MODULE 1

Question 1

Nissenbaum’s Contextual Integrity

Answer 1

Ties adequate protection for privacy to norms of specific contetexts, demanding that information gathering and dissemination be appropriate to that context and obey the governing norms of distribution within it. This viewpoint presents a challenge to IT professionals: how to identify relevant norms and preserve norms when they introduce new or changing technology? Helen Nissenbaum’s framework of contextual integrity ties privacy expectations to context-dependent norms of information flow. Information collection, processing and transmission practices that are in accordance with those norms are likely to be perceived as acceptable, whereas practices that do not follow those norms are perceived as privacy violations because they violate contextual integrity.

Question 2

Solove’s Taxanomy

Answer 2

A work by Daniel Solve and attempts to order the different harms that may arise from infringements in privacy. The taxonomy is split into four categories: 1) Information Collection, 2) Information Processing, 3) Dissemination of Information, and 4) Invasion.

Question 3

Calo’s Harms Dimensions

Answer 3

Objective harms are measurable and observable, wherein a person’s privacy has been violated and a direct harm is known to exist. Subjective harms exist without an observable or measurable harm, but where an expectation of harm exists.

Question 4

Westin’s Four States of Privacy

Answer 4

The states include:
Solitude: The individual stands by themselves, separate from the group and remains free from the observations of others.
Intimacy: The individual is part of a small unit; information sharing and the rules of secrecy are negotiated with members of the unit.
anonymity: While the individual is in public, they still maintain freedom from identification and surveillance.
reserve: While the individual is in a large group, they maintain the ability to withold communication or disengage from others to create a psychological barrier agains t unwanted intrusion.

Question 5

Fair Information Practice Principles (FIPPs)

Answer 5

Published in 1977 by the U.S. Federal Trade Commission (FTC) and provides guidance to businesses in the United States. FIPPs is a collection of widely accepted principles that agencies use when evaluating information systems, processes, programs, and activities that affect individual privacy. FIPPs are not a requirements; rather, they are principles that should be applied by each agency according to the agency’s particular mission and privacy program requirements.

Question 6

Collection Limitation Principle

Answer 6

FIPPS Principle: There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and where appropriate, with the knowledge or consent of the data subject.

Question 7

Data Quality Principle

Answer 7

FIPPS Principle: Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.

Question 8

Pupose Specification Principle

Answer 8

FIPPS Principle: The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use should be limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.

Question 9

Use Limitation Principle

Answer 9

FIPPS Principle: Personal data should not be disclosed, made available or otherwise used for purposes other than those specified, except: (a) with the consent of the data subject; or (b) by the authority of law.

Question 10

Security Safegaurd Principle

Answer 10

FIPPS Principle: Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data
Openness Principles—There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller.

Question 11

Individual Participation Principle

Answer 11

FIPPS Principle: Focuses on giving people control over their personal information. In simple terms, it means that individuals should have the right to know what information is being collected about them, access that data, and correct it if it’s wrong.

Example:
Let’s say a company collects your personal information to create an account for their services. According to this principle, you should be able to:

See what data they have – You can ask the company what information they’ve collected about you.
Update or correct it – If your name or contact information is wrong, you should be able to request corrections.
Challenge or delete the data – If the information is incorrect or you no longer want the company to hold it, you should be able to request that they remove or update it.
This principle ensures transparency and empowers individuals to have some control over their personal data.

Question 12

Accountability Principle

Answer 12

FIPPS Principle: Means that organizations are responsible for protecting your personal information and must take steps to ensure it is handled properly. If something goes wrong—like a data breach or misuse of your data—they are held accountable for fixing the problem and must follow through with consequences or corrective actions.

Question 13

Active Collection

Answer 13

Data Collected directly from the subject

Question 14

Passive Collection

Answer 14

Collection occurs without requiring any action from the participant.

Question 15

First Party Collection

Answer 15

Providing personal information directly to data collector

Question 16

Repurposing

Answer 16

Previously collected data used for a different purpose

Question 17

Surveillance

Answer 17

Collect data through observed behaviors like online searchesor websites

Question 18

Third Party

Answer 18

When companies or organizations that you don’t directly interact with gather information about you. These third parties often collect data from other websites, apps, or services you’re using, without you directly giving it to them.

Question 19

Explicit Consent

Answer 19

Requires the user to take an action, such as selecting an option to allow the collection of information that the application provider want to use to impove services and functionality.

