The complete, syllabus-driven outline of Ethics, Policy Making and Legislation in Computer Science — meta, learning objectives, methodology, assessment, and every one of the 15 sessions with topics and readings.
"Developers of new technologies should strive to identify potential adverse consequences early in the design process and take actions to eliminate or mitigate them."
The subject Ethics, Policy Making and Legislation in Computer Science is designed to delve into the ethical, regulatory, and legal issues surrounding the field of computer science and technology. It provides students with the ability to recognize and anticipate ethical dilemmas in the development and use of computing technologies, and equips them with the skills to analyze these problems and potential solutions — both individually and through collaboration — employing concepts and principles from moral philosophy, ethics, and regulation.
Through the analysis of cases, debates, and in-depth discussions, students develop critical thinking regarding the ethical challenges faced by IT professionals, and gain insight into the regulations and legislations affecting the industry in real-world scenarios. The course addresses ethical principles within various frameworks and international laws applicable to privacy, security, accountability, intellectual property, sustainability, equality and autonomy — initially through debates, and subsequently by applying them to different realities and technologies. By the end, students will be capable of making informed and ethical decisions in their future careers in technology.
Lawyer & senior policy executive · portiz@faculty.ie.edu
Lawyer and senior executive with 20+ years in policy and advocacy focused on the Internet industry, across both public and private institutions at national and EU levels. Substantial experience advising companies on global and European privacy law, including compliance strategy and programs for online advertising, technology and online services. Former international delegate of the Spanish Data Protection Authority before the EU institutions, the OECD and the US Federal Trade Commission; for 10 years spokesperson for IAB Spain. LLM in Telecommunications & IT Law; Master in Digital Advertising. Office hours on request by email.
By the end of the course you will master five capabilities.
Identify and comprehend the ethical, social, and regulatory issues that underlie decision-making in computer science.
Analyze, reason, and debate key ethical problems in computer science — including privacy, security, and responsibility, among others.
Become familiar with relevant international and national regulations and legislations that impact computer science.
Apply ethical and legal principles to real-life situations and dilemmas, so they can be incorporated into procedures and strategies from the first steps of design.
Carry out expert reports, opinions and computer arbitrations, taking into account the applicable regulations.
IE's teaching method is collaborative, active and applied: students build their knowledge across a diverse mix of activities. Total dedication is 75 hours.
Deliverable: the single largest component — sustained individual analysis applying course concepts to real dilemmas (expert-report style: state the dilemma, the affected rights/principles, the applicable regulation and a reasoned recommendation). Evaluated on depth of analysis, correct use of frameworks and law, originality and clarity.
Deliverable: an individually prepared robotics case (briefed in Session 10), presented and defended in Session 12. Evaluated on argument quality, grounding in principles/regulation, and the ability to defend it under questioning.
Deliverable: a team analysis of an AI scenario (autonomous cars, dark patterns, medical use, neurorights…) selected in Session 7 and presented in Session 8, with affected rights and compliance solutions through an ethics framework. Evaluated on teamwork, completeness and applied reasoning.
Deliverable: a written exam in Session 15 covering all course material. Evaluated on integration — combining the right ethical lens with the right legal instrument on an applied problem.
Every session is live and in-person. Grouped into seven thematic modules — each opening with a module overview and learning outcomes, then unpacking every session's topics with the core framework or regulation, a key idea, the in-class activity, suggested preparation, and cross-links into the interactive view.
The opening module builds the conceptual vocabulary for the whole course. Before touching any specific technology or law, it separates three ideas that are routinely confused — what is ethical (what we ought to do), what is regulated (soft rules, standards and guidance), and what is legislated (binding law with sanctions) — and then surveys the moral-philosophy toolkit and the major ethics frameworks that recur throughout the syllabus.
Set up the course and draw the line between three notions that are often conflated.
Prepare: skim Hare, Technology Is Not Neutral, intro — the claim that design choices always embed values.
Explore the moral and philosophical principles behind responsible technology.
Prepare: compare one corporate AI-ethics charter (e.g. a major tech firm's responsible-AI principles) against the OECD principles.
This module turns from principles to hard rules. It maps the institutions that write technology law, explains why EU rules end up governing products worldwide (the Brussels effect), then drills into the two regimes that matter most to a computer scientist: the EU AI Act and data-protection law (the GDPR and its US contrast).
Map the international regulatory landscape and understand who sets the rules.
Prepare: Susskind, Future Politics — how code and platforms quietly govern behaviour ("code is law").
Analyze the EU's flagship AI law and the strain technology puts on copyright.
Prepare: read a one-page summary of the AI Act risk pyramid; note one example system per tier.
Build a working understanding of data-protection regulation and its practical tools.
Prepare: Véliz, Privacy Is Power — why personal data is a form of power and a collective, not just individual, concern.
AI brings huge benefits but a multitude of risks; this debate-driven module raises them through real cases (medical decision-making, automated surveillance) so students can argue both the harms and the design solutions. Two seminars of dilemmas feed a graded group case in which a team applies an ethics framework to a concrete AI scenario.
