Human Rights

Privacy and Surveillance

What privacy is, why it matters for freedom and dignity, how modern surveillance works, and how to balance safety with personal freedom.

Core Ideas

1 Some things are only for you

2 Other people should ask before looking at your things

3 Being watched all the time feels uncomfortable

4 You can say no to sharing some things

5 Your body and your private space belong to you

Background for Teachers

Young children can understand the idea of privacy through their everyday experience of personal space, bodies, and belongings. Children do not need the word 'privacy' or 'surveillance', but they know the difference between things they are happy for everyone to see and things they want to keep just for themselves or a few people. They know the feeling of being watched all the time and how it changes how they behave. They understand that their body belongs to them, that their drawings and notes are their own, and that other people should ask before looking at these things. This early understanding grows into one of the most important adult rights — the right to have parts of our lives that belong to us and are not exposed to others. Without privacy, people cannot think freely, speak honestly, or be themselves. Help children learn to respect others' privacy and to protect their own. No materials are needed.

Classroom Activities

Activity 1 — Things that are private

PurposeChildren identify things that belong just to them or their family.

How to run itAsk: what are some things that are private — things that are just for you, or just for your family? Collect ideas. Usually: your diary or journal, what happens inside your home, your body, letters just for you, a secret with a friend, what is in your school bag. Now ask: what are some things that are NOT private — things everyone can see? Your name when you say hello. What you wear outside. The weather. The classroom. Discuss: some things are open to everyone, and some things are just for certain people. This is not because private things are bad — it is because we all need some parts of our lives that are just ours. It would be very strange if everyone knew everything about you.

💡 Low-resource tipDiscussion only. No materials needed.

Activity 2 — Being watched

PurposeChildren notice how being watched all the time changes how they feel and act.

How to run itTry a small experiment. Tell the class you will watch one child very closely for one minute — just looking at them. The child simply sits. Ask afterwards how it felt. Usually: uncomfortable, awkward, unsure what to do. Now ask: what if someone watched you all the time — at school, at home, even when you were sleeping? How would you feel? Discuss: being watched all the time makes it hard to be yourself. You would worry about every movement. You could not relax or try new things. This is why we all need time and space where nobody is watching us. Adults have this right too. It is called privacy.

💡 Low-resource tipSimple role-play only. No materials needed.

Activity 3 — Asking before looking

PurposeChildren learn to respect each other's things and spaces.

How to run itAsk: how would you feel if someone read your diary without asking? Looked in your school bag without asking? Took your drawing without asking? Discuss. Usually uncomfortable or upsetting. Now ask: what is the right thing to do? Ask before looking. Ask before taking. Accept 'no' as an answer. Discuss: respecting other people's privacy is part of being kind. It means we understand that their things are theirs, and they get to choose who sees them. If we want to earn someone's trust, one of the most important things we can do is respect their private things and spaces. This is also true for grown-ups — it is why we have laws about people not opening other people's letters, not going into other people's homes, and not taking pictures of people without asking.

💡 Low-resource tipDiscussion only. No materials needed.

Discussion Questions

Q1What are some things that are private to you?
Q2How does it feel when someone watches you all the time?
Q3Why should we ask before looking at someone else's things?
Q4Can you think of a time when privacy mattered to you?
Q5What should you do if someone tells you a secret that might hurt them or someone else?

Writing Tasks

Drawing task

Draw a picture of a private place or a private thing that belongs just to you. Write or say: This is private to me because ___________.

Skills: Understanding the value of personal space

Model Answer

Any drawing of a personal space (bedroom, favourite spot, quiet corner) or a personal item (diary, special toy, letter). The completion should explain why it is private. For example: 'This is my bedroom. It is private to me because it is where I can be by myself and nobody watches me.'

Marking Notes

Look for a clear sense of personal space or belonging, with a thoughtful reason. Accept any reasonable answer.

Sentence completion

Privacy means ___________. I respect other people's privacy by ___________.

Skills: Articulating the meaning and practice of privacy

Model Answer

Privacy means having parts of your life that are just for you or the people you choose to share with. I respect other people's privacy by asking before I look at their things and not sharing what they tell me in secret.

Marking Notes

Accept any response that captures both the meaning and a practical action. Simple reasoning is fine.

Common Misconceptions

Common misconception

If you have nothing to hide, you do not need privacy.

→

What to teach instead

Everyone has things they want to keep private, even if they are not bad. You might want privacy when you are sad, when you are thinking, when you are in the bathroom, or when you are writing something only for yourself. Privacy is not about hiding bad things. It is about having space to be yourself. Everyone needs it, even people who have done nothing wrong.

Common misconception

Only grown-ups need privacy — children do not.

→

What to teach instead

Children need privacy too. Your body, your thoughts, your drawings, and your belongings are yours. Grown-ups who care about children protect their privacy — they ask before looking at things, let children change clothes in private, and respect their quiet time. Learning about privacy when you are young helps you know how to protect it when you are older.

