QUESTION BANK FOR DATA PRIVACY

UNIT 1 SHORT
Q1 - Define privacy in the context of personal data.
Q2 - Explain the concept of data breaches and their impact on privacy.
Q3 - Compare and contrast discretionary access control (DAC) and mandatory access
control
(MAC) models.
Q4 - Discuss real-world applications of RBAC in safeguarding sensitive data.
Q5 - Explain regulatory frameworks such as HIPAA and GDPR in the context of medical
privacy.
Q6 - Do we know how, when and who to notify in the event of a breach?
Q7 - Explain the consequences for organizations failing to adhere to their stated privacy
policies or regulatory standards.

UNIT 1 LONG
Q1 - Evaluate the role of incident response plans and strategies in mitigating the impact of
data breaches, including proactive measures such as threat intelligence gathering, rapid
detection and containment, and post-incident analysis to prevent recurrence.
Q2 - Explore the challenges of maintaining privacy in electronic health records (EHRs),
including issues related to data security, access control, and patient consent.

UNIT 2 SHORT
Q1 - Discuss the concept of data explosion in the digital age, considering factors such as the
proliferation of connected devices, social media platforms, and Internet of Things (IoT)
sensors.
Q2 - Explain the implications of the lack of barriers in the collection and distribution of
person-specific information for individual privacy and data protection.
Q3 - Discuss different approaches to modeling data sharing practices, including graph-based
models, game-theoretic models, and Bayesian networks, and their applicability to different
scenarios.
Q4 - Identify and explain the key drivers behind the data explosion phenomenon, including
the rise of social media, e-commerce, Internet of Things (IoT) devices, and digital content
creation.
Q5 - Discuss the role of data management platforms, data lakes, and data warehouses in
handling the scale and diversity of modern data environments.
Q6 - How do cultural norms and values influence attitudes towards data sharing and privacy
among different demographic groups?
Q7 - Can you provide examples of real-world applications where mathematical models have
been used to assess data sharing practices and policies?

UNIT 2 LONG
Q1 - Discuss the role of governments, policymakers, and international organizations in
addressing the challenges posed by data explosion, including the need for data governance
frameworks, cross-border data regulations, and ethical guidelines for data usage.
Q2 - Examine privacy and security concerns arising from the lack of barriers in data
collection and distribution, including risks of data breaches, data mining, and algorithmic
bias.

UNIT 3 SHORT
Q1 - Compare and contrast the null-map, k-map, and wrong map protection models in terms
of their effectiveness, applicability, and limitations.
Q2 - Analyze scenarios where inferring entity identities has led to privacy breaches in
databases and explore lessons learned for improving data protection measures.
Q3 - Provide an overview of different types of data protection models commonly used in
practice.
Q4 - Evaluate the effectiveness of encryption-based models in ensuring confidentiality,
integrity, and authenticity of data, considering factors such as key management and
cryptographic strength.
Q5 - Discuss techniques such as data anonymization, pseudonymization, and differential
privacy used in privacy-enhancing models.
Q6 - Explore the challenges of empirically evaluating the performance and robustness of
protection models in dynamic and adversarial environments, and propose strategies for
conducting rigorous assessments.
Q7 - Identify common challenges and considerations associated with the adoption and use
of the null map in data privacy initiatives.

UNIT 3 LONG
Q1 - Explore emerging trends and advancements in K-map research and development
within the field of data privacy.
Q2 - Analyze real-world applications and use cases of entry-specific databases in domains
such as healthcare, finance, and government, and their implications for privacy, security, and
data governance.

UNIT 4 SHORT
Q1 - Analyze the strengths and weaknesses of MinGen compared to other anonymization
techniques, considering factors such as scalability, effectiveness, and privacy preservation.
Q2 - Can you explain the factors considered in determining the level of protection required
for different types of data?
Q3 - Could you discuss a real-world application where MinGen has been successfully
implemented for data protection?
Q4 - In what ways does Datafly balance privacy and data utility, especially when dealing with
sensitive information?
Q5 - In what ways does Scrub address the risk of re-identification when anonymizing textual
documents?
Q6 - Can you compare Datafly's privacy guarantees with other anonymization techniques,
such as generalization or suppression?

UNIT 4 LONG
Q1 - MinGen is designed to work with various types of data attributes, including numerical,
categorical, and textual. How does MinGen adapt its synthetic data generation approach to
different data types, and are there inherent limitations or biases associated with this
adaptability?
Q2 - Adversarial attacks pose a significant threat to privacy-preserving techniques. How
does Mu-Argus defend against adversarial attempts to re-identify individuals or infer
sensitive information from anonymized datasets? Are there known vulnerabilities or
limitations in Mu-Argus's defense mechanisms?

UNIT 5 SHORT
Q1 - Can you discuss the role of employee training and awareness programs in promoting
adherence to medical privacy policies and procedures?
Q2 - What initiatives exist to promote transparency and user control over their online data,
such as the implementation of privacy labels and consent mechanisms on websites and
mobile apps?
Q3 - Can you discuss any notable cases where FOIA requests have played a significant role
in uncovering government activities or promoting public awareness?
Q4 - How do courts determine the validity of search warrants, including the requirement for
probable cause and specificity in describing the items or information to be seized?
Q5 - Medical privacy legislation often includes provisions granting patients rights to access,
amend, and restrict the use of their health information. How do healthcare providers
operationalize these rights in practice, and what challenges do they face in fulfilling patient
requests?
Q6 - Social media platforms gather vast amounts of personal data from users. How do these
platforms balance personalized user experiences with user privacy, and what steps do they
take to safeguard user data from unauthorized access or misuse?
Q7 - Transparency and user consent are essential aspects of online privacy. How do
websites and online services communicate their data collection and usage practices to
users, and how can users make informed decisions about their privacy online?
Q8 - What is the primary objective of the Freedom of Information Act (FOIA), and what types
of information does it aim to make accessible to the public?
Q9 - What reforms or improvements could be made to enhance FOIA's transparency and
accessibility while addressing these challenges?

UNIT 5 LONG
Q1 - In an increasingly globalized healthcare landscape, how do medical privacy laws
address cross-border data transfers and jurisdictional issues, particularly when sensitive
health information is transferred between countries with different privacy standards and
regulations?
Q2 - How do governments and regulatory bodies address privacy concerns on the web
through legislation and enforcement actions? Can you discuss recent regulatory
developments, such as the General Data Protection Regulation (GDPR) and the California
Consumer Privacy Act (CCPA), and their impact on online privacy practices?
Q3 - In certain situations, law enforcement may seek access to digital data without a search
warrant, citing exigent circumstances or emergencies. Can you discuss the legal standards
and limitations surrounding emergency access to digital data, and how they balance privacy
rights with law enforcement needs?