1 / 5
A widely used privacy-specific threat modelling framework is ___.
-
-
-
-
LINDDUN catalogues privacy threats (Linkability, Identifiability, Non-repudiation, Detectability, Disclosure, Unawareness, Non-compliance).
2 / 5
Being able to tell that two records relate to the same person is a ___ threat.
-
-
-
-
Linkability lets an adversary correlate data items to the same individual even without knowing who they are, eroding privacy.
3 / 5
Being able to single out and name the individual behind data is an ___ threat.
-
-
-
-
Identifiability means the data can be tied to a specific real person, which is the core harm many privacy controls aim to prevent.
4 / 5
Combining 'anonymised' datasets to unmask individuals is called ___.
-
-
-
-
Re-identification attacks correlate quasi-identifiers across datasets to recover identities, so true anonymisation is harder than it looks.
5 / 5
Mitigating privacy threats by collecting only what you need applies the principle of data ___.
-
-
-
-
Data minimisation reduces the attack surface: data you never collect can't be linked, identified, or leaked.