Core Ideas

1 What privacy is

2 Why privacy matters

3 Privacy as a human right

4 How personal data is collected today

5 Surveillance — what it is and when it is concerning

6 Balancing privacy with safety

Background for Teachers

Privacy is the ability to control what others know about us and how they can see or use our information. It includes our bodies, our homes, our communications (letters, emails, phone calls), our beliefs, our relationships, and our personal data. Privacy is one of the oldest recognised human needs and is protected as a right in most modern legal systems. Article 12 of the Universal Declaration of Human Rights (1948) states: 'No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence.' Privacy matters for several reasons. First, it protects our dignity. Every person has thoughts, feelings, and moments that are simply their own. Being able to keep some things private — our bodies, our beliefs, our private moments — is part of being a person. Second, privacy protects our freedom. Without privacy, we cannot think freely, try out ideas, or change our minds. If everything we say or do is observed, we start to perform rather than think. Third, privacy protects our safety. Knowing things about us — where we live, our daily patterns, our private lives — could be used by criminals, abusive partners, or oppressive governments to harm us. Fourth, privacy is essential for certain relationships. Doctors, lawyers, therapists, and religious advisors need privacy to do their jobs well. Modern life has made privacy much harder to protect. Technology collects enormous amounts of data about people. Mobile phones track where we go, who we talk to, and what we search for. Websites and apps collect information about what we read, buy, and watch. Security cameras record us in public spaces. Social media companies store detailed information about our lives. Much of this data is collected without us clearly understanding what is being collected or how it will be used. Governments also carry out surveillance — watching, tracking, and recording people. Some surveillance is aimed at serious criminals or threats. But surveillance can also be used against journalists, activists, opposition politicians, and ordinary people. Countries like China have built massive surveillance systems that track citizens' daily lives. Other governments buy advanced surveillance tools (like the Pegasus spyware) that can take over phones and read everything on them. The question is how to balance privacy with other goals — especially safety. Governments argue that surveillance helps catch criminals and prevent terrorism. There is truth in this. But surveillance that is too broad can damage democracy, silence dissent, and violate rights. International human rights law requires surveillance to be: (1) based on clear law; (2) aimed at a legitimate purpose; (3) necessary and proportionate; (4) subject to independent oversight. Blanket mass surveillance generally fails these tests. Teaching note: this is a sensitive topic, especially in countries with extensive surveillance. Present the principles — privacy as a human right, the need for oversight of surveillance — without accusing specific governments. Help students think about their own digital privacy too.

Key Vocabulary

Privacy

The ability to control what others know about you and how they can see or use your information, your body, your home, and your communications.

Surveillance

Watching, recording, or tracking people and their activities. Can be done by governments, companies, or individuals.

Personal data

Information about you as a person — your name, address, phone number, what you do online, where you go, who you know.

Consent

Giving permission — with full understanding — for something to happen. Privacy usually depends on consent: others should ask before using your information.

Mass surveillance

Surveillance of large numbers of people, often without specific suspicion against any one person. A major concern for human rights.

Encryption

A way of scrambling messages or data so that only the intended person can read them. A key tool for privacy in digital life.

Data protection

Laws and practices that protect personal information from being misused. The EU's GDPR (General Data Protection Regulation) is a major example.

Metadata

Information about communications — who you called, when, for how long — without the content itself. Metadata can reveal a lot about a person even without reading messages.

Classroom Activities

Activity 1 — Why does privacy matter?

PurposeStudents understand the many reasons privacy is important for individuals and society.

How to run itAsk students to imagine a world where they had no privacy at all. Every thought had to be shared. Every movement was watched. Every message was read by others. Every conversation was recorded. Every health condition was public. Walk through the effects. (1) Thinking: could you try out new ideas if everyone heard every half-formed thought? No. (2) Relationships: could you trust friends with secrets, or would everything leak? (3) Health: would you talk honestly to a doctor if everyone could see your records? (4) Safety: could you escape an abusive relationship if your location was always public? (5) Democracy: could you criticise the government if every word was monitored? (6) Creativity: could artists and writers try out daring work if every draft was public? Discuss: privacy is not about having 'something to hide'. It is about the space we all need to be human. Taking away privacy does not just affect criminals — it affects everyone, and especially the vulnerable (victims of abuse, dissidents, people with health conditions, members of minority groups). Privacy is a foundation for almost every other freedom.

💡 Low-resource tipTeacher presents scenarios verbally. Students discuss. No materials needed.

Activity 2 — Your digital footprint

PurposeStudents understand how much personal data is collected in modern life.