Question 20

Implicit Consent

Answer 20

Does not require direct user permission

Question 21

Privacy Notice

Answer 21

An external documents that informs consumers/users on how data is collected, how it is being used, data retention and disclosed. It states the organization’s practices, values, and commitments concerning the personal data. Many organizations will have checkboxes for the consumer to agree to priv notice terms and / or have a link that will take them to the notice itself.

Question 22

Retention Policy

Answer 22

Defines why and how you store data, for how long, and then how you dispose of it. This plays a crucial role in data management.

Question 23

Data Life Cycle

Answer 23

The different stages that data goes through, from the moment it is created to when it is no longer needed and gets deleted. It helps organizations manage and protect data effectively at every step.

Simple Breakdown of the Stages:
Creation: Data is generated or collected (e.g., filling out an online form).
Storage: The data is saved somewhere (e.g., on a computer server or cloud).
Usage: The data is used for analysis or decision-making (e.g., a company uses your data to personalize ads).
Sharing: Data might be shared with others (e.g., a business shares your info with a delivery service).
Archiving: Old or inactive data is stored securely for future use if needed.
Deletion: When the data is no longer needed, it’s securely deleted.

Example in Simple Terms:
Imagine you sign up for a newsletter on a website:
Creation: You enter your name and email.
Storage: The website stores your info on their servers.
Usage: The company uses your email to send you newsletters.
Sharing: They may share your email with their marketing partners.
Archiving: If you stop reading the emails, they might keep your info but stop actively using it.
Deletion: If you unsubscribe, they delete your email from their system.

Question 24

NIST Special Publication 800-88

Answer 24

Provides recommendations on how to securely erase or destroy data from storage devices to ensure that sensitive information cannot be recovered or accessed once it’s no longer needed. It’s a guide that helps organizations safely delete data from devices like computers, hard drives, or USBs to prevent anyone from getting access to that data later, even after the device is discarded or reused.

An example: Imagine you have an old smartphone with personal photos, messages, and apps. Before you throw it away or sell it, NIST 800-88 recommends steps like wiping the phone’s memory (a process called sanitization) or even physically destroying the phone to make sure no one can recover your personal data from it. This helps keep your private information safe even after you no longer use the device.

Question 25

Privacy by Design (PbD)

Answer 25

Seven principles bosed on proactively incorporating privacy into all levels of operations organically (as opposed to viewing it as a tradeoff).

Question 26

Proactive not Reactive; Preventative not remedial

Answer 26

PbD Principle 1: Privacy measures should be planned and built into a system from the beginning, not added later as a reaction to problems.

Question 27

Privacy as the Default Setting

Answer 27

PbD Principle 2: The system should protect personal data automatically without requiring users to take action.

Question 28

Privacy Embedded into the Design

Answer 28

PbD Principle 3: Privacy is an integral part of the system’s design, not something that’s tacked on later.

Question 29

Full Functionality; Positive sum, not Zero Sum

Answer 29

PbD Principle 4: Privacy and other objectives (like security, usability, and business goals) should be balanced so that you don’t have to sacrifice one to achieve the other.

Question 30

End-to-End Security - Full Life Cycle Protection

Answer 30

PbD Principle 5: Data protection extends throughout the entire life cycle of the data, from collection to deletion.

Question 31

Visiblitiy and Transparency - Keep it Open

Answer 31

PbD Principle 6: The processes and technologies involved in protecting privacy should be transparent and visible to all stakeholders, ensuring accountability. For example, A company publishes clear and accessible privacy policies that explain how user data is collected, used, and protected. They also regularly report on their data protection practices to build trust with their customers.

Question 32

Respect for User Privacy - Keept it User-Centric

Answer 32

PbD Principle 7: The system should be designed with the user’s privacy in mind, offering them control and protecting their rights. For example, A website allows users to easily access, correct, or delete their personal information, and provides clear options for managing privacy settings, ensuring that users have control over their own data.

Question 33

NIST Framework

Answer 33

Set of guidelines and best practices designed to help oganizations manage and reduce cybersurity risks. It is divided into five main areas:
1. Identify - What assets need protection.
2. Protect - Put measures in place to protect assets.
3. Detect - Set up systems to quickly spot problems (suspicious activity)
4. Respond - Plan to deal with security incidents
5. Recover - Ensuring bounce back and restore comprimised assets.

Question 34

NICE Framework

Answer 34

Guide created to help people understand the different types of jobs and skills in the field of cybersecurity.

