Schedule, syllabus and examination date

Choose semester

Course content

This course addresses key regulatory questions regarding cybersecurity and cybercrime. The point of departure of the course is the increasing focus on cybersecurity not only as a technical issue, but also as a regulatory and policy concern. Cybersecurity is now a top priority for governments, businesses and other policy-makers around the world. It is a prime concern for citizens too, as cyber threats also impact on their many everyday digital transactions and interactions. The course primarily studies cybersecurity norms in domestic, European and international law. These rules focus on cybersecurity in a variety of regulatory contexts, including national security, protection of critical infrastructure, data privacy and international warfare. The course takes account of developments of cybersecurity norms in a global perspective (with particular focus on the role of the ITU, OECD, WTO and other IGOs), the emergence of doctrines of cyber-sovereignty (particularly important, for example, in Russia and China), and unfolding regulatory policy on use of cryptography (with focus on legal rules governing the ability of law enforcement agencies to be given access to unencrypted or decrypted data). A second strand of the course focuses on cybercrime (both its substantive and procedural elements), along with digital forensics.

The chief “hard law” instruments to be examined are the EU’s Network and Information Security Directive (2016), security rules in the EU’s General Data Protection Regulation (2016), and transpositions/equivalents of these instruments in Norwegian law, with a focus on Norway’s Security Act (sikkerhetsloven). In the context of cybercrime, the course mainly examines the Council of Europe Convention on Cybercrime (2001) and the EU Directive on Attacks against Information Systems.

For students enrolled in Rettsvitenskap (jus) (master - 5 år): Have you considered a specialization as part of your degree? The course is part of the profile Personvern, sikkerhet og digital forvaltning.

Read more about profiles.

Learning outcome

The primary objective of the course is to provide insight into cybersecurity and cybercrime


Achievement requirements


  • Good knowledge of how the European Union (EU) regulates cybersecurity.
  • Knowledge of emerging cybersecurity laws at the global level, including in international law.
  • Knowledge of relevant cybercrime norms.


  • Ability to connect technical security issues to regulatory issues discussed in the course.
  • Ability to participate in policy debates about emerging cybersecurity issues and their regulation at domestic, European and international level.

General competence

  • Understanding of relevant regulatory roles played by international organisations, such as the International Telecommunications Union (ITU), the World Trade Organization (WTO) and the North Atlantic Treaty Organization (NATO).
  • Understanding the role of risk management in cybersecurity.
  • Understanding of weaknesses and strengths of EU law with respect to cybersecurity.


Students who are admitted to study programmes at UiO must each semester register which courses and exams
they wish to sign up for by registering a study plan in StudentWeb.

You may register for this course if you have admission to a Master of Law-programme at UiO, the faculty's exchange-programme or have admission to Law-electives at masters-level. All applicants must fill the formal prerequisites.

International applicants, if you are not already enrolled as a student at UiO, please see our information about admission requirements and procedures for international applicants


Formal prerequisite knowledge

Students must fill one of these requirements:

  • Passed 1st - 3rd year of the 5-years degree Master of Laws (Master i rettsvitenskap at UiO) (or exams that qualify for exemption for these) or
  • Hold a 5-years Master’s degree in Laws (Master i rettsvitenskap at UiO) or equivalent.

Exemptions from the formal prerequisites will be given to students with admission to the faculty's own exchange or master’s degree programmes. This rule does not apply to students with admission to other master’s degree programmes at the University of Oslo, unless otherwise agreed.

Recommended previous knowledge

Three years of law studies. In addition, it is recommended that students have a general understanding of information and communications technology (ICT) law. It is recommended that students combine this course with other courses focusing on ICT law.

Overlapping courses

5 credits overlap with ICTLECOMM – E-Commerce Law (discontinued)


Lectures/seminars, 20 hours.

Language of teaching for this course is English. This means that all
communication during lectures/seminars will be in English, and all
literature and auxiliary materials are in English.

Access to teaching

A student who has completed compulsory instruction and coursework and has had these approved, is not entitled to repeat that instruction and coursework. A student who has been admitted to a course, but who has not completed compulsory instruction and coursework or had these approved, is entitled to repeat that instruction and coursework, depending on available capacity.


Term paper with a maximum of 4000 words.

A draft should be handed in in the middle of the semester, maximum 2000 words. Delivery of the draft is mandatory. Students are awarded either a passing or a failing grade on the draft.

Use of sources and rules for citing.

Be sure that you are familiar with the use of sources and the rules for citing/quoting from others work .
UiO uses a plagiarism checking tool as one of several instruments for detecting suspicion of cheating and attempted cheating.

Language of examination

The examination text is given in English, and you submit your response in English.

Grading scale

Grades are awarded on a scale from A to F, where A is the best grade and F is a fail. Read more about the grading system.

Marking criteria 

This  guide is used by examiners for grading this course.

Explanations and appeals

Resit an examination

Withdrawal from an examination

It is possible to take this exam up to 3 times. If you withdraw from the exam after the deadline or during the exam, this will be counted as an examination attempt.

There are special rules for resitting a passed examination in the master's programme in Law.

Special examination arrangements

Application form, deadline and requirements for special examination arrangements.


The course is subject to continuous evaluation. At regular intervals we also ask students to participate in a more comprehensive evaluation.


The language for this course is English. Students enrolled in the
Masterprogrammet i rettsvitenskap must pass one
English subject as part of their degree, this course will meet these

Facts about this course






Every spring


Every spring

Teaching language