How to run itWalk through a typical day and what is collected. Morning: phone alarm (phone knows when you wake). You check messages (apps log what you open). You travel to school (phone tracks location). At school, you use the internet for research (sites track what you read). You watch a video at lunch (platform records your choices). You send messages to friends (apps store them). You visit a shop (card use is recorded). In the evening, you use social media (company stores your activity). You watch videos before bed (platform tracks what you watch). Ask: who has this information? Phone company. App makers. Shops. Social media companies. Your school network. Advertisers. Sometimes governments. Ask: do you remember agreeing to all of this? Usually no — it is hidden in long terms and conditions that nobody reads. Discuss: this is called a 'digital footprint'. It grows every day. Some of it is fine — it helps apps work. But a lot of it is sold or shared in ways most people do not understand. Companies build very detailed pictures of each person's life. Discuss protection steps. (1) Learn what apps collect. (2) Turn off location services when you do not need them. (3) Use privacy settings. (4) Be careful what you share publicly. (5) Support strong data protection laws. Ask: should there be stronger rules about what companies can collect? Many countries are increasing privacy laws — like the EU's GDPR.

💡 Low-resource tipTeacher walks through examples verbally. Students discuss. No materials needed.

Activity 3 — Surveillance, safety, and rights

PurposeStudents think about when surveillance is reasonable and when it goes too far.

How to run itPresent a series of cases. For each, ask: is this reasonable, or does it go too far? (1) Police watching CCTV in a busy city centre to respond to incidents. (2) A government reading every email sent in the country. (3) A secret service following a specific person who is suspected of serious crimes, with a court's permission. (4) A company reading employees' private messages on personal phones. (5) A government using facial recognition to identify every person at a peaceful protest. (6) Airports scanning luggage for weapons and bombs. (7) A city using cameras that can identify everyone who walks past. (8) Police tracking a specific car suspected in a serious crime, with court permission. (9) Parents knowing where their young children are through a phone app. (10) A government monitoring all social media posts by journalists. Discuss each. Generally, specific surveillance of specific suspects with proper oversight (like 3 and 8) is widely accepted. Basic public safety measures (like 1 and 6) can also be acceptable if limited. But broad surveillance of whole populations (like 2, 5, 7, 10) is widely seen as a serious concern — it treats everyone as a suspect and can easily be abused. Introduce the test: surveillance should be (1) based on clear law; (2) for a legitimate purpose; (3) necessary and proportionate; (4) overseen by independent institutions (like courts). When these conditions are met, surveillance can be reasonable. When they are not, surveillance becomes a threat to democracy itself.

💡 Low-resource tipTeacher reads cases verbally. Students discuss and vote. No materials needed.

Discussion Questions

Q1What are some things in your life that you would want to keep private? Why?
Q2Do you know what information different apps collect about you? Have you ever read the terms and conditions?
Q3When is government surveillance reasonable, and when does it go too far?
Q4Is it true that 'if you have nothing to hide, you have nothing to fear'? What might be wrong with this idea?
Q5Who should decide what information companies can collect about people? The people themselves? The government? The companies?
Q6How can we protect our privacy in a world of smartphones, cameras, and social media?

Writing Tasks

Task 1 — Explain and give an example

Explain what privacy is and give ONE reason why it matters. Write 4 to 6 sentences.

Skills: Explaining a concept, connecting to real-life importance

Model Answer

Privacy is the ability to control what others know about you and how they can see or use your personal information. It includes your body, your home, your messages, your beliefs, and your personal data. Privacy is protected as a human right by the Universal Declaration of Human Rights and by most national laws. It matters because without privacy, people cannot think, act, or live freely. For example, a person who is being watched all the time cannot speak honestly to friends, try new ideas, or disagree with their government. Privacy is not about hiding bad things — it is about having the space everyone needs to be a full human being.

Marking Notes

Award marks for: clear definition; mention of what privacy covers; a concrete example of why it matters; a clear conclusion. Strong answers will note that privacy is not about hiding wrongdoing.

Task 2 — Short argument

Explain why mass surveillance is a concern, even when a government says it is only used to catch criminals. Write 4 to 6 sentences.

Skills: Reasoning about institutional risk

Model Answer

Mass surveillance means watching or recording large numbers of people, not just specific suspects. Governments often say they need this to catch criminals or prevent terrorism. Even when this is sincere, mass surveillance raises serious concerns. First, it treats everyone as a suspect — reversing the normal rule that people are innocent until proven guilty. Second, surveillance systems collect huge amounts of information that can be misused, leaked, or abused by future governments with different intentions. Third, mass surveillance silences dissent — people become afraid to speak out, protest, or challenge those in power. Fourth, it often does not even work well — the information is so vast that real threats can be missed. International law requires surveillance to be targeted at specific suspicion, based on clear laws, and overseen by independent courts. Mass surveillance usually fails these tests.

Marking Notes

Award marks for: understanding what mass surveillance is; identifying at least two specific problems; connecting to rule of law and democratic concerns; a clear argument. Strong answers will mention oversight requirements.

Common Misconceptions

Common misconception

If you have nothing to hide, you have nothing to fear from surveillance.

→

What to teach instead

This common idea is misleading. Everyone has things they want to keep private — not because they are wrongdoing, but because privacy is part of a normal life. More importantly, governments change. What is legal today may be suspicious tomorrow. Information collected for one purpose gets used for others. People in vulnerable situations — victims of abuse, members of persecuted minorities, journalists, whistleblowers — often have everything to fear from surveillance even without having done anything wrong. 'Nothing to hide' is a comforting slogan, but it is not how surveillance actually works in practice.

