Skip to content
Clawdemy

Practice: Why your worry is rational: three things to actually worry about

Self-check

Section titled “Self-check”

Answer in your head (or on paper) before opening the collapsible.

1. Name the three privacy concerns the lesson focuses on, in plain language.

Show answer

Surveillance (every interaction is observed as it travels through real systems), storage and leak risk (what the tool keeps can be exposed later by a breach or by a human reviewer), and vendor lock-in (the rules you signed up under can change after you have already trusted the tool, and getting out is harder than getting in).

2. What is the postcard test, and which worry does it address?

Show answer

The postcard test addresses the Surveillance worry. It asks: would I write this on a postcard and leave it on a park bench? If no, the content is sensitive enough that you should not paste it into a tool whose data path you have not checked. Postcards are fine for general questions; they are wrong for student names, client details, or health information. The test is quick and does not require you to understand how the tool works technically.

3. What is the what-if-leaked-tomorrow test, and what does it help you decide?

Show answer

The what-if-leaked-tomorrow test addresses the Storage and leak risk worry. It asks: if this conversation appeared in a news article next year with my name attached, what would the consequence be? If the answer is nothing serious, paste. If the answer is job loss, a client complaint, or a parent’s legitimate grievance, do not paste. The test does not require knowing whether the tool will actually leak the data; it calibrates your decision to the consequence if it did.

4. When does opting out of training data collection matter, and when does it matter less?

Show answer

Opting out of training matters most when you are pasting content that could harm someone if a human reviewer read it (a student’s name and grade, a client’s identifying information, a health question that reveals something personal). It matters less when the content is general enough that seeing it in isolation reveals nothing about any person. Even with training opt-out enabled, the conversation may still be stored temporarily and could still be exposed in a breach. Opting out addresses one layer of the storage-and-retention problem; it is not the same as the content being invisible or unreachable.

5. The lesson says vendor lock-in is the worry Sarah is least likely to think about on her own. Why?

Show answer

Because it is the slowest worry to appear. Surveillance and storage risk are present the moment Aisha types something. Vendor lock-in shows up later, when a policy she was relying on changes, or when she discovers that data she gave to the tool months ago cannot be fully deleted because it was already used in training. By the time vendor lock-in bites, Aisha’s routines already depend on the tool, which makes switching harder. The lesson frames the solve as acting earlier (prefer architectural privacy over promise-based privacy) and later (check periodically whether the policy has changed in a way that affects you).

6. Name two or more layers of settings that matter beyond the first toggle you find.

Show answer

The lesson names four layers that interact: account-level settings, app-level settings, browser-level settings, and tool-specific feature toggles such as training opt-out and conversation memory. Any two of these four is a correct answer. The lesson’s point is that the first setting you find is rarely the complete picture; never assume the visible toggle is the only one.

Applied exercise: classify three paste-candidates

Section titled “Applied exercise: classify three paste-candidates”

This exercise takes about 5 minutes. Pen and paper or a text editor work equally well. The goal is to practice the move the lesson teaches: take something concrete you might paste into an AI tool, name which of the three worries applies most, and pick the matching test before you decide.

Here are three example paste-candidates. For each one, write down:

  1. Which of the three worries (Surveillance, Storage and leak risk, Vendor lock-in) is the most relevant to this paste?
  2. Which test (the postcard test, the what-if-leaked-tomorrow test, or the architecture-vs-promise test) tells you whether to paste?
  3. Based on that test, would you paste this content as written, or change something first?

Candidate A. A teacher pasting the sentence “Remind me what year the Magna Carta was signed” into a chatbot to get a quick answer for a worksheet she is drafting.

Candidate B. A teacher pasting a draft progress-report paragraph containing one student’s full name, grade, and a behavior comment into a chatbot to ask it to soften the tone.

Candidate C. A teacher choosing between two AI tools for school use. Tool 1 stores conversations indefinitely by default but promises in its terms not to train on them. Tool 2 runs on the school’s own server and the conversation never leaves school premises.

After you have written your three answers, open the collapsibles below to compare.

Show worked answer: Candidate A

All three worries apply weakly because the content is generic, but Surveillance is the most relevant test to run. The postcard test: would you write “remind me what year the Magna Carta was signed” on a postcard? Yes, easily. The content carries no sensitive information. Paste as written.