Question 35

Value Sensitive Design

Answer 35

Design approach that accounts for moral and ethical values and should be considered when assessing the overall “value” of a design.

Question 36

Factors Analysis in Information Risk (FAIR)

Answer 36

Method used to understand and quantify the risks associated with cybersecurity and other information-related threats. In simple terms, it helps organizations figure out how much a cyber threat could potentially cost them, both in terms of money and damage to their reputation, and how likely it is that the threat will happen.

FAIR works by breaking down complex risks into smaller, more understandable components. It looks at factors like:

How likely is it that a threat will happen? (e.g., the chances of a hacker trying to break into a system)
What are the potential impacts if it does happen? (e.g., the financial loss, data theft, or damage to a company’s reputation)

Question 37

Stakeholder Analysis

Answer 37

Value Sensitive Design Method: An anlysis that evaluates the benefits and harms that affect both direct and indirect analysis.

Question 38

Value Sketches

Answer 38

Value Sensitive Design Method: Use sketches, colages or visual aids to elicit values from stakeholders.

Question 39

Value Scenarios

Answer 39

Value Sensitive Design Method: Generate narratives/scenarios to identify, communicate or illustrates the impact of design choices on stakeholders and their values.

Question 40

Value Source Analysis

Answer 40

Value Sensitive Design Method: The values of the project, designer and stakeholders are assessed and conflicts in the groups values are considered.

Question 41

Design Thinking Process

Answer 41

Involves five steps:

Empathize: Start by getting to know the people who will use your product or service. This means understanding their needs, challenges, and how they think and feel. For example, if you’re designing a new app, you might talk to potential users to learn about their habits and frustrations with similar apps.

Define: Once you’ve gathered insights from users, you define the problem you’re trying to solve. This step is about clearly understanding what the main issues are and what needs to be addressed. For instance, after talking to users, you might define the problem as “People find it hard to navigate current apps to find the features they need quickly.”

Ideate: Now that you know the problem, it’s time to brainstorm possible solutions. In this stage, you come up with as many ideas as possible, no matter how wild or simple they might be. The goal is to think creatively and explore different possibilities. For example, you might suggest ideas like a simplified menu, voice commands, or a customizable interface for the app.

Prototype: After narrowing down your ideas, you create a prototype, which is a simple model or version of your solution. This doesn’t have to be perfect or final—it’s just something that allows you to see how your ideas might work in practice. For the app, this could be a basic version of the new design with a few key features.

Test: Finally, you test your prototype with real users to see how well it solves the problem. You observe how they interact with it, gather feedback, and make improvements based on what you learn. If users find it easier to navigate the app, then you’re on the right track; if not, you may need to go back to earlier steps and refine your solution.

Question 42

Value-oriented semi-structured interviews

Answer 42

Value Sensitive Design Method: Use interview questions to elicit information about values and value tensions.

Question 43

Value-oriented coding manuals

Answer 43

Value Sensitive Design Method: Use code and then analyze qualitative information gathered through one of the other methods.

Question 44

Scalable Information Dimension

Answer 44

Value Sensitive Design Method: A values-elicitation method that uses questions to determine the calable dimensions of information such as proximity, pervasiveness or granularity of information.

More generally, describes a method used to figure out what aspects of information are important to someone. It does this by asking questions that help identify key qualities of the information, such as:

Proximity: How close or relevant the information is to the person or situation.
Pervasiveness: How widespread or common the information is.
Granularity: How detailed or specific the information is.

In simpler terms, it’s a way to understand what details matter most to someone by asking them questions about different qualities of the information they are dealing with.

Question 45

Value-oriented moc ups, prototypes or deployments

Answer 45

Value Sensitive Design Method: Elicit feedback on potential solutions or features.

Question 46

Model of Informed Consent

Answer 46

Value Sensitive Design Method: Provides deign principles and a vaule analysis method for considering informed consent in online contexts.

Question 47

Value dams and flows

Answer 47

Value Sensitive Design Method: Identifying design options that are unacceptable to most stakeholders and removing them from the design space. Also identify design options that are liked by stakeholders.

Question 48

Value-sensitive action reflection model

Answer 48

Value Sensitive Design Method: Uses prompts to encourage stakeholders to generate or reflect on design ideas.

Question 49

Envisioning Cards

Answer 49

Value Sensitive Design Method: A set of cards developed by Friedman and her colleagues, which can be used to facilitate many of the other methods.