Skip to main content

Knowledge check

Quiz
Complete

Evaluate your understanding of this unit by completing the knowledge check

These questions summarise core themes from ethical frameworks, privacy law, responsible data practice and governance.

Target illustration

Action item: Knowledge check

Answer each question below. Correct answers and short feedback are included for self-review.

Knowledge check: 8 questions
1. Under UK GDPR, which principle requires personal data to be kept only as long as necessary for the purposes for which it was collected?
  • A. Accountability
  • B. Data minimisation
  • C. Storage limitation
  • D. Integrity and confidentiality
Correct Answer: C

Feedback: Storage limitation is about retention duration; minimisation focuses on collecting only what you need.

2. What is the main purpose of a Data Protection Impact Assessment (DPIA) for a high-risk AI project?
  • A. Replace the need for security controls
  • B. Identify and mitigate privacy risks before processing begins
  • C. Prove the model is unbiased
  • D. Eliminate the need for lawful bases
Correct Answer: B

Feedback: A DPIA is a structured privacy risk assessment; it complements fairness work but does not replace it.

3. Federated learning primarily helps organisations by:
  • A. Training models without centralising raw training data on one server
  • B. Removing the need for encryption
  • C. Guaranteeing that model updates cannot leak any information
  • D. Avoiding documentation of data lineage
Correct Answer: A

Feedback: Federated learning reduces central data aggregation; it still requires secure aggregation and threat modelling.

4. Deontological ethics in AI deployment emphasises:
  • A. Maximising average happiness regardless of rules
  • B. Letting the highest-paid stakeholder decide
  • C. Collecting as much data as possible
  • D. Following clear ethical rules and duties even when inconvenient
Correct Answer: D

Feedback: Deontology is rule- and duty-driven rather than purely outcome-maximising.

5. Temporal bias in training data means:
  • A. The model runs too slowly
  • B. A non-representative time window dominates the dataset
  • C. Timestamps were encrypted incorrectly
  • D. The dataset has too many categorical variables
Correct Answer: B

Feedback: Crisis periods or one-off events can distort “normal” behaviour if not handled carefully.

6. When relying on Legitimate Interests under UK GDPR, organisations must:
  • A. Skip transparency if the model is accurate
  • B. Avoid documenting the purpose of processing
  • C. Perform and record a balancing test against individuals' rights
  • D. Assume legitimate interests applies to any AI use case
Correct Answer: C

Feedback: Legitimate interests is not automatic; necessity and balancing are core.

7. An AI impact assessment (AIIA) is best described as:
  • A. A proactive review of benefits, harms and mitigations before deployment
  • B. A marketing review of model branding
  • C. A substitute for security patching
  • D. A one-line disclaimer in a privacy policy
Correct Answer: A

Feedback: AIIAs help teams anticipate fairness, privacy and societal risks early.

8. The EU AI Act is notable for introducing:
  • A. A ban on all neural networks
  • B. A single accuracy metric for every sector
  • C. Exempting healthcare AI from oversight
  • D. A risk-based framework with obligations scaled to AI system risk
Correct Answer: D

Feedback: Higher-risk systems face stronger governance, documentation and monitoring expectations.