Why your worry is rational: three things to actually worry about

What this lesson covers

When the word “privacy” enters the news, it usually arrives as a cloud of overlapping worries that leaves you with a feeling but no plan. This lesson turns the cloud into a list. There are three privacy concerns that apply to almost everything you do with an AI tool, and once you can name them you can act on them. The lesson walks each one in turn, gives you a quick test you can apply before pasting anything sensitive, and ends with three common pitfalls worth avoiding.

The point is not to make you afraid of AI tools. The point is to make your worry useful: a worry you can name is a worry you can act on.

Who this is for

You, if you have a job or a life that involves handling other people’s information (students, clients, patients, family members), if you have been handed an AI tool by an employer or institution whose data-handling you did not choose, or if you are simply curious to use AI tools without feeling like you have given up something important to do it.

The lesson uses a teacher named Aisha as a worked example. She teaches eighth-grade English and has been asked to use a new AI tool for progress reports. Her situation is concrete; yours will be different. The shape of the lesson is the same regardless of whose situation you bring to it.

What you’ll learn

By the end of this lesson you will be able to:

Name three privacy concerns (surveillance, storage and leak risk, vendor lock-in) in your own words
Apply the postcard test (would you write this on a postcard?) before pasting anything sensitive into a tool
Apply the what-if-leaked-tomorrow test (if this conversation appeared in the news next year with your name attached, what would the consequence be?)
Tell the difference between tools that protect privacy because of how they are built and tools that protect privacy because the company promises they will
Know that there are multiple layers of privacy settings in any given tool, not just the first toggle you find

These are things you can do, not just things to know. The aim is that you act differently the next time you are about to paste something sensitive.

How long it takes

The lesson reads in about 12 minutes. The practice exercise that follows it takes another 5 to 10 minutes.

Where this fits

This is the first lesson in the Privacy and Local-First AI track. The track has six parts:

Why your privacy matters when you use AI (you are here): name your worries, name your situation.
What an AI tool actually sees when you use it. Walk the path your message takes from your keyboard to the model and back.
Threat models in plain language. Sort the worries into categories you can act on.
Reading a vendor’s privacy posture. A five-question check you can run on any AI tool in under ten minutes.
Local-first as an alternative. What it means for an AI tool to be built so it cannot retain certain data, regardless of policy.
Your rights, your hygiene, applied. Write your own personal privacy plan; learn how to exercise the rights you already have.

The next lesson takes the three worries you can now name and turns them into the start of your own personal threat model, in the form of a short paragraph you write about your own situation.

Sources

This lesson draws on public privacy research:

Electronic Frontier Foundation: articles on chatbot surveillance and on privacy as a first principle in technology design (Creative Commons Attribution).
Mozilla Foundation Privacy Not Included: curated research on how major AI chatbots handle user data, and the policy-complexity problem of tracking changes across many vendor documents.

Full annotated source list, including links and notes on what each source is weaker on, is on the References tab.