Common misconception

Only governments do surveillance. Companies are not a concern.

→

What to teach instead

Private companies collect enormous amounts of personal data — often more detailed than what governments have. Social media companies know your friends, interests, movements, and daily patterns. Advertising networks build detailed profiles of individuals. Some of this data is sold, shared, or leaked. Some is used to manipulate people (showing targeted content based on emotional weaknesses). Company surveillance is a serious privacy issue on its own, and company data often ends up in government hands too. Both public and private surveillance deserve attention.

Common misconception

Privacy is a new concern created by technology.

→

What to teach instead

Privacy is ancient. People have always wanted some parts of their lives to be private — their bodies, their homes, their conversations, their thoughts. What technology has done is make privacy much harder to protect. Old methods of protecting privacy (like sealed letters, locked doors, and private conversations) do not work in the same way when communications are digital and always recorded. The challenge is new; the underlying value is not.

Core Ideas

1 Philosophical foundations of privacy

2 International human rights law on privacy

3 The surveillance state — historical and modern

4 Mass surveillance and the Snowden revelations

5 Surveillance capitalism

6 Facial recognition and biometric surveillance

7 Privacy-enhancing technologies

8 Balancing security and privacy

Background for Teachers

Privacy is one of the central human rights of the modern era, and the field of privacy studies has become enormously important with the rise of digital technology. Understanding the theoretical foundations, legal frameworks, and current challenges is essential at secondary level.

Philosophical foundations

Modern privacy theory dates from Samuel Warren and Louis Brandeis's seminal 1890 article 'The Right to Privacy' in the Harvard Law Review, which responded to the rise of photography and the tabloid press. They argued for a 'right to be let alone'. Alan Westin's 'Privacy and Freedom' (1967) developed the concept of informational privacy — 'the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others'. More recent theorists — Helen Nissenbaum (contextual integrity), Daniel Solove, and others — have refined these ideas for the digital era.

International human rights law

Article 12 of the Universal Declaration of Human Rights (1948) protects privacy of person, family, home, and correspondence. Article 17 of the International Covenant on Civil and Political Rights (1966) makes this binding in international law. Article 8 of the European Convention on Human Rights provides extensive privacy protection, developed through European Court of Human Rights case law. The UN Human Rights Committee General Comment 16 interprets Article 17. In 2013, UN General Assembly Resolution 68/167 recognised the right to privacy in the digital age. The Office of the UN High Commissioner for Human Rights has issued detailed reports on surveillance and privacy (notably in 2014, 2018, and 2022). The surveillance state: historical precedents include the secret police systems of the Soviet Union (KGB), East Germany (Stasi — with files on a significant portion of the population), Romania (Securitate), apartheid South Africa, and many authoritarian regimes. The East German Stasi maintained files on about one in three citizens and employed an extensive informant network. These systems demonstrated both the capacity for and the political consequences of mass state surveillance. Modern surveillance is more technologically advanced. China operates the most extensive system in the world, combining facial recognition, internet monitoring, mobile phone tracking, social credit systems, and physical cameras. In Xinjiang, this system has enabled severe repression of the Uyghur population. Russia has built extensive internet surveillance and facial recognition infrastructure. The Snowden revelations: in 2013, US National Security Agency contractor Edward Snowden revealed that the NSA and partner agencies (the 'Five Eyes': US, UK, Canada, Australia, New Zealand) operated extensive mass surveillance programmes collecting metadata and content on billions of communications worldwide. Programmes like PRISM (collecting from tech companies), XKeyscore (search across collected data), and bulk metadata collection affected ordinary people globally. The revelations led to significant reforms, including limits on NSA bulk collection (USA Freedom Act, 2015), stronger encryption by tech companies, and EU-US privacy framework renegotiations.

Surveillance capitalism

Shoshana Zuboff's 'The Age of Surveillance Capitalism' (2019) analyses how technology companies have built business models on the systematic collection and commodification of personal data. Google, Facebook/Meta, Amazon, and others collect enormous amounts of behavioural data and monetise it through advertising, recommendation algorithms, and data sales. Zuboff argues this represents a new form of economic power that undermines personal autonomy and democratic self-determination. Critics and defenders debate the extent of harm and the appropriate regulatory response.

Facial recognition and biometric surveillance

Facial recognition, gait analysis, and other biometric technologies have advanced rapidly. Applications range from unlocking phones to identifying people in public spaces. China's deployment is most extensive. The EU's 2024 AI Act restricts certain uses. Some US cities (San Francisco, 2019; Boston, 2020) have banned government facial recognition. Most countries have no specific regulation. Real-time facial recognition in public spaces poses particular concerns because it enables tracking of everyone in public, potentially deterring protest and association.

