Module 2: AI Impacts & Responsible AI · BoK II.A
Three privacy harms taxonomies
Match the name to the structure. MITRE PANOPTIC combines contextual domains and privacy activities; the Ryan Calo taxonomy splits harm into subjective vs objective; and Citron & Solove taxonomy lists seven harm types.
Match the name to the structure. These three appear as straight recall questions.
| Taxonomy | Structure |
|---|---|
| 🛰️ MITRE PANOPTIC | Two taxonomies combined → contextual domains (context of a privacy attack) + privacy activities (activities constituting an attack). Data-driven → supports threat assessment, risk modelling and red teaming |
| ⚖️ Ryan Calo | Two broad categories → subjective (internal sense of being harmed) vs objective (external to the person, e.g. personal data used for an adverse action like refusing a loan) |
| 📚 Citron & Solove | Seven harm types → physical, reputational, relationship, economic, discrimination, psychological, autonomy |
Mnemonic
People Rarely Recall Every Detail, Psychology Aside → Citron & Solove → Physical · Reputational · Relationship · Economic · Discrimination · Psychological · Autonomy.
Key terms - quick answers
What is “MITRE PANOPTIC”?
Privacy taxonomy combining contextual domains and privacy activities; data-driven, supports threat assessment, risk modelling and red teaming.
What is “Ryan Calo taxonomy”?
Privacy harm split into subjective (internal sense of harm) and objective (external, e.g. refusing a loan).
What is “Citron & Solove taxonomy”?
Seven privacy harm types: physical, reputational, relationship, economic, discrimination, psychological, autonomy.