AP CSP Big Idea 5 (Impact of Computing): Security and Ethics Study Notes

Crowdsourcing

Obtaining ideas, work, data, or solutions by distributing tasks across a large group of people (often online) rather than relying on a single expert or small team.

Open Source

A software approach defined by licensing and access to source code; it may involve many contributors, but it is not the same concept as crowdsourcing.

Microtasking (Human Computation)

A form of crowdsourcing where people complete many small tasks (e.g., labeling images) that are hard or costly for computers to do well.

Citizen Science

Crowdsourcing where volunteers contribute observations or analysis for scientific or research goals (e.g., classifying galaxies, reporting environmental data).

Crowdfunding

Crowdsourcing where many people contribute money to fund a project (e.g., a new product or community effort).

Distributed Computing (Volunteer Computing)

Crowdsourcing where participants donate computing resources (spare CPU/GPU time) to run tasks such as scientific research.

Validation (Quality Control)

Methods used to check and improve the accuracy of crowdsourced contributions (e.g., redundancy, review, conflict resolution).

Sampling Bias

A bias that occurs when the people who participate in a crowdsourcing effort are not representative of the broader population affected by the outcome.

Malicious Contributions

Harmful or deceptive inputs to a crowdsourced system (e.g., spam, trolling, coordinated false data) intended to manipulate results.

Legal Concern

An issue governed by laws and regulations; violations can lead to penalties (what you must do).

Ethical Concern

An issue guided by values like fairness, minimizing harm, and honesty; something can be unethical even if legal (what you should do).

Intellectual Property (IP)

Ownership rights over creations of the mind (e.g., writing, music, art, software, inventions); computing makes copying and sharing easy, increasing misuse risk.

Copyright

Legal protection for original creative expression (e.g., code, text, music), giving creators control over copying and distribution.

Privacy

The ability of individuals to control information about themselves—what is collected, how it is used, and how widely it is shared.

Re-identification

The risk that supposedly anonymous data can be linked back to a person by combining multiple data points (e.g., location/time patterns).

Bias (Data/Algorithmic)

Systematic unfairness in data or automated decisions that can disproportionately harm certain groups due to biased data, non-representative samples, or design choices.

Digital Divide

The gap between people who have effective access to devices, reliable internet, and digital skills and those who do not.

CIA Triad

A security model: Confidentiality (keep data secret), Integrity (prevent improper changes), and Availability (keep systems usable).

Encryption

Transforming plaintext into ciphertext using an algorithm and key so only authorized parties can read the data.

Symmetric Encryption

Encryption where the same secret key is used to encrypt and decrypt; fast, but requires securely sharing the key.

Asymmetric Encryption (Public-Key Encryption)

Encryption using a public/private key pair: the public key can be shared, and only the matching private key can decrypt messages encrypted with the public key.

Authentication

Verifying that a user or device is who they claim to be (“Who are you?”).

Authorization

Determining what an authenticated user is allowed to do (“What can you access or change?”).

Multi-Factor Authentication (MFA)

Authentication using more than one factor (something you know/have/are), reducing risk if one factor (like a password) is stolen.

Phishing

A social engineering attack that tricks users into revealing sensitive information or installing malware by impersonating a trustworthy source (often via fake links or login pages).