In this paper, we identified five fundamental principles for developing data protection law courses in today’s digital age. The paper outlines the broader context of the transformation of legal education in a digital age; describes the importance of integrating legal-thinking and design-thinking with a deeper understanding of the underlying technologies and user-interfaces; and introduces the main features of a new approach to teaching data protection and privacy.
The main argument of the paper is to suggest that the data protection lawyer of the future will become a key intermediary of innovation – or a ‘transaction engineer’ – who helps facilitate and coordinate new forms of business and other social relationships; contributes to harnessing the benefits of disruptive technologies, automation and digital connectivity to build next generation legal services; and contributes to the development of a legally compliant and socially responsible technological infrastructure.
To perform this function effectively, however, data protection professionals need to develop a new mindset, along with several new skills and capacities, including a better understanding of the technological architecture of a post-digital transformation world, as well as the power and importance of legal design.
Crucially, this means re-visiting the law school curriculum and legal education, more generally. From a pedagogical perspective, we propose a task-oriented, “sandbox”, and “gamified” approach to data protection law that delivers a more meaningful student experience in which students are given the space to experiment via engagement with timely and practical problems.