Section 3.1

Analyze Personally Identifiable Information

Learning Goals

IOC-2.A: Students will describe the risks to privacy from collecting and storing personal data on a computer system.
IOC-2.A.8 & IOC-2.A.9: Students will describe how collecting and storing personal data on a computer system enhances the user experience and simplifies making online purchases
Students will identify common examples of Personally Identifiable Information (PII).
Students will identify how PII is collected and where it is stored on a computer system.
IOC-2.A.1: Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them. Examples of PII include:
- Social Security Number
- Age
- Race
- Phone Number(s)
- Medical Information
- Financial Information
- Biometric Data

IOC-2.A.2: Search engines can record and maintain a history of searches made by users.
IOC-2.A.4: Devices, websites, and networks can collect information about a user’s location.
IOC-2.A.5: Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.
IOC-2.A.7: Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual.
IOC-2.A.8: PII and other information placed online can be used to enhance a user’s online experiences.
IOC-2.A.10: Commercial and governmental curation of information may be exploited if privacy and other protections are ignored.
IOC-2.A.11: Information placed online can be used in ways that were not intended and that may have a harmful impact. For example, an email message may be forwarded, tweets can be retweeted, and social media posts can be viewed by potential employers.
IOC-2.A.13: Once information is placed online, it is difficult to delete.
IOC-2.A.15: Information posted to social media services can be used by others. Combining information posted on social media and other sources can be used to deduce private information about you.

Objectives and General Description

The objective of this section is to learn what Personally Identifiable Information (PII) is and how that relates to internet privacy. The goal is for students to understand the importance of storing information properly and the repercussions of stolen information.

Activities

Activity 3.1.1 (outside assignment)

You either assigned the "Blown to Bits" books as summer reading or you assigned one book for each unit covered so far. If you have not done either, the students will need to read the books to complete the next activities in this unit.
- "Blown to Bits" First Edition
- "Blown to Bits" Second Edition
Reflections and Guided Reading Questions First Edition from the Summer Reading page.

Reflections and Guided Reading Questions Second Edition from the Summer Reading page.

Chapters 1-6

Activity 3.1.2 (budget 55 minutes)

Define "Personally Identifiable Information" as information about an individual that identifies, links, relates or describes them.
Have students brainstorm examples of PII. List their responses on the board or on a digital platform so that all students can see them. Responses need to include but are not limited to:
- Social security number
- age
- race
- phone number(s)
- medical information
- financial information
- address
Ask students how this data is accessible online? Where can it be found? Give students five minutes to research where data is stored when using a computer network. Share responses in a round-robin style. Continue until all student responses have been recorded. If student responses don't cover the required topics, you may need to supplement their list. Required topics are:
- Search engines
- Websites
- Devices (computers, servers, phones, tablets)
Point out that not only can specific pieces of data be retrieved, technology can aggregate data for other purposes.
- Geolocation, cookies and browsing history can create knowledge about a person.
- Search engines can use search history to suggest websites for targeted marketing.
- GPS apps can store your travel history and current location.
Students complete a metadata scavenger hunt. Allow students to work on this with a partner. The communication and collaboration on this assignment will help students clarify the concepts and deeper their understanding of metadata, search engines and cookies, as they relate to privacy risks. Note: Have a student try this out in your classroom prior to the lesson to make sure students can access this information using a student login. Sometimes IT restrictions prevent a student from viewing these details. If that is the case, you will need to either demonstrate for the class or perhaps use this as a homework assignment.
Have a class reflection discussion to summarize the findings. Important concepts to emphasize include...
- What is PII?
- Search engines record and maintain a history of searches by users.
- Websites can record & maintain a history of site visitors.
- Data can be collected about your location
- Search engines can use search history for targeted advertising.
- Metadata can be sold to third party vendors.
- Data can be collected from a variety of sources to create knowledge about an individual.
- Advantages include: simplified online purchases & access to websites, better deals on online shopping because of targeted advertising (coupons), better search results
- Disadvantages: privacy can be exploited, identity theft leading to loss of money, financial information, etc., personal safety compromised by release of location data, employers can see social media history, etc.

7. Watch this video, "Is Facial Recoginition Invading our Privacy?" by Above the Noise from PBS Learning Media and have a class discussion about who should get our information, how our information is used, and how we can protect ourselves.

8. Watch this video, "Cops Need a Warrant To Search Your Cell Phone's Location History, Supreme Court Rules." by Vice News. Have a class discussion about cell phones in school. Should parents be allowed to search their children's cell phones? What exactly are your 4th Amendment rights? Although the video is six years old, the information in the video is still accurate. Law enforcement generally needs a warrant to access your location history. This requirement is based on the Fourth Amendment, which protects against unreasonable searches and seizures[1][2]. To obtain a warrant, police must demonstrate probable cause to a judge, showing that accessing your location history is necessary for their investigation[1][2].

References

[1] Behind the Browser: Can Police Access Your Search History?

[2] Can the Police See Your Online Search History? - Morris Law

Activity 3.1.3 (10 minutes)

Students should have already read "Blown to Bits" - Chapter 3 , "Who Owns Your Privacy?" Second Edition

As a warm-up activity for this section, have a class discussion about:
- What happened to Stacy Snyder?
- What are some things that students post online?
- Who is looking at those things?
- Do college admissions offices look?
- Do coaches look?
- Do potential employers look?

Activity 3.1.4 (2 hours)

Watch the video, "How to Read Privacy Policies Like a Lawyer" by The Verge.
Students find & a current event article that relates to PII and privacy.
Have students go to TedTalks.com and search for privacy & metadata. Select a ted talk, listen and summarize.
Students create their own TedTalk about PII and privacy.
Show students a sample multiple-choice question about metadata. You can find these in any APCSP review book. Question #5 in this practice set on CS Principles: Big Ideas in Programming is a good example. Have students write a multiple-choice question. You can use these for warm-ups, ticket out the door, etc.

Resources

Report abuse