Encryption and privacy-enhancing technologies

Encryption has become central to digital privacy. End-to-end encryption (Signal, WhatsApp, iMessage) prevents providers or interceptors from reading message content. Governments have repeatedly sought 'backdoors' or weakening of encryption, arguing for lawful access. Civil liberties advocates and cryptographers have argued that weakening encryption creates vulnerabilities exploitable by hostile actors and undermines security generally. Tor (The Onion Router) enables anonymous internet use, used by dissidents, journalists, and criminals alike. Cryptocurrency and blockchain technologies have complex privacy implications.

Balancing security and privacy

The debate between privacy and security is perennial. Security services argue surveillance is essential to counter terrorism and serious crime. Privacy advocates argue that mass surveillance is ineffective (no major terrorist attack has been demonstrably prevented by bulk collection) and corrosive to democracy. The European Court of Justice (Schrems I, 2015; Schrems II, 2020) and European Court of Human Rights (Big Brother Watch v UK, 2021) have repeatedly ruled against aspects of bulk surveillance, finding them incompatible with European human rights standards. The underlying question — what constraints should apply to state surveillance, and who should enforce them — remains central to contemporary democracy.

Data protection frameworks

The EU's General Data Protection Regulation (GDPR, 2018) is the most comprehensive privacy regulation globally, with rights of access, correction, erasure, data portability, and others. Similar frameworks have emerged in California (CCPA), Brazil (LGPD), India (DPDP Act, 2023), and elsewhere. US federal privacy law remains fragmented.

Enforcement varies significantly

Teaching note

This is a fast-changing area. Help students understand the underlying principles — privacy as a foundation of human freedom and democratic society — and the key frameworks, rather than trying to keep up with every technological and legal development.

Key Vocabulary

Privacy

The right of individuals to control information about themselves and to be free from unjustified intrusion into their personal lives, homes, communications, and bodies.

Surveillance

The monitoring, observation, or recording of people, activities, or communications by governments, companies, or other actors.

Mass surveillance

Surveillance of large populations without specific, individualised suspicion — often in bulk or continuous form.

Targeted surveillance

Surveillance aimed at specific individuals under specific suspicion, typically requiring judicial authorisation.

Metadata

Data about data — for example, who called whom, when, and for how long — rather than the content of the communication itself. Despite appearing less intrusive, metadata can reveal highly personal information.

End-to-end encryption

A method of encoding communications so that only the sender and intended recipient can read them — not service providers, interceptors, or governments.

Data protection

Legal and practical frameworks governing how personal data may be collected, stored, used, and shared. The EU's GDPR is the leading global example.

Surveillance capitalism

Shoshana Zuboff's term for business models based on the systematic collection and commodification of personal behavioural data for advertising, influence, and profit.

Biometrics

Measurements of physical or behavioural characteristics — faces, fingerprints, iris patterns, voice, gait — used for identification.

Chilling effect

The deterrence of legitimate activity (speech, assembly, political engagement) due to the knowledge or fear of being surveilled.

Classroom Activities

Activity 1 — Evaluating surveillance

PurposeStudents apply international human rights standards to assess specific surveillance practices.

How to run itSet out the international test. Under the ICCPR and regional human rights frameworks, surveillance must be: (1) based on clear, accessible law; (2) pursuing a legitimate aim (national security, public safety, prevention of crime, etc.); (3) necessary in a democratic society; (4) proportionate to the aim; (5) subject to independent oversight; (6) non-discriminatory. Present cases. Students apply the test to each. Case 1: A court authorises wiretapping of a specific individual suspected of organising a major terrorist attack. The wiretap lasts 30 days and is reviewed by a judge. Likely meets the tests — specific suspicion, judicial oversight, time-limited. Case 2: A country requires all phone companies to give security services access to all calls, with no specific suspicion. Fails necessity and proportionality — bulk collection affects everyone, most of whom are not suspected. Case 3: Police use facial recognition to identify everyone attending a protest, storing images for future use. Fails — treats all protesters as suspects, chills assembly, disproportionate. Case 4: A school installs cameras in classrooms and publicly posts the feeds. Fails — disproportionate, violates students' dignity, no specific legitimate aim met. Case 5: Immigration authorities check airline passenger records against terrorist watch lists. Potentially justified but requires narrow criteria, short retention, and oversight. Case 6: A government monitors all social media posts by political opposition figures. Fails — targets protected political speech without specific criminal suspicion, discriminatory. Case 7: Law enforcement uses tools that break into specific suspects' phones under court order, for a specific investigation. Targeted and supervised — meets tests if authorising law is clear and scope limited. Discuss: the framework is demanding. Many actual surveillance practices fail it. Who is responsible for applying the test? Ideally independent courts and oversight bodies. In practice, in many countries, these are weak or captured. Discuss: what institutional arrangements would strengthen privacy protection? Independent oversight bodies, regular review of surveillance laws, public reporting, sunset clauses on emergency powers, strong data protection laws.

💡 Low-resource tipTeacher presents cases verbally. Students analyse against the test. No materials needed.

