Privacy Examples in CS Thinking

Start with the recap, study the fully worked examples, then use the practice problems to check your understanding of Privacy.

This page combines explanation, solved examples, and follow-up practice so you can move from recognition to confident problem-solving in CS Thinking.

Concept Recap

The right of individuals to control what personal information is collected about them, how it is stored, who can access it, and how it is used. Digital privacy encompasses data collection practices, consent mechanisms, encryption, and legal protections like GDPR.

Privacy is about deciding who gets to know what about you. In the digital world, your data is collected constantly โ€” privacy is about having a say in that.

Read the full concept explanation โ†’

How to Use These Examples

  • Read the first worked example with the solution open so the structure is clear.
  • Try the practice problems before revealing each solution.
  • Use the related concepts and background knowledge badges if you feel stuck.

What to Focus On

Core idea: Digital privacy involves trade-offs โ€” sharing data enables useful services but creates risks of misuse, surveillance, and identity theft.

Common stuck point: 'I have nothing to hide' misses the point โ€” privacy is about control over your information, not about having secrets.

Sense of Study hint: When evaluating a privacy decision, ask three questions: What data is being collected? Who will have access to it? What could happen if it were misused or leaked? Then decide whether the benefit of sharing outweighs the risk. Always review app permissions and privacy settings.

Worked Examples

Example 1

easy
What is data privacy? Give three examples of personal data that should be protected.

Answer

Data privacy is the right to control personal information. Examples: name/address, medical records, bank details. All personal data deserves protection.

First step

1
Step 1: Data privacy is the right of individuals to control how their personal information is collected, used, and shared.

Full solution

  1. 2
    Step 2: Examples of personal data: (1) Name and address, (2) Medical records, (3) Bank account details.
  2. 3
    Step 3: Other examples include email addresses, phone numbers, photos, location data, and browsing history. Even seemingly harmless data can reveal sensitive information when combined.
Data privacy is increasingly important as more personal information is stored digitally. Data protection laws (like GDPR) give individuals rights over how their data is used.

Example 2

medium
Explain how a free social media app can still make money. What are the privacy implications for users?

Example 3

easy
A free game asks to read your SMS messages 'for verification'. List the stakeholder concerns and one safer choice.

Example 4

medium
A smart speaker records every voice command. Stakeholders: user, household guests, manufacturer, advertisers. Name the benefits, harms, and a safeguard.

Example 5

hard
An AI assistant is trained on user emails. After deletion requests, some text remains in the model weights. Name the risk and one mitigation.

Example 6

challenge
A health insurer wants to use customers' fitness-tracker data to set premiums. Name the stakeholders, the main privacy harms, and one safeguard that could make this acceptable.

Practice Problems

Try these problems on your own first, then open the solution to compare your method.

Example 1

medium
List three key principles of the UK GDPR (or similar data protection law) and explain how each protects individuals.

Example 2

hard
A fitness app tracks users' running routes and shares anonymised data with city planners. Discuss whether this is a good or bad use of data, considering both benefits and privacy risks.

Example 3

easy
An app requests access to your contacts, microphone, and location, but it is just a flashlight app. What is the privacy concern?

Example 4

easy
Privacy is best described as control over what about you?

Example 5

easy
A website pops up 'We use cookies' and lets you Accept All or Manage. What mechanism is this an example of?

Example 6

easy
True or false: posting your home address publicly on social media can have permanent privacy consequences.

Example 7

easy
Which European law gives people rights over their personal data, including access and deletion?

Example 8

easy
'I have nothing to hide, so privacy does not matter.' What is the flaw in this reasoning?

Example 9

easy
A store offers a discount card that tracks every purchase. What is the core privacy trade-off?

Example 10

easy
Encrypting your phone's stored data mainly protects privacy by doing what if the phone is stolen?

Example 11

medium
A fitness app shares 'anonymized' location traces, but users live alone and the traces start at their homes each morning. Why might this not actually protect privacy?

Example 12

medium
A free app's business model is 'we sell user data to advertisers.' Classify the main privacy issue and one mitigation a user can take.

