Chapter 12 Exercises: Privacy, Surveillance, and AI
Conceptual Questions
Exercise 12.1: The Three Dimensions of Amplification
Explain the three ways AI amplifies surveillance (scale, speed, inference) using an example other than CityScope Predict. Choose a real-world AI surveillance system — such as airport security, employee monitoring software, or smart home devices — and describe how each dimension of amplification applies.
Exercise 12.2: Metadata vs. Content
A technology company claims: "We never read the content of your messages. Your communications are private." Using what you learned about metadata in this chapter, explain why this statement might be technically true but practically misleading. Provide three specific examples of sensitive information that could be inferred from message metadata alone (who, when, how often, from where) without reading any message content.
Exercise 12.3: The "Nothing to Hide" Argument
A friend tells you: "I don't care about privacy because I have nothing to hide." Drawing on the chapter's threshold concept ("privacy is about power, not secrecy"), write a thoughtful response that addresses this argument. Your response should include at least two concrete examples of how privacy loss can harm someone who has done nothing wrong.
Exercise 12.4: Consent Fatigue
The chapter describes "consent fatigue" — the phenomenon where people click "Accept" on privacy policies without reading them. Some critics argue this means consent-based privacy frameworks are fundamentally broken. Others argue that the solution is to make consent processes better, not to abandon consent. Which position do you find more persuasive, and why? What alternative approaches to consent can you imagine?
Applied Exercises
Exercise 12.5: Your Digital Exhaust Audit (Individual)
Spend one hour tracking every piece of data you generate. Use a notebook (physical, not digital — the irony would be too thick).
For each digital interaction, record: - What you did (searched, texted, browsed, purchased, etc.) - What data you explicitly shared - What data was likely generated as a byproduct (location, timestamps, device information, etc.) - What inferences a sophisticated AI system might draw from that data
At the end of the hour, write a one-page reflection: Were you surprised by the volume of data? Did anything make you uncomfortable? Did this exercise change how you think about your daily digital habits?
Exercise 12.6: Facial Recognition Policy Debate (Group, 4–6 students)
Your city council is debating whether to allow police to use facial recognition technology in public spaces. Divide into the following roles:
- Police chief: Arguing for adoption (crime reduction, missing persons, public safety)
- Civil liberties advocate: Arguing against adoption (accuracy concerns, privacy rights, chilling effect)
- Technology vendor: Presenting the product's capabilities and limitations
- Community representative from a neighborhood with high police presence: Offering perspective on the impacts
- City council member: Asking questions, weighing evidence, making a decision
- Journalist: Observing and writing a summary of the debate
Each participant should prepare a 3-minute opening statement. After opening statements, hold a 15-minute open discussion. The council member makes a final decision and explains their reasoning.
Reflection question: Did the debate surface any trade-offs that were not immediately obvious? Did hearing other perspectives change your initial position?
Exercise 12.7: Privacy Policy Comparison
Choose two companies that provide similar services (e.g., two social media platforms, two email providers, or two fitness apps). Locate their privacy policies and compare them on the following dimensions:
| Dimension | Company A | Company B |
|---|---|---|
| What data is collected? | ||
| How is the data used? | ||
| Is data shared with third parties? Who? | ||
| How long is data retained? | ||
| Can you request deletion of your data? | ||
| Can you opt out of data collection? | ||
| Is the policy written in understandable language? |
Write a 500-word analysis: Which company has stronger privacy protections? Were you able to understand what each company does with your data? What was unclear or concerning?
Exercise 12.8: Surveillance Self-Assessment
Rate each of the following scenarios on a scale of 1 (completely comfortable) to 5 (deeply uncomfortable):
- A smart speaker in your home that is always listening for a wake word
- Your employer monitoring your keystrokes and screen activity during work hours
- A store using facial recognition to identify shoplifters
- A fitness app sharing your exercise data with your health insurance company
- Police using license plate readers to track the movements of every car in the city
- A university using AI to monitor student social media for signs of mental health crises
- A government using AI to analyze social media posts for potential security threats
- A dating app using AI to infer your personality traits from your swiping patterns
For each scenario: Why did you rate it the way you did? What factors made you more or less comfortable (who is watching, what data, for what purpose, whether you consented)?
Compare your ratings with a classmate. Where do you disagree, and why?
Critical Analysis Exercises
Exercise 12.9: Surveillance Trade-Off Analysis
Choose one of the following real-world AI surveillance systems and conduct a trade-off analysis:
a) AI-powered CCTV in a retail store chain b) Social media monitoring by law enforcement agencies c) Contact tracing apps used during a pandemic d) AI proctoring software used for online exams
For your chosen system, create a structured analysis: - Benefits: Who benefits, and how? - Costs: Who bears the costs, and what are they? - Power dynamics: Who has power in this arrangement? Who lacks it? - Alternatives: Could the same goals be achieved with less surveillance? - Your assessment: On balance, is this system justified? Under what conditions would you change your mind?
Exercise 12.10: Regulatory Gap Analysis
The chapter describes the U.S. patchwork approach to privacy regulation. Identify a specific type of data that falls between existing federal protections. (For example: health data collected by a non-medical app, student data collected by a non-school platform, or employee biometric data in a state without biometric privacy laws.)
Research the current legal protections (or lack thereof) for this data type. Then: 1. Describe a realistic scenario where this gap could lead to harm. 2. Propose a regulatory solution, specifying what protections should be added and who should enforce them. 3. Anticipate and respond to one objection to your proposal.
Exercise 12.11: The Panopticon in Your Life
Identify three contexts in your daily life where you experience the panopticon effect — where you modify your behavior because you know or suspect you might be observed by an AI system. For each context:
- Describe the surveillance system and who operates it.
- Explain how it changes your behavior.
- Assess whether this behavioral change is positive (e.g., driving more safely because of speed cameras), negative (e.g., self-censoring political speech), or ambiguous.
- Consider: does this surveillance affect different people differently based on their identity, socioeconomic status, or geography?
Reflection Exercise
Exercise 12.12: Your Privacy Values
Write a one-page personal reflection on where you draw the line on privacy. Consider:
- Are there types of data you would gladly share for convenience? Types you would never share?
- Has your thinking about privacy changed since reading this chapter? How?
- The chapter argues that privacy is "about power, not secrecy." Do you agree? Why or why not?
- What, if anything, do you plan to do differently after reading this chapter?
There are no wrong answers here — the goal is to develop a thoughtful, informed personal position that you can articulate and defend.