Activity 2 — Surveillance capitalism

PurposeStudents engage with how private-sector data practices shape the modern privacy environment.

How to run itPresent Shoshana Zuboff's concept. Surveillance capitalism is a business model where companies collect enormous amounts of data about user behaviour, analyse it using machine learning, and sell predictions or influence based on this data. The argument: this is different from earlier capitalism. The product is not just what users pay for (which is often free). The actual 'product' being sold is predicted user behaviour — to advertisers, but also to political campaigns, insurers, employers, and others. Walk through examples. Google knows what you search, which reveals your interests, concerns, and plans. Facebook/Meta knows your connections, reactions, and time spent on content — revealing your values, vulnerabilities, and social world. Amazon knows what you buy, consider, and review. Uber knows where you go. Each of these companies has built detailed behavioural models of billions of people. Ask: what are the concerns? (1) Power asymmetry: companies know vastly more about users than users know about the companies. (2) Autonomy: if your information environment is shaped by algorithms trained to maximise engagement, you may not be deciding freely what to attend to. (3) Manipulation: some users have been targeted with specific content during politically vulnerable moments (Cambridge Analytica was an early concrete case). (4) Discrimination: algorithmic decisions affect job ads, insurance prices, credit, housing — sometimes in discriminatory ways. (5) Opaque decision-making: users rarely understand what data is used to decide what they see or what they are offered. Present defences and counters. Defenders argue that targeted advertising enables free services, that users have consented, and that concerns are overstated. Critics argue that consent is meaningless when terms are unreadable and there is no real alternative, that harms are significant, and that regulation has lagged far behind technology. Discuss regulatory responses. The EU's GDPR requires consent for many uses, rights of access and deletion, and data minimisation. The EU Digital Services Act imposes further obligations on large platforms. California's CCPA, Brazil's LGPD, and India's DPDP Act follow similar lines. The US has more fragmented protection. Ask: is regulation keeping pace? Generally no — technology moves faster. What additional responses might work? Technical (privacy-preserving tools, anti-tracking browser features), economic (charging for services rather than 'free' models), structural (breaking up large platforms, requiring interoperability).

💡 Low-resource tipTeacher presents concept and cases verbally. Students discuss. No materials needed.

Activity 3 — Privacy, security, and the state

PurposeStudents engage with the classic tension between privacy rights and legitimate security needs.

How to run itSet out the debate. Governments argue that surveillance is essential to prevent serious crimes and terrorism. Privacy advocates argue that mass surveillance is ineffective, disproportionate, and corrosive to democratic societies. Both positions have strong versions and weak versions. Strong security position: surveillance saves lives. Without it, serious threats go undetected. Privacy must yield to safety when the stakes are highest. Counter: there is limited evidence that mass surveillance has prevented major attacks. Most successful counter-terrorism operations use targeted investigation, not bulk collection. Mass surveillance creates vast haystacks that make finding needles harder, not easier. Strong privacy position: surveillance is incompatible with free society. Any erosion of privacy starts down a slippery slope. History shows surveillance is always abused eventually. Counter: surveillance can be compatible with democracy if properly bounded by law, subject to oversight, and targeted at genuine threats. Absolute privacy would make serious criminal investigation very difficult. Work through specific debates. Encryption: should governments be able to require 'lawful access' to encrypted communications? Security services say yes — encryption lets criminals hide. Cryptographers say no — any backdoor can be exploited by hostile actors. This has been an ongoing debate for 30+ years. Bulk metadata: the Snowden revelations showed NSA was collecting all US phone records. Defenders said this was metadata, not content, and was needed to find terrorist connections. Critics said metadata reveals enormous amounts (who you call, when, for how long) and bulk collection was disproportionate. The USA Freedom Act (2015) ended domestic bulk collection. Facial recognition: should police use real-time facial recognition in public spaces? Proponents argue it helps identify serious criminals. Critics argue it treats everyone as a suspect and chills lawful activity. Various cities and states have banned or restricted it. Discuss underlying principles. (1) Specific suspicion beats bulk collection for most purposes. (2) Independent oversight is essential — courts, oversight bodies, public reporting. (3) Sunset clauses on emergency powers matter. (4) Encryption should not be deliberately weakened. (5) Proportionality matters — the more intrusive the surveillance, the higher the justification required. Ask: can a functioning democracy have both effective security and strong privacy? The best current thinking says yes, with the right institutional design. But this is an ongoing challenge that never reaches a final answer.

💡 Low-resource tipTeacher presents debate verbally. Students take positions and discuss. No materials needed.

