AP CSP Privacy PII

AP CSP Topics › Privacy & PII

AP CSP Privacy & PII: Complete Guide (2025‑2026)

Personally Identifiable Information (PII) is any data that can identify an individual — alone or in combination. The subtle trap AP CSP tests: data that looks anonymous often is not. Zip code + birthdate + gender alone re-identifies most people. Aggregation turns harmless fields into identifying combinations. Metadata reveals as much as content. The exam tests whether you can spot privacy risks that are not obvious on the surface.

87%Of U.S. population re-identifiable using only ZIP code, birthdate, and gender
3Fields needed to identify most people: ZIP + DOB + gender
0New data collected — re-identification uses data you already shared

How Aggregation Creates Identity Risk

Each field below seems harmless in isolation. Together, they uniquely identify a person even without a name.

How Data Aggregation Re-Identifies Anonymous Records Name: REMOVED ZIP: 66213 DOB: 1987-03-14 Gender: F Seems harmless alone COMBINE ZIP + DOB + Gender = Quasi-identifier cluster Research: uniquely IDs Re-identified! 87% of U.S. pop. identifiable this way (Sweeney, 2000)

Removing a name is not anonymization. Aggregation of remaining fields creates a quasi-identifier that re-identifies most individuals.

Scenario — Spot the Privacy Risk

A hospital publishes a “de-identified” patient dataset. They removed names and Social Security numbers. The remaining fields include age, ZIP code, diagnosis code, admission date, and insurance provider. A researcher claims the data is now fully anonymous and safe to publish publicly.

What is wrong with the researcher’s claim? What specific risk remains?

Answer

The data is pseudonymized, not anonymized. The remaining fields — especially age + ZIP + diagnosis + admission date — form a quasi-identifier cluster that can re-identify specific patients, particularly those with rare diagnoses or in small geographic areas. Removing names and SSNs is necessary but not sufficient for true anonymization.

Metadata: More Revealing Than Content

Metadata is “data about data.” When you send a message, metadata records who you contacted, when, for how long, and from where — all without reading a single word of content.

Content (encrypted)
What the message SAYS
  • “[encrypted — unreadable]”
  • “[encrypted — unreadable]”
  • “[encrypted — unreadable]”
  • HTTPS protects this layer
Metadata (often plaintext)
What the metadata REVEALS
  • Sender: patient_A → oncology clinic
  • Duration: 47 minutes
  • Time: Tuesday 9:03 AM
  • Location: home address
Scenario — Intended or Unintended?

A messaging app encrypts all message content end-to-end. The government subpoenas the company’s metadata logs: sender, recipient, timestamps, and call durations. A user argues: “My messages are encrypted, so my privacy is protected.”

Is the user’s argument correct? What does the metadata reveal?

Answer

Incorrect. End-to-end encryption protects message content, not metadata. The metadata logs reveal communication patterns: who the user contacts, how often, for how long, and at what times. In the example above, a patient contacting an oncology clinic for 47 minutes reveals likely diagnosis information without decrypting any message.

Privacy vs. Security Trade-offs

Privacy Goal
Collect minimum data necessary
  • Users control their own information
  • Data not retained after purpose served
  • Opt-in consent before collection
  • Anonymization before analysis
Security Goal
Collect data to detect threats
  • Behavior logs identify attackers
  • Long retention enables forensics
  • Broad collection catches anomalies
  • Identifiable records enable accountability
Scenario — Evaluate the Trade-off

A city deploys smart streetlights that record pedestrian movement 24/7 to optimize traffic signals and detect accidents. The data is stored for 90 days. Officials argue this improves public safety. Privacy advocates argue it creates a surveillance infrastructure.

What is the core privacy trade-off here? Is there a way to reduce privacy cost while keeping the safety benefit?

Answer

The trade-off: public safety benefit (accident detection, traffic optimization) vs. creation of granular movement records for every citizen. Privacy-preserving alternatives include: aggregating pedestrian counts without storing paths, using edge processing that never transmits raw video to central servers, or reducing retention to 24-48 hours. The AP exam tests your ability to identify trade-offs and evaluate whether the data collected is proportional to the stated purpose.

Common Exam Pitfalls

1
Thinking name removal = anonymization

Removing names is necessary but not sufficient. Aggregation of remaining fields frequently re-identifies individuals. The AP exam tests aggregation risk specifically.

2
Confusing encryption with privacy

Encryption protects data in transit from eavesdroppers. It does not prevent the collecting party from using, analyzing, or selling your data. HTTPS means your ISP can’t read it — not that the website can’t.

3
Assuming metadata is less sensitive than content

Metadata (who, when, where, how long) frequently reveals more than content. Courts and intelligence agencies prioritize metadata access precisely because of its revealing nature.

4
Thinking opt-out means data is not collected

On most platforms, opt-out of targeted advertising means data is collected but not used for that specific purpose. Collection and use are separate. Read privacy policies carefully — opt-out rarely means no collection.

Check for Understanding

1. A social network stores: username, city, employer, university attended, and graduation year. A user requests their username be removed to protect privacy. Which statement is most accurate?

  • The user is now fully de-identified because the unique identifier (username) was removed.
  • The combination of city, employer, university, and graduation year may still uniquely identify the user.
  • Removing the username satisfies all legal definitions of anonymization in all jurisdictions.
  • The remaining fields contain no PII because none is a government-issued identifier.
Aggregation of seemingly generic fields frequently re-identifies individuals. City + employer + university + graduation year is a narrow cluster that may match only one person, even without a username.

