Module 3

Question 1

Interrogation

Answer 1

Is the intentional probing of information to reveal personal information about a person.

Question 2

Asymmetric Power Relationship

Answer 2

When a person is compelled to give up personal information to a person of authority. An example would be an interviewee answering personal questions to a prospective employer.

Question 3

Existing Relationship

Answer 3

Asking personal questions that are out of context within social norms of the relationship. An example would be an employer asking about an employee’s personal life.

Question 4

Reverse Flow of Information

Answer 4

An individual oversharing unsolicited information. An example would be a student sharing information about their personal life during a class discussion

Question 5

Covert Surveillance

Answer 5

Tracking that one may not be aware of being tracked (web surfers, geolocators, loyalty cards, etc.).

Question 6

Overt Surveillance

Answer 6

Tracking that one is aware of (CCTV, Transponders, voice activations, etc.).

Question 7

Identification

Answer 7

When information is linked to specific individuals; when a unique identifier (SSN, Driver’s License Number, etc.) is linked to other data elements (like age, weight, health info, income level, for example).

Question 8

Exclusion

Answer 8

Information is used without an individual’s knowledge or consent. It can also occur in the form of discrimination. Privacy technologists should include unsubscribe and consent as options to avoid exclusion.

Question 9

Secondary Use

Answer 9

Information used without consent for purposes unrelated to the original purposes. Any secondary use should be in the external privacy notice and internal privacy policies.

Question 10

Data Insecurity

Answer 10

State or condition where data is vulnerable to unauthorized access, misuse, loss, or corruption.

Question 11

Disclosure

Answer 11

Is revealing credible and private information about an individual that can affect how others view that person or may impact their security. Disclosure is the intentional revealing of information about an individual as opposed to insecurity, which is the result of negligence.

Question 12

Distortion

Answer 12

Is the release of fabricated and incorrect personal information (opposite of disclosure) and can be used to harm ones reputation.

Question 13

Blackmail

Answer 13

Is where a threat of releasing personal information against someone’s will unless paid a ransom or to perform some action.

Question 14

Breach of Confidentiality

Answer 14

Disclosure of information shared in private.

Question 15

Appropriation

Answer 15

Is when someone else information is use for someone else’s gain (identity theft or using another person’s identity to endorse a product).

Question 16

Interference

Answer 16

Any act that prevents or obstructs a process from continuing or being carried out properly. Examples of interference include surveillance, tracking and interrogation.

Question 17

Decisional Interference

Answer 17

A type of interference when an external party (government, commercial entity, etc.) interferes with an individual’s decision-making regarding their personal affairs. Inaccurate data can lead to decisional interference.

Question 18

Intrusion

Answer 18

A type of interference where a disturbance that affects an individuals solitude or tranquility (can be physical, psychological or informational). Intrusion can be reduced by giving individuals control over electronic forms of intrusions (opting out of notifications, using opt-out as the default and asking customers to opt in).

Question 19

Self Representation

Answer 19

A type of interference where another entity alters how an individual is represented or regarded. Whether or not the information changed is accurate is irrelevant, as the individual no longer has control over their self representation.

Question 20

Behavioral Advertising

Answer 20

Advertising that is based on the users habits and behavior. Though this has some positives of informing users about products and services that they may not be aware of, there needs to be a balance of ones privacy. Safe privacy practices should notify users of collection practices and offer choice over collection and sharing.

Question 21

Social Engineering

Answer 21

Using any means of psycology to maipulate people to do something that discloses valuable information or provides access.

Question 22

Intrusion Report

Answer 22

Data that is collected when an IDS (Intrusion Detection System) monitors network traffic for suspicious activity and alerts when such activity is discovered. The one concern in the area of privacy is collecting too
much detailed information on how data is used and where vulnerabilities may lie leads to an increase in privacy risk.

Question 23

Cyberbullying

Answer 23

Bullying that occurs online and personal information is used that can be used to intimate or bully someone. Various laws are now in place around the country that are a anti-bullying bill of rights where they stress the right not to be bullied, prohibits substantially disruptive speech against others on behavior on social media platforms contusive to intimidation and bullying.

Question 24

Vulnerability Management

Answer 24

Vulnerability is determined by capability and probability; management involves reducing vulnerability by creating a cyber defense infrastructure support using firewall to prevent malicious network traffic.

Question 25

Patches

Answer 25

Changes to a program with the goal to fix, update or improve a system (bug fixes). This is intended to address vulnerabilities in security.

Question 26

Open-source vs Closed Source

Answer 26

Open-source software has code that is easily viewed, shared and modified. Closed-source software can only be fixed by the vendor, and consumers may need to wait to be assisted with issues.