Discussion Questions

Q1Samuel Warren and Louis Brandeis wrote in 1890 about 'the right to be let alone' in response to new photographic technology. Is their basic framework adequate for the challenges of digital-age surveillance, or do we need fundamentally new concepts?
Q2The 'nothing to hide' argument is frequently raised to dismiss privacy concerns. What are the strongest responses to this argument?
Q3The EU's GDPR takes one of the most protective approaches to data protection globally; the US has much weaker federal protection. Which model is better, and why?
Q4End-to-end encryption protects privacy but makes some criminal investigations harder. Should governments be able to require 'lawful access' to encrypted communications? Why or why not?
Q5Facial recognition in public spaces enables unprecedented tracking. Some cities have banned its use by police. Is this a reasonable step, or does it hamper legitimate law enforcement?
Q6The Snowden revelations exposed mass surveillance programmes that had been kept secret from the public. Was Snowden justified in his disclosures? What does this tell us about democratic oversight of intelligence services?
Q7Shoshana Zuboff argues surveillance capitalism is a new form of power that undermines democracy itself. Is this overstated, or does it correctly identify a fundamental challenge?

Writing Tasks

Task 1 — Extended essay

'The greater the threat, the more surveillance is justified.' To what extent do you agree? Write 400 to 600 words.

Skills: Thesis-driven argument, weighing security and rights, using examples

Model Answer

The claim that the greater the threat, the more surveillance is justified has real intuitive appeal — and some truth — but it is more dangerous than it appears. A careful answer must recognise what is correct about the claim while also seeing how it can be abused and why it breaks down at the extremes.

The claim has some foundation. International human rights law recognises that more serious threats can justify more intrusive measures. A wiretap on a specific suspect in a serious crime investigation is more justifiable than the same wiretap for a minor matter. A targeted intelligence operation against a known terrorist is more justifiable than surveillance of random citizens. The principle of proportionality — familiar in privacy law and throughout human rights doctrine — builds this logic in: limitations on rights must be proportionate to the aim pursued, which means that greater threats can justify greater responses.

The claim also aligns with how most people reason about emergencies. In the immediate aftermath of a major attack, few people argue that privacy protections should stay exactly the same. Some adjustment is usually seen as reasonable. The difficulty is what kind of adjustment, for how long, and with what safeguards.

However, the claim in its simple form is seriously misleading for several reasons. First, 'the threat' is itself a judgement — usually made by the security services and political leaders who benefit from expanded surveillance. History shows that threats are often exaggerated to justify powers that are later used against legitimate political activity. After 9/11, many countries expanded surveillance powers in ways that were later used against journalists, activists, and lawful dissent. In authoritarian regimes, 'terrorism' is routinely defined to include peaceful opposition.

Second, bigger surveillance is not always more effective. Bulk collection of data can create haystacks in which real threats are lost. Targeted surveillance of specific suspects, based on actual evidence, has a far better record than mass surveillance at preventing actual attacks. The Snowden revelations showed that NSA bulk metadata collection had not prevented any major attack. More surveillance does not equal more security.

Third, surveillance has costs that accumulate over time. Information collected for one purpose gets used for others. Systems built for specific threats remain when the threat fades. Chilling effects on speech, assembly, and association deepen when people know they are being watched. The surveillance state built to fight threats can undermine the democratic society it was meant to protect.

Fourth, the claim ignores essential safeguards. The legitimate version of the principle is not 'more threat, more surveillance' but 'more threat, more surveillance with proportionate oversight'. Without independent oversight (courts, parliamentary committees, inspectors general), emergency powers become permanent abuses. Democracies that survive serious threats do so partly by maintaining the institutional controls that keep surveillance within bounds.

Consider specific cases. The UK after 7/7 expanded surveillance; some powers were later abused. The US after 9/11 authorised torture and mass surveillance, both later judged to have undermined rather than supported security. By contrast, countries that responded to threats within legal frameworks — maintaining targeted investigations, judicial oversight, and sunset clauses on emergency measures — generally avoided lasting damage to democratic institutions.

In conclusion, the claim contains a partial truth: serious threats can justify serious responses, and proportionality cuts both ways. But the simple version is dangerous. The better principle is that serious threats justify serious responses within institutional safeguards — courts, oversight, time limits, and clear legal frameworks. Surveillance without these constraints is likely to be both ineffective and destructive to democracy, regardless of the threats that prompted it.

Marking Notes

Award full marks for: engaging with the intuitive appeal of the claim; identifying at least three specific problems with it; using examples (post-9/11, Snowden, specific cases); arguing for a qualified version (proportionality with safeguards); a nuanced conclusion. Deduct marks for essays that simply endorse either extreme position.

Task 2 — Analytical response

Explain what 'surveillance capitalism' is and discuss one way it raises concerns that traditional privacy frameworks struggle to address. Write 200 to 300 words.

Skills: Explaining a concept, analytical application

Model Answer

Surveillance capitalism, as Shoshana Zuboff defines it in her 2019 book, is a business model in which companies collect vast amounts of data about user behaviour, analyse it with machine learning, and sell predictions or influence based on this data. Google, Facebook/Meta, Amazon, and other major platforms have built enormous profits on this model. The 'raw material' is human experience, rendered into data; the 'product' is predictions about future behaviour sold to advertisers and others who want to influence people.

