Section 3.1
Analyze Personally Identifiable Information
Learning Goals
Students will identify common examples of Personally Identifiable Information (PII).
Students will identify how PII is collected and where it is stored on a computer system. (IOC-2.A.7)
Students will describe how collecting and storing personal data on a computer system enhances the user experience. (IOC-2.A.8 & IOC-2.A.9)
Students will describe the risks to privacy from collecting and storing personal data on a computer system. (IOC-2.A)
IOC-2.A.1: Personally identifiable information (PII) is information about an individual that identifies, links, relates, or describes them. Examples of PII include:
Social Security Number
Age
Race
Phone Number(s)
Medical Information
Financial Information
Biometric Data
IOC-2.A.2: Search engines can record and maintain a history of searches made by users.
IOC-2.A.4: Devices, websites, and networks can collect information about a user’s location.
IOC-2.A.5: Technology enables the collection, use, and exploitation of information about, by, and for individuals, groups, and institutions.
IOC-2.A.7: Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual.
IOC-2.A.8: PII and other information placed online can be used to enhance a user’s online experiences.
IOC-2.A.10: Commercial and governmental curation of information may be exploited if privacy and other protections are ignored.
IOC-2.A.11: Information placed online can be used in ways that were not intended and that may have a harmful impact. For example, an email message may be forwarded, tweets can be retweeted, and social media posts can be viewed by potential employers.
IOC-2.A.13: Once information is placed online, it is difficult to delete.
IOC-2.A.15: Information posted to social media services can be used by others. Combining information posted on social media and other sources can be used to deduce private information about you.
Objectives and General Description
The objective of this section is to learn what Personally Identifiable Information (PII) is and how that relates to internet privacy. The goal is for students to understand the importance of storing information properly and the repercussions of stolen information.
Activities
Activity 3.1.1 (outside assignment)
You either assigned the "Blown to Bits" books as summer reading or you assigned one book for each unit covered so far. If you have not done either, the students will need to read the books to complete the next activities in this unit.
Reflections and Guided Reading Questions First Edition from the Summer Reading page.
Reflections and Guided Reading Questions Second Edition from the Summer Reading page.
Activity 3.1.2 (budget 55 minutes)
Define "Personally Identifiable Information" as information about an individual that identifies, links, relates or describes them.
Have students brainstorm examples of PII. List their responses on the board or on a digital platform so that all students can see them. Responses need to include but are not limited to:
Social security number
age
race
phone number(s)
medical information
financial information
address
Ask students how this data is accessible online? Where can it be found? Give students five minutes to research where data is stored when using a computer network. Share responses in a round-robin style. Continue until all student responses have been recorded. If student responses don't cover the required topics, you may need to supplement their list. Required topics are:
Search engines
Websites
Devices (computers, servers, phones, tablets)
Point out that not only can specific pieces of data be retrieved, technology can aggregate data for other purposes.
Geolocation, cookies and browsing history can create knowledge about a person.
Search engines can use search history to suggest websites for targeted marketing.
GPS apps can store your travel history and current location.
Students complete a metadata scavenger hunt. Allow students to work on this with a partner. The communication and collaboration on this assignment will help students clarify the concepts and deeper their understanding of metadata, search engines and cookies, as they relate to privacy risks. Note: Have a student try this out in your classroom prior to the lesson to make sure students can access this information using a student login. Sometimes IT restrictions prevent a student from viewing these details. If that is the case, you will need to either demonstrate for the class or perhaps use this as a homework assignment.
Have a class reflection discussion to summarize the findings. Important concepts to emphasize include...
What is PII?
Search engines record and maintain a history of searches by users.
Websites can record & maintain a history of site visitors.
Data can be collected about your location
Search engines can use search history for targeted advertising.
Metadata can be sold to third party vendors.
Data can be collected from a variety of sources to create knowledge about an individual.
Advantages include: simplified online purchases & access to websites, better deals on online shopping because of targeted advertising (coupons), better search results
Disadvantages: privacy can be exploited, identity theft leading to loss of money, financial information, etc., personal safety compromised by release of location data, employers can see social media history, etc.
7. Watch this video, "Is Facial Recoginition Invading our Privacy?" by Above the Noise from PBS Learning Media and have a class discussion about who should get our information, how our information is used, and how we can protect ourselves.
8. Watch this video, "Cops Need a Warrant To Search Your Cell Phone's Location History, Supreme Court Rules." by Vice News. Have a class discussion about cell phones in school. Should parents be allowed to search their children's cell phones? What exactly are your 4th Amendment rights?
Activity 3.1.3 (10 minutes)
Students should have already read "Blown to Bits" - Chapter 3 , "Who Owns Your Privacy?" Second Edition
As a warm-up activity for this section, have a class discussion about:
What happened to Stacy Snyder?
What are some things that students post online?
Who is looking at those things?
Do college admissions offices look?
Do coaches look?
Do potential employers look?
Activity 3.1.4 (2 hours)
Watch the video, "How to Read Privacy Policies Like a Lawyer" by The Verge.
Students find & a current event article that relates to PII and privacy.
Have students go to TedTalks.com and search for privacy & metadata. Select a ted talk, listen and summarize.
Students create their own TedTalk about PII and privacy.
Show students a sample multiple-choice question about metadata. You can find these in any APCSP review book. Question #5 in this practice set on CS Principles: Big Ideas in Programming is a good example. Have students write a multiple-choice question. You can use these for warm-ups, ticket out the door, etc.
Resources
3.1.1: Reflections and Guided Reading Chapter 1 (Student Worksheet)
3.1.1: Reflections and Guided Reading Chapter 2 (Student Worksheet)
3.1.1: Reflections and Guided Reading Chapters 3-6 (Student Worksheet)
3.1.1: Reflections and Guided Reading Chapters 1-6 (Student Worksheet)
3.1.3: "Blown to Bits" Chapter 3, "Who Owns Your Privacy?" (Student Resource)
3.1.4: How to Read Privacy Policies Like a Lawyer (Teacher Resource)
3.1.4: CS Principles: Big Ideas in Programming (Student Resource)