MainDefinition and importance
Privacy is the right of individuals to control how their personal information is collected, used and shared. It depends on:
- Stakeholders: users, businesses, regulators, public authorities.
- Context: what data (for example location, health and usage) is processed, how it’s used, cultural background and users’ attitudes
- Challenges: protection privacy takes effort and knowledge; it isn’t rewarding for service providers by default
Protection approaches
- Data protection by law (“Datenschutz”)
- Legal measures to guard personal data against misuse or manipulation
- German BDSG (since 1978) originally protected citizens from state agencies; later extended to businesses
- Privacy by Design / Default
- Embedding privacy considerations into system architectures and workflows from the outset
- Technical Data Protection
- Encryption, access controls, audit logging, anonymisation/pseudonymisation
Data protection principles
All approaches rest on core principles: services should collect only the data strictly necessary for their function, inform individuals about what is stored, obtain explicit and revocable consent and documents every design decision to demonstrate compliance.
Typical exam questions
Be ready to:
- Define privacy in a brief.
- Name the three protection approaches from your slides.
- Explain data minimisation and consent under GDPR, citing relevant articles.
- Illustrate with a brief real-world example (for example PRISM’s impact on freedom of speech) to show both theory and practical stakes.