CSE 291: Security, Privacy, and US Law

CSE 291-B

Schedule: Lecture:TTh 11-12:20 EBU 2154

Instructor: Stefan Savage

TA: Katherine Izhikevich
Office hours: Mondays 3-4pm, Friday 1-2pm, CSE 3106


This course will explore the intersection of the technical and the legal around issues of computer security and privacy, as they manifest in the contemporary US legal system. The goal of the course is multifold: First, to provide a better understanding of how key portions of the US legal system operate in the context of electronic communications, storage and services. Second, to provide a pragmatic foundation for understanding some of the common legal liabilities associated with empirical security research (particularly laws such as the DMCA, ECPA and CFAA, as well as some understanding of contracts and how they apply to topics such as "reverse engineering"). Third, we will explore how changes in technology and law co-evolve and how this this process is highlighted in current legal and policy "fault lines".

There are no required pre-requisites but we are going to assume you understand enough about the technical aspects of security and privacy (e.g., such as having taking an undergraduate class in security) that we, at most, only need to do cursory reviews of any technical material.

This will very much uch be a readings and discussion class, so be prepared to enage if you sign up, its not a good class for being silent and sitting in the back.


This class will be tought in person and will not be recorded.