News, Developments, and Insights

high-tech technology background with eyes on computer display

Assessing Privacy Law Programs at Law Schools

For decades, I’ve been arguing that law schools must improve their programs for privacy law. A few years ago, I lead a group of academics and practitioners in crafting a letter to law school deans about why law schools must offer more in privacy law: An Open Letter to Law School Deans about Privacy Law Education in Law Schools.  Recently, the International Association of Privacy Professionals (IAPP) came out with its guide, Privacy and Data Protection in Academia, A Global Guide to Curricula.

The guide wisely avoids trying to rank programs, and it contains a lot of very useful information. But I think that law schools need criteria to evaluate the strength of their programs, so I developed this list below of the key components of what I would consider to be a strong program. I’ve written about this before, but I continue to hone my thinking. Below are my latest thoughts:


  • Two or more full-time faculty members focusing primarily on privacy (majority of work is on privacy)
  • Adjunct faculty teaching privacy courses
  • One or more full-time faculty who focus part of their work on privacy or privacy-related subjects


  • A 3-unit or 4-unit general course on privacy law at least once a year
  • Two or more specialized courses or seminars (2-unit or 3-unit) on privacy law topics
  • Courses that cover at least several of the following topics:
    • Consumer privacy
    • Health privacy
    • Financial privacy
    • Cybersecurity / data security
    • International / comparative privacy
    • EU privacy law
    • Latin American privacy law
    • Asian privacy law
    • Computer crime
  • Clinical / experiential courses with a substantial focus on privacy law
  • Ideally, a course that teaches students the basics of the technology involved with privacy and security


  • A certificate or concentration in privacy law


  • Ideally, a center focused on privacy law with a full-time administrator
  • Second best would be a center focused more broadly on law and tech that has a substantial focus on privacy


  • A program that has one or more visiting associate professorships or fellowships for privacy law academics


  • One or more events related to privacy law each year
  • One or more career advice events for privacy law each year


  • Not a must-have, but certainly a bonus to have a journal or publication that focuses on privacy law or has a substantial focus on privacy


  • A student group focused exclusively on privacy law
  • Second best would be a student group focused more broadly on law and tech that has a substantial focus on privacy


  • A system for bringing privacy law internship opportunities to students
  • A career center (or other advisor) with knowledge and understanding of the field that can advise students interested in pursing a privacy law career

* * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy and data security training. He also posts at his blog at LinkedIn, which has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum an annual event designed for seasoned professionals. 

NEWSLETTER: Subscribe to Professor Solove’s free newsletter
TWITTER: Follow Professor Solove on Twitter.