Protecting Your Personal Data Online
Students will learn about the types of personal data collected online, how it's used, and practical steps to protect their privacy.
About This Topic
Protecting Your Personal Data Online equips Secondary 3 students with essential digital literacy to thrive in Singapore's connected society. They identify key types of personal data, including direct identifiers like names, NRIC numbers, emails, and phone contacts, plus inferred data such as location history, browsing patterns, and purchase behaviors. Websites, apps, and social platforms gather this via cookies, pixels, forms, and device sensors. Students examine how companies analyze it for targeted advertising, user profiling, price discrimination, and resale to third parties, linking to real apps like TikTok or Lazada they use daily.
This topic sits within the MOE Computing curriculum's Impacts of Computing on Society unit, under Ethics and Social Issues standards. It sharpens critical evaluation of data practices, fosters responsible choices, and prepares students for Smart Nation challenges. Practical strategies covered include strong unique passwords, two-factor authentication, privacy setting tweaks, VPN use, and spotting phishing cues.
Active learning suits this topic perfectly. When students audit their own app permissions in pairs or simulate data leaks through role-plays, remote concepts turn urgent and actionable. Group strategy swaps build confidence and peer accountability for lasting habits.
Key Questions
- Identify different types of personal data that can be collected online.
- Explain how companies might use personal data for advertising or other purposes.
- Develop strategies to manage and protect their own personal information online.
Learning Objectives
- Classify types of personal data collected online, distinguishing between direct identifiers and inferred data.
- Analyze how companies utilize personal data for targeted advertising, user profiling, and potential price discrimination.
- Develop and present a personal data protection strategy incorporating at least three practical online safety measures.
- Critique the privacy policies of two different popular apps or websites, identifying potential risks and benefits of data collection.
- Demonstrate how to adjust privacy settings on a common social media platform to minimize data exposure.
Before You Start
Why: Students need a basic understanding of how the internet functions to comprehend how data is transmitted and collected online.
Why: Familiarity with concepts like passwords and malware provides a foundation for understanding more advanced protection methods like 2FA and phishing prevention.
Key Vocabulary
| Personally Identifiable Information (PII) | Information that can be used on its own or with other information to identify, contact, or locate a single person. Examples include name, NRIC, or email address. |
| Inferred Data | Information about a person that is not directly provided but is deduced from their online behavior, such as browsing history or purchase patterns. |
| Cookies | Small text files stored on a user's computer by a website to remember information about the user, like login details or preferences. |
| Two-Factor Authentication (2FA) | A security process that requires users to provide two different authentication factors to verify their identity, adding an extra layer of protection beyond just a password. |
| Phishing | A cybercrime where attackers impersonate trustworthy entities to trick individuals into revealing sensitive information like passwords or credit card details. |
Watch Out for These Misconceptions
Common MisconceptionIncognito mode keeps all my online activity private.
What to Teach Instead
Incognito only prevents local history and cookie storage on the device; websites, ISPs, and advertisers still track via IP and fingerprints. Hands-on demos comparing tracked sites in normal versus incognito modes clarify this, while pair discussions expose hidden persistence.
Common MisconceptionCompanies collect data only to improve their services for me.
What to Teach Instead
Firms often aggregate and sell data for ads or unrelated purposes, despite privacy policies. Role-play sales pitches and data flow maps in groups help students question motives, revealing profit incentives over user benefit.
Common MisconceptionA single strong password protects all my accounts.
What to Teach Instead
Reuse risks chain breaches across sites; multi-factor and managers are vital. Simulations of hacked password dumps in small groups show cascade effects, prompting adoption of layered defenses through peer coaching.
Active Learning Ideas
See all activitiesDevice Audit: App Permissions Review
Students list five apps they use daily and screenshot permission settings for camera, location, and contacts. In pairs, they identify excessive access and brainstorm revocation steps. Pairs present one fix to the class for collective notes.
Role-Play: Phishing Dilemmas
Prepare scenario cards with fake emails or pop-ups requesting data. Small groups act out responses, one as victim and others as advisors. Debrief identifies safe choices and red flags through class vote.
Settings Scavenger Hunt
Provide checklists for Instagram, Google, and Shopee privacy options. Individually, students navigate accounts, adjust three settings, and log changes. Share screenshots in whole-class gallery walk to compare tips.
Jigsaw: Protection Pledges
Assign each small group one strategy like password managers or data minimizers. Groups research, create demo posters, then rotate to teach peers. End with personal pledge sheets for home use.
Real-World Connections
- Cybersecurity analysts at financial institutions like DBS Bank in Singapore constantly monitor for data breaches and develop strategies to protect customer PII from sophisticated phishing attacks.
- Digital marketing professionals at companies like Shopee use data analytics to understand consumer behavior and tailor advertisements, raising questions about the ethical boundaries of personalized marketing.
- Users of ride-sharing apps like Grab may not realize the extent of location data collected, which can be used for service improvement but also raises privacy concerns if misused.
Assessment Ideas
Provide students with three scenarios describing online data collection. Ask them to identify the type of data collected (PII or inferred), explain one potential use by a company, and suggest one protective measure they could take.
Pose the question: 'Is it acceptable for companies to use your browsing history to show you personalized ads, even if you haven't explicitly agreed?' Facilitate a class discussion where students debate the pros and cons, referencing concepts like user profiling and price discrimination.
Show students screenshots of common app permission requests (e.g., location, contacts, microphone). Ask them to quickly write down whether they would grant each permission and provide a one-sentence justification based on potential data use and privacy risks.
Frequently Asked Questions
What types of personal data do websites collect from students?
How do companies use personal data for advertising?
What practical steps protect personal data online?
How can active learning help students grasp online privacy?
More in Impacts of Computing on Society
Introduction to Artificial Intelligence
Students will gain a foundational understanding of AI, machine learning, and their applications in daily life.
2 methodologies
Bias in AI and Algorithmic Fairness
Students will investigate how biases can be embedded in AI systems and discuss strategies for promoting fairness and equity.
2 methodologies
AI and Automation: Job Displacement and New Opportunities
Students will discuss the economic impact of AI and automation, considering job losses and the creation of new roles.
2 methodologies
Ethical Considerations in AI Use
Students will discuss the ethical implications of AI in various contexts, focusing on fairness, privacy, and accountability in its application.
2 methodologies
Access to Technology and Infrastructure
Students will examine the factors contributing to the digital divide, including access to hardware, software, and internet connectivity.
2 methodologies
Digital Literacy and Skills Gap
Students will discuss the importance of digital literacy and the impact of varying skill levels on participation in the digital economy.
2 methodologies