This course describes the substantive law relevant to the field of information security or "infosec" law, commonly known to policymakers as "cybersecurity." It examines how courts, legislatures, and regulators confront the major legal issues that information security presents. The course includes three types of 'readings' - one set introduces you to a key aspect of the history and culture of information security; the second set introduces technical and policy standards ; the third consists of statutes and caselaw. The early weeks in this class introduce you to the state of the law of information security and assist you in acquiring technical competence in the terms of art of the field. The later weeks in the course identify and frame current legal debates in Congress, state legislatures, regulatory agencies, and the business community on matters of information security.