One way this raises concerns that traditional privacy frameworks struggle to address is the problem of meaningful consent. Traditional privacy frameworks depend on individual consent — users should agree before their data is collected. But in surveillance capitalism, consent is largely an illusion. Terms of service are impossibly long and deliberately unclear. Users have few real alternatives — refusing social media, mapping apps, or major email services is practically difficult. Consent is not given freely in a meaningful sense; it is extracted through take-it-or-leave-it terms on services that have become near-essential to modern life.

Further, the harms are collective as well as individual. Even someone who never uses Facebook can be affected by the political, psychological, and informational environments that surveillance capitalism shapes. Traditional privacy law sees the rights-holder as an individual with specific data to protect; surveillance capitalism affects democratic publics as a whole. Individual consent cannot fix collective harms.

This is why Zuboff and others argue for structural responses — breaking up large platforms, requiring interoperability, limiting data collection at source, and prohibiting certain uses entirely. The EU's Digital Services Act and AI Act go in this direction. Whether such responses can keep pace with the technology is an open question, but the standard individual-consent framework increasingly looks inadequate to the scale of the challenge.

Marking Notes

Award marks for: clear explanation of surveillance capitalism; identification of a specific inadequacy in traditional frameworks (consent, collective harms, scale); connection to regulatory responses; a thoughtful conclusion. Strong answers will show how the new model requires new regulatory tools.

Common Misconceptions

Common misconception

Privacy and security are opposites that must be traded off against each other.

→

What to teach instead

This framing is common but misleading. Privacy and security are often mutually reinforcing rather than opposed. Strong privacy (including encryption) protects people from cybercriminals, foreign intelligence services, and abusive actors — which is a form of security. Mass surveillance can be directly counterproductive, producing haystacks in which real threats are lost. The best thinking recognises that security and privacy both require careful institutional design, not that one must be sacrificed for the other. The real trade-offs are often between specific forms of surveillance and specific security benefits — not between privacy and security as abstract categories.

Common misconception

Metadata is not really private — only content matters.

→

What to teach instead

This is wrong, and increasingly recognised as wrong in law. Metadata (who called whom, when, where, for how long) can reveal more than content in many cases. Call metadata can show whether someone has contacted a suicide helpline, a disease specialist, or an abortion clinic; whether they have been to a political meeting; whether they are in a romantic relationship. When aggregated across large populations, metadata enables detailed profiling. The European Court of Human Rights and European Court of Justice have both held that bulk metadata collection raises serious privacy concerns. Dismissing metadata as less sensitive than content misunderstands modern surveillance.

Common misconception

You cannot have privacy in public spaces.

→

What to teach instead

This is incomplete. Traditional law has generally distinguished public and private spaces. But in the digital age, public movements can be tracked and combined in ways that produce detailed private information. Observing someone in a public space for a moment is different from tracking all their movements for months. Recording a face in public is different from running facial recognition against vast databases. Privacy in public is not absolute, but the 'public space' category does not automatically remove privacy interests. Modern privacy law (EU case law; some US state law) increasingly recognises this.

Common misconception

Privacy is a Western concept that other cultures do not share.

→

What to teach instead

Versions of privacy — protection of the body, the home, the family, and certain communications — appear in virtually every culture and legal tradition. Islamic legal traditions include extensive privacy protections (the Quran prohibits entering homes without permission). East Asian legal traditions recognise forms of family and relational privacy. African customary laws often protect home and communal spaces. What varies is the exact balance and the scope, not the underlying concept. Dismissing privacy as culturally specific is often a rhetorical move to justify weakening it in specific contexts.

Further Information

Key texts for students: Samuel Warren and Louis Brandeis, 'The Right to Privacy' (Harvard Law Review, 1890) — the foundational modern article, still highly readable. Alan Westin, 'Privacy and Freedom' (1967). Daniel Solove, 'Nothing to Hide' (2011) — accessible response to common arguments against privacy protection. Shoshana Zuboff, 'The Age of Surveillance Capitalism' (2019). Helen Nissenbaum, 'Privacy in Context' (2010). On intelligence surveillance: Glenn Greenwald, 'No Place to Hide' (2014); Luke Harding, 'The Snowden Files' (2014). On digital privacy for general readers: Bruce Schneier's work, particularly 'Data and Goliath' (2015). For comparative law: Paul Schwartz and Daniel Solove on transatlantic privacy; Graham Greenleaf's work on Asian privacy law. International documents: UN Human Rights Committee General Comment 16 on Article 17 ICCPR; OHCHR reports on surveillance; EU GDPR full text. Data sources: Freedom House Freedom on the Net reports; Access Now keeps track of internet shutdowns globally; the Electronic Frontier Foundation (eff.org) covers digital rights extensively; the AI Now Institute and Oxford Internet Institute publish on algorithmic surveillance.

How useful was this concept page?

Your feedback helps other teachers and helps us improve TeachAnyClass.

Your rating:

Your name (optional)

School / location (optional)

Comments (optional)

Thank you — your feedback has been submitted!