Show worked answer: Candidate B

Storage and leak risk is the most relevant worry: the content contains a named student plus a behavior comment, which is exactly the kind of intimate detail the Storage section warns about. The what-if-leaked-tomorrow test: if this conversation appeared in a news article next year with the teacher’s name attached, what is the consequence? A parent’s legitimate grievance, a possible district issue, a real cost. Do not paste as written. Either anonymize the draft (remove the name, generalize the behavior comment) and paste the anonymized version, or do the tone edit yourself without the tool.

Show worked answer: Candidate C

Vendor lock-in is the most relevant worry because this is a tool-selection decision, not a moment-of-use decision. The architecture-vs-promise test: Tool 1 protects by promise (the company says it will not train on conversations); Tool 2 protects by architecture (the data never leaves school premises, so the question of training on it does not arise). Architectures change harder than promises. Tool 2 is the safer choice, and the reasoning is durable even if either vendor changes its policy next year.

If you wrote down a different worry-test pair from the worked answer, that is fine. The exercise is the move (worry then test then decision), not the verdict. Phase 4 of this track will teach the five-question rubric that makes this kind of tool comparison faster and more repeatable; lesson 1.2 will start the personal version of the same thinking by asking you to write down what you are protecting and from whom in your own situation.

Flashcards

Section titled “Flashcards”

Ten cards. Click any card to reveal the answer. Use the Print flashcards button to print the set as one card per page.

Q. Name the three privacy concerns this lesson focuses on.
A.

Surveillance (every interaction is observed as it travels through real systems), storage and leak risk (what the tool keeps can be exposed later), and vendor lock-in (the rules you signed up under can change after you have already trusted the tool).

Q. What is the postcard test?
A.

Ask yourself: would I write this on a postcard and leave it on a park bench? If no, the content is too sensitive to paste into a tool whose data path you have not checked. Short version: if it is sensitive, do not paste it into an unchecked tool.

Q. What is the what-if-leaked-tomorrow test?
A.

Before pasting anything, ask: if this conversation appeared in a news article next year with my name attached, what is the consequence? Nothing serious: paste. Job loss, client complaint, or a parent’s grievance: do not paste.

Q. Surveillance: what does the lesson say actually happens when Aisha types a student's name into the tool?
A.

The text leaves her laptop immediately and travels across the network to the AI company’s systems, where a model processes it and a reply comes back. At multiple points along that path, the people maintaining that software can read it if they have a reason and the access. Some logging systems record pieces of it by design. The exact path shape differs vendor to vendor; Phase 2 walks a real example end-to-end.

Q. Storage and leak risk: what does the lesson mean by a 'softer version of leak'?
A.

A human reviewer at the company reading a conversation that was flagged for a policy concern, or selected for training review. The content you paste could be seen by a person, either by design (policy review) or by accident (breach). This is distinct from a hack; it is an ordinary part of how some tools operate.

Q. Vendor lock-in: what is the difference between architectural privacy and promise-based privacy?
A.

Architectural privacy means the system cannot retain certain data because of how it is built. Promise-based privacy means the company says it will not retain the data. Promises are easier to change than architectures. When the choice is available, prefer architectural over promise-based.

Q. Pitfall: what does 'privacy mode' actually mean, and what does it not mean?
A.

Privacy mode (also called temporary chat or incognito mode) typically means the conversation will not be used for training and will not appear in your visible history. It does not mean the conversation is invisible or uncaptured. These modes typically still store the conversation for some period (often for safety or abuse review). The specific protections are real but narrower than the word suggests.

Q. Pitfall: why are 'they cannot identify me' and 'they cannot reach me' different threats?
A.

Reducing identifying information (so the tool does not know your legal name) does not eliminate breach risk. Data about how you use the tool can still be exposed in a breach even when your name is not attached. The two threats are managed differently. Identifying information is a privacy threat; reachability in a breach is a security threat. Both exist independently.

Q. The lesson says to act on vendor lock-in 'earlier and later.' What does it mean by each?
A.

Earlier: before you start using a tool, prefer architectural privacy over promise-based privacy, so the protection is harder to remove. Later: every few months, check whether the tool’s policy has changed in a way that affects you, and be willing to switch when it has. You cannot fix vendor lock-in in the moment of use; it is a before-and-after problem.

Q. What is the closing line of the lesson, and what does it mean?
A.

“The cloud disperses when you name what is inside it.” The lesson opened with privacy-in-the-news arriving as a formless cloud of overlapping concerns that leads to a feeling, not a list. Naming the three specific worries (surveillance, storage risk, vendor lock-in) is the act that turns the cloud into something actionable. You cannot act on a feeling; you can act on three named things.