Example 13

medium
Two practices: (a) collecting only the data needed for a feature, (b) keeping all data forever 'just in case'. Which follows good privacy design and why?

Example 14

medium
A school wants to monitor students' personal social media accounts for 'safety'. Name the privacy principle most clearly at stake and one safeguard.

Example 15

medium
Why is 'Accept All cookies' without reading risky even though it is fast?

Example 16

medium
A company collects emails for a newsletter, then uses them to build advertising profiles. Which privacy principle is violated?

Example 17

medium
Encryption protects message confidentiality, but a messaging app still stores who messaged whom and when. What category of private data is this, and is it sensitive?

Example 18

medium
A data broker buys your shopping records, browsing history, and address, then sells a combined profile. What makes the combined profile more privacy-invasive than any single source?

Example 19

medium
A weather app insists on always-on background location to 'improve forecasts'. What privacy principle does this violate, and what is a privacy-respecting alternative?

Example 20

challenge
A dataset is 'anonymized' by removing names but keeps ZIP code, birth date, and sex. Studies show these three often uniquely identify a person. What is this re-identification risk called, and what technique reduces it?

Example 21

challenge
A city wants to publish useful aggregate health stats without exposing any individual. Which privacy technique deliberately adds calibrated noise so individuals cannot be identified while overall trends stay accurate, and what is the trade-off?

Example 22

challenge
An AI model is trained on users' private chats. Even after deletion requests, the model may have memorized some text. Name the privacy challenge and one design choice that helps.

Example 23

easy
A photo-editing app asks for access to your contacts. Is this likely necessary for its main function?

Example 24

easy
Name two examples of personal information that deserves privacy protection.

Example 25

easy
Which European regulation defines rules for protecting personal data and gives users access, correction, and deletion rights?

Example 26

easy
Name one device-level safeguard that protects data privacy if your phone is stolen.

Example 27

easy
You install a flashlight app that requests location. What privacy principle is being violated?

Example 28

medium
A retailer collects your purchase history 'to improve services' but then sells it to advertisers. Which privacy principle is violated?

Example 29

medium
Why is metadata (who you texted, when, for how long) considered sensitive even if the message contents are encrypted?

Example 30

medium
A school proposes always-on cameras in classrooms 'for safety.' Name the privacy principle most at risk and one safeguard.

Example 31

medium
Why is the answer 'I have nothing to hide' a weak defense of poor privacy practices?

Example 32

medium
Why is reading and adjusting cookie consent preferences (instead of 'Accept All') a stronger privacy choice?

Example 33

medium
A store offers a free loyalty card that tracks every purchase. Name the trade-off and a less-invasive alternative.

Example 34

medium
Combining browsing history, purchase records, and address into a profile is more privacy-invasive than any single source. What is this effect called?

Example 35

medium
True or false: 'anonymized' data can sometimes be re-identified by combining it with other public datasets.

Example 36

medium
A weather app uses continuous background location. What is a privacy-respecting design alternative that still gives a useful forecast?

Example 37

hard
A dataset is 'de-identified' by removing names but keeps ZIP, birthdate, sex. Studies show this triple is unique for most people. Name the risk and one mitigation.

Example 38

hard
A city wants to release useful aggregate statistics without exposing any individual. Which technique adds calibrated noise to mask individuals while preserving overall trends?

Example 39

hard
A messaging service uses end-to-end encryption for content but logs which users message each other. Name the residual privacy risk.

Example 40

hard
You want to know if any of your contacts are also using an app, but you don't want to upload your contact list. Which privacy technique lets two parties compute an intersection without revealing the inputs?

Example 41

hard
GDPR grants the 'right to erasure.' Why is fully honoring this hard once data has been shared with third-party processors and backups?

Example 42

challenge
A school district wants to study student outcomes by sharing anonymized records with a researcher. Name two safeguards that combine to reduce re-identification risk.
โ† Back to Privacy Practice Mode

Background Knowledge

These ideas may be useful before you work through the harder examples.

cybersecurity