| ECTS Credits: | 10.0 |
| European Credit Transfer System | |
Pre-requisite
Modules you must have done previously to study this module
Pre Requisite Comment
N/A
Co-Requisite
Modules you need to take at the same time
Co Requisite Comment
N/A
Aims
The course will give students an insight into and a critical understanding of cybersecurity, and its interrelations with law, policy, and technology. The focus of this module is international – as cybersecurity has become central to global legal efforts, as well as contemporary geopolitics. As such, it serves as an excellent contribution to the proposed International Security MA/LLM, given its interdisciplinary focus. It aims to familarise students with the basics of cybersecurity for non-technical experts, identify how cybersecurity requirements translate into binding legal obligations, and then how different regimes have operationalised these obligations. It places these developments in their broader geopolitical context, with an emphasis on the ‘sovereignty’ of states in the digital environment, the idea of cybersecurity as ‘zero sum game’, and how cybersecurity is currently impacting upon physical security and vice versa.
Outline Of Syllabus
Indicative course outline (these case studies are subject to change based on combinations of student interest and technological developments):
1. An Introduction to Cybersecurity
2. The historical development of cybersecurity law: from cybercrime to agencification to platform regulation
3. Cybersecurity and (the lack of) international frameworks: case study of the Cybercrime Convention
4. Private standards, public obligations: the role of cybersecurity experts in developing cybersecurity regulation/ generative AI training
5. Case study I: Comparative approaches to cybercrime
6. Case study II: Comparative approaches to cybersecurity
7. Geopolitics, Digital Sovereignty, and the New Cybersecurity
8. Case study III: Resilience, solidarity and the European Cyber Shield
9. Case study IV: Cybersecurity beyond cyberspace
10. Conclusions: is international cybersecurity regulation feasible?
Learning Outcomes
Intended Knowledge Outcomes
The ability to:
• Demonstrate understanding of the basics of cybersecurity, including the types of cybercrime and mechanisms used to combat them
• Critically evaluate current debates in the cybersecurity law and policy, including the potential for establishing international frameworks
• Demonstrate awareness of the relevant policy frameworks that are influencing the development of cybersecurity laws
• Understand the role of geopolitics on cybersecurity frameworks and cooperation
• Analyse a range of case studies concerning new developments in cybersecurity, identifying relevant legal and policy issues
Intended Skill Outcomes
At the end of the module students should be able to demonstrate:
Cognitive skills – having completed the module, students will be able to demonstrate these subject
specific skills:
• The ability to interpret and apply theories of regulation
• The ability to interpret and analyse a range of different cybersecurity frameworks
• The ability to critically reflect on challenges posed by geopolitical tensions for cybersecurity cooperation
• The ability to develop a position on regulatory interventions over cybersecurity
• The ability to reflect on the interactions between law, politics, geography and society in the tackling of large scale cyber-incidents
Key transferable skills – having completed the module, students will be able to:
• Demonstrate the ability to think about problems from an interdisciplinary perspective
• Demonstrate critical reasoning skills
• Demonstrate skills in collecting, handling, evaluating and applying information
• Demonstrate oral and written presentation skills, through active participation in workshops
• Demonstrate the ability to carry out independent research and identify relevant primary and secondary legal materials, as well as non-legal materials of relevance to the subject of study
Teaching Methods
Teaching Activities
| Category | Activity | Number | Length | Student Hours | Comment |
|---|---|---|---|---|---|
| Guided Independent Study | Assessment preparation and completion | 1 | 50:00 | 50:00 | N/A |
| Guided Independent Study | Directed research and reading | 1 | 20:00 | 20:00 | N/A |
| Structured Guided Learning | Structured research and reading activities | 10 | 1:00 | 10:00 | Activities based around weekly workshops |
| Scheduled Learning And Teaching Activities | Workshops | 10 | 2:00 | 20:00 | N/A |
| Scheduled Learning And Teaching Activities | Drop-in/surgery | 3 | 1:00 | 3:00 | Online drop-in sessions |
| Guided Independent Study | Independent study | 1 | 97:00 | 97:00 | N/A |
| Total | 200:00 |
Teaching Rationale And Relationship
In terms of the specific teaching methods, workshops have been chosen as the most suitable method of teaching for this content, which combined an element of semi-structured lecturing with student interaction and activities. This is facilitated by the structured research and reading activities, where in advance of classes, students read materials provided before each session, discussing the cybersecurity issues relevant to the given session. Students will then use this reading to develop a position in advance of the weekly student-led activity in each workshop. In addition to these formal classes, there will be a number of drop-in/surgery hours, where students can ask questions regarding course content, specific readings, or to prepare for the assessment for the module. Directed research and reading will be prepared for each session, which allows students to develop greater insight into the areas of legal research discussed in each activity, with an additional reading list provided on Canvas as further readings or a library list, which can then be used by students drafting their research proposal during their assessment preparation and completion.
Reading Lists
Assessment Methods
The format of resits will be determined by the Board of Examiners
Other Assessment
| Description | Semester | When Set | Percentage | Comment |
|---|---|---|---|---|
| Written exercise | 1 | M | 50 | Policy paper, 2000 words |
| Prof skill assessmnt | 1 | M | 50 | Generative AI task. 2000 words |
Assessment Rationale And Relationship
The assessment for this module comprises two elements: one policy paper of 2,000 words worth 50% of the grade, and one 2,000 word generative AI task worth 50% of the grade.
The purpose of the research paper is to allow students to develop their ability to write for different audiences, representing a different stakeholder in thinking about cybersecurity regulation. Students could be writing a Communication from the European Commission on an aspect of cybersecurity, or a UN report on international cooperation in cybersecurity enforcement. This will also allow students to familarise themselves with a range of different documents beyond cases, legislation and academic articles, serving the interdisciplinary cohort the module is likely to engage. The 2000 word AI task will be based on the key themes and issues arising in the course, allowing students the opportunity to engage with new forms of knowledge generation, in order to identify their strengths and weaknesses. Students will be tasked with asking generative AI a question about cybersecurity, and then will be expected to critique this output, identifying its strengths, weaknesses, and areas for improvement providing a nuanced and reflective answer on an issue of cybersecurity, while also testing their abilities to deal maturely and effectively with generative AI tools. In turn, this will also develop their broader skills of knowledge handling, identification, and critique, as well as allowing for reflections on how research work is assessed, feeding into the development of their own transferrable skills. Training in the use of AI is provided for students, both in the context of this module, as well as in our skills training more generally.
Timetable
- Timetable Website: www.ncl.ac.uk/timetable/
- LAW8131's Timetable
Past Exam Papers
- Exam Papers Online : www.ncl.ac.uk/exam.papers/
- LAW8131's past Exam Papers
General Notes
N/A
Welcome to Newcastle University Module Catalogue
This is where you will be able to find all key information about modules on your programme of study. It will help you make an informed decision on the options available to you within your programme.
You may have some queries about the modules available to you. Your school office will be able to signpost you to someone who will support you with any queries.
Disclaimer
The information contained within the Module Catalogue relates to the 2025 academic year.
In accordance with University Terms and Conditions, the University makes all reasonable efforts to deliver the modules as described.
Modules may be amended on an annual basis to take account of changing staff expertise, developments in the discipline, the requirements of external bodies and partners, staffing changes, and student feedback. Module information for the 2026/27 entry will be published here in early-April 2026. Queries about information in the Module Catalogue should in the first instance be addressed to your School Office.