2. A messaging app encrypts all message content end-to-end. Which of the following is still vulnerable despite this encryption?

  • The content of messages between users
  • The encryption key used to secure messages
  • Metadata logs recording who communicates with whom, when, and for how long
  • The app’s source code on the user’s device
End-to-end encryption protects content. Metadata — sender, recipient, timestamp, duration, location — is typically stored in plaintext and subject to separate legal processes.

3. Consider these statements about PII:
I. Direct PII includes names, SSNs, and email addresses.
II. Indirect PII can only become identifying if combined with direct PII.
III. An IP address can qualify as PII in some privacy frameworks.

Which statements are correct?

  • I only
  • I and II only
  • I and III only
  • I, II, and III
Statement I is correct. Statement II is false — indirect PII (ZIP + DOB + gender) can uniquely identify individuals without any direct PII. Statement III is correct — IP addresses are treated as PII under GDPR and several other frameworks.

4. A fitness app collects step counts and sleep patterns. It shares this data with “research partners” after removing usernames. This practice is best described as:

  • Fully anonymized data sharing because usernames are absent.
  • Pseudonymization that retains re-identification risk through behavioral fingerprinting.
  • A secure and privacy-compliant practice because biometric data is inherently imprecise.
  • Illegal under all modern privacy regulations.
Behavioral data (steps, sleep patterns) can be more identifying than names. Unique behavioral signatures persist after username removal. This is pseudonymization, not anonymization.

5. Which scenario best illustrates the secondary use problem in data privacy?

  • A website uses HTTPS to encrypt login credentials during transmission.
  • A city installs traffic sensors for congestion pricing; law enforcement later uses the location data to track individuals.
  • A company stores passwords using bcrypt hashing.
  • A social network allows users to download a copy of their data.
Secondary use: data collected for one legitimate purpose (congestion pricing) is repurposed for another (surveillance) without user consent for the second use. This is the core secondary use problem.

6. A student argues: ‘If I use a VPN, websites cannot collect any personal data about me.’ This statement is:

  • Correct — VPNs encrypt all traffic, preventing all data collection.
  • Correct — VPNs mask IP addresses, which are the only form of PII websites collect.
  • Incorrect — websites collect data through cookies, login sessions, and fingerprinting that persist through a VPN.
  • Incorrect only if the VPN provider is located in the same country as the user.
A VPN hides your IP from websites and hides traffic from your ISP. It does not prevent websites you actively visit from collecting data via cookies, login authentication, device fingerprinting, and behavioral tracking.

Frequently Asked Questions

What counts as PII on the AP CSP exam?
PII is any data that can identify an individual alone or in combination. Direct PII: name, SSN, email, phone number. Indirect PII: ZIP code, birthdate, gender, employer, IP address — especially when combined. The AP exam focuses on aggregation: combinations of indirect PII that uniquely identify a person even without any direct PII present.
How is privacy different from security?
Security protects data from unauthorized access (encryption, firewalls, authentication). Privacy is about controlling how data is collected, used, and shared — even by authorized parties. A company can have strong security (no breaches) and poor privacy (sells your data). The AP exam tests both concepts and their differences.
Does the AP exam require memorizing specific privacy laws?
No. You are not expected to memorize FERPA, COPPA, GDPR, or other laws by name. You should know the general principle: some data categories have heightened protections, legal frameworks vary by country, and consent and transparency are core privacy values. Questions apply principles to scenarios rather than testing statute recitation.

How the AP Exam Tests This

  • Identify whether specific data (alone or combined) constitutes PII
  • Explain the concept of data aggregation and why combining non-PII can create PII
  • Describe a specific privacy risk created by a computing technology
  • I/II/III: which statements about privacy and PII are correct
  • Identify which data collection practice violates a reasonable expectation of privacy

7. A website collects: browsing history, ZIP code, age range, and device type — none of which are PII individually. Why might the combination be a privacy concern?

  • None of these data points are ever sensitive.
  • Combining multiple data points can uniquely identify an individual even when no single point is PII.
  • The combination is only a concern if names are included.
  • Data aggregation never creates privacy risks.
Data aggregation: combining individually non-identifying data points can create a unique profile. Studies show 87% of Americans can be uniquely identified by ZIP code, birthdate, and gender alone.

8. A person posts photos on social media with location tagging enabled. Which privacy risk does this most directly create?

  • Their password can be extracted from the photos.
  • Their physical location and daily patterns can be inferred from the metadata.
  • Their social media account becomes vulnerable to hacking.
  • Their photos can be used for facial recognition only.
Location tags and photo timestamps reveal where someone is and when — enabling tracking of patterns like home address, work location, and daily schedule.

9. Consider: I. Data that is not PII alone can become PII when combined with other data. II. Encryption guarantees complete privacy of personal data. III. Users giving consent to data collection are always fully informed of how data will be used.

  • I only
  • I and II only
  • I, II, and III
  • II and III only
I is correct (aggregation). II is false — encryption protects data in transit but not from authorized access or breaches at the server. III is false — consent forms are often lengthy and not fully read or understood.

10. A company sells its user database to a third party after users agreed to a terms-of-service that included sharing data with ‘trusted partners.’ Users did not read this clause. This situation illustrates:

  • No privacy issue — users gave legal consent.
  • A tension between legal consent and meaningful informed consent, raising privacy and ethical concerns.
  • Illegal data sale regardless of terms of service.
  • A technical privacy breach.
Legal consent (clicking agree) differs from informed consent (actually understanding). This gap between legal and meaningful consent is a key AP CSP privacy concept.

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]