Through debate and real cases, surface the dilemmas AI poses to society and how to design responsibly.
Reference: Council of Europe, Unboxing AI: 10 steps to protect Human Rights.
Tackle the second wave of AI dilemmas and prepare the group practical case.
Apply ethical frameworks to a real AI case, identifying affected rights and compliance solutions.
Robotics moves the questions from software into the physical world, where machines act, move and sometimes harm. The module pairs the classic thought experiment (Asimov's laws) with present-day issues — labour displacement, opaque autonomy, medical and industrial robots — and ends with a graded individual presentation defending a robotics analysis (Session 12, after the IoT detour in Session 11).
Examine the consequences of robotics development through classic and modern lenses.
Look at robotics ethics across sectors and how to design robotic systems responsibly.
Defend an individual analysis applying course concepts to a robotics dilemma.
A single session on the technologies that dissolve the boundary between the digital and the physical: always-on connected devices (IoT) and matter engineered at molecular scale (nanotech, including nanomedicine). The common thread is that pervasive sensing and tiny, invisible systems make privacy, security and environmental harm harder to see and to govern.
Understand the ethical implications of interconnected devices and nanotech.
The course lands back in the student's daily craft: building software. Session 13 puts every earlier principle into the act of designing an app — data use, ML, secure coding, honest interfaces and privacy policies — while Session 14 treats cybersecurity as a regulatory, technical and ethical problem at once, including where the line falls between legitimate ethical hacking and a crime.
Put learned principles into practice in the design and development of an app.
Address current cybersecurity challenges from regulatory, technical and ethical angles.
The course closes by testing integration rather than recall: the final exam asks students to bring the principles, frameworks and laws from all six modules to bear on the kind of dilemma they will meet in practice.
Demonstrate mastery of the entire course.
The vocabulary that ties the fifteen sessions together — the frameworks, regulations and ideas you should be able to define and apply.
Ethics = what we ought to do; regulation = standards, codes and soft rules; legislation = binding law backed by sanctions. They can diverge.
An action is right if it produces the best overall outcomes; judges by results (e.g. utilitarianism).
An action is right if it respects duties and rights, regardless of consequences; judges by rules and obligations.
The tendency for strict EU rules to become global de-facto standards, because firms apply one compliant design worldwide.
The EU's risk-based AI law: obligations scale from banned "unacceptable" uses down through high-risk, limited and minimal risk.
AI in sensitive uses (biometrics, hiring, credit, critical services) subject to strict duties: data quality, logging, human oversight, documentation.
The EU's omnibus data-protection regulation, built on principles (minimisation, purpose limitation, accountability…) and enforceable data-subject rights.
A legal and engineering duty to build data minimisation and security into a system's architecture from the outset, not bolt them on later.
Data Protection Impact Assessment — a structured risk analysis required before high-risk personal-data processing.
Digital Services Act (illegal content & platform transparency) and Digital Markets Act (competition rules for "gatekeeper" platforms).
Systematic unfairness in model outputs, often inherited from skewed training data; "fairness" itself has competing, incompatible definitions.
The ability to understand and justify why a model produced a given decision — essential for contesting automated outcomes.
A system whose internal reasoning is opaque to users and even builders, making oversight and accountability difficult.
Designing and running models to reduce their energy, water and carbon footprint, not just maximise accuracy.
Deliberately false content and AI-generated synthetic media that erode trust in what we see and hear online.
When responsibility for harm is diffused across developers, deployers and platforms, no single actor is clearly answerable.
Proposed human rights protecting mental privacy and cognitive liberty against brain-reading or brain-altering technology.
A classic fictional rule set for robots — deliberately too simple, used to show why real machine-safety rules must be far richer.
A proposed levy on automation to offset job displacement and fund affected workers.
The principle that a human must be able to understand, override and be accountable for an autonomous system's actions.
Manipulative interface designs (pre-ticked boxes, confirmshaming, hard-to-cancel flows) that steer users against their own interest.
Authorised security testing; the same techniques are lawful with scope and consent and criminal without them.
Reporting a discovered vulnerability privately to the owner first, allowing a fix before any public release.
Concerns raised by pervasive connected sensing and molecular-scale systems: invisible data collection, weak security, environmental impact.
Three core texts framing technology ethics, digital politics and privacy — annotated, with the sessions each best supports.
A compact, practical case that every design decision embeds values — there is no "neutral" tool. The clearest grounding for the course's opening claim and a model for case analysis.
Best for Sessions 1–2 · 6–7
ISBN 9781907999 · Digital
Argues that code and platforms increasingly govern our liberty, democracy and justice — "code is law." The big-picture frame for why regulation of CS matters at all.
Best for Sessions 3–4 · 13
ISBN 978019255949 · Digital
Reframes personal data as power and privacy as a collective good, not just an individual preference. The motivating text for the data-protection and surveillance sessions.
Best for Sessions 5 · 11
ISBN 1473583535 · Digital