Law and Ethics for Data Managers

Spring 2016 | Tuesday and Thursday 3:30 – 4:45 Bobst LL150     Instructor:  Laura Norén
Ethics Diagram

Image borrowed from UCSD Clinical and Translational Research Institute.


Course Overview

Following the code fraud committed by Volkswagen and in the midst of unregulated malware in advertising technology and ethically dubious use of algorithmic trading, the legal and ethical dimensions of data management and programming are fundamentally important components of comprehensive data scientific education.

This course begins by examining existing legal structures – copyright law, intellectual property, university technology office policies, patent law, patient protection (HIPAA) – in the US as they apply to data. International legal practices like France’s ‘right to be forgotten’ and internet censorship practices in countries including China and Turkey will also be investigated.

The remainder of the course turns to ethical issues that may or may not be addressed by legal structures or explicit corporate governance. By drawing on ethics in philosophy, sociology, and practitioners writing as programmers and data scientists the course will teach students to develop strategies and insights for identifying when data gathering, sharing, storage, transparency, and analysis could lead to breaches in legal or ethical parameters. Because data science, programming, and data-driven analytics practices are moving forward faster than legal and organizational structures can keep pace, the course’s main goal is to prepare students to participate actively in the development and maintenance of ethical infrastructure.

A full syllabus will be available to NYU students on 15 January 2016.

Course format: Case Study Approach

Most material will be presented in a case study format. Students will be given readings that prepare them to proceed through a guided discussion of specific ethical issues in small groups. Short lectures will introduce and wrap-up the case study sessions.

  • Code fraud?: Volkswagen, high frequency trading, ad tech
  • Remixing, intellectual property, copyright: Taylor Swift, food bloggers, freelancers 
  • Data sharing for good and ill: From Edward Snowden to GitHub to sexting
  • OpenData: Taxis, subways, taxes, and data science for social good
  • Testing algorithms on users: Facebook, jawbone, and OKCupid
  • Data breaches: Target, Neimann Marcus, Home Depot, and Ashley Madison
  • Training set prejudice: FICO credit scoring and discrimination-by-algorithm
  • When users behave badly I: #gamergate and hate speech and twitter
  • When users behave badly II: cyberbullying, reddit and facebook
  • Health data I: The special challenges of extremely sensitive data with professional athletes
  • Health data II: Genetics, 23andme, and resilient patients


There are three types of assignments in this course. Each week there will be readings. In order for the course to function properly, students must complete the readings. To incentivize and reward students for doing the readings, there will be six unannounced reading quizzes throughout the semester. They cannot be made up. The lowest grade on the reading quizzes will be dropped.

There will be a mid-term exam with short answer and essay questions.

The final assignment may either be a 12-15 page essay on a specific issue in the law and ethics of data governance OR the creation of a piece of software that addresses an ethical challenge by building a tool to ameliorate harmful impacts of a particular process, business procedure, or platform. Students are encouraged to discuss their ideas early.

Grading Schema

Reading quizzes, active participation, attendance, a mid-term exam, a final project/paper proposal, and the final project will contribute to the final grade.