Paper 2 Ethics Issues Drills
These are original Paper 2-style practice questions. They use exact records, function names, and expected output evidence.
Detailed answers are in Paper 2 Ethics Issues Answers.
Revise the topic hub first:
Questions
Question 1: Privacy Checklist
Write privacy_issues(form) that returns a list of missing privacy items.
Required items:
purposeconsentretention
Test:
form = {"name": "Amy", "phone": "91234567", "purpose": "event registration", "consent": True}
print(privacy_issues(form))Expected output:
['retention'][5]
Question 2: Access Log Analysis
Office hours are from 8 to 18, where the end time is not included. Write flag_after_hours(logs) to return user IDs for records with hour < 8 or hour >= 18.
Test:
logs = [
{"user": "u1", "hour": 7},
{"user": "u2", "hour": 9},
{"user": "u3", "hour": 18},
{"user": "u4", "hour": 17}
]
print(flag_after_hours(logs))Expected output:
['u1', 'u3'][6]
Question 3: Consent Flag
Each record stores a list of consented purposes. Write has_consent(record, purpose) that returns True only when the requested purpose is listed.
Test:
record = {"user": "u1", "consent": ["billing", "support"]}
print(has_consent(record, "billing"))
print(has_consent(record, "marketing"))Expected output:
True
False[6]
Question 4: Anonymisation
Write anonymise(records) that removes direct identifiers and keeps only age_group, region, and score.
Test:
records = [
{"name": "Amy", "email": "amy@example.com", "age_group": "16-18", "region": "East", "score": 82}
]
print(anonymise(records))Expected output:
[{'age_group': '16-18', 'region': 'East', 'score': 82}][6]
Question 5: Risk Register
Write risk_register() that returns these three (risk, mitigation) pairs:
| Risk | Mitigation |
|---|---|
| unauthorised access | access control |
| excessive retention | delete after 12 months |
| biased output | compare approval rates |
Expected output:
[('unauthorised access', 'access control'), ('excessive retention', 'delete after 12 months'), ('biased output', 'compare approval rates')][6]
Question 6: Audit Function
Write count_missing_consent(records) that counts records where consent is missing or False.
Test:
records = [
{"user": "u1", "consent": True},
{"user": "u2", "consent": False},
{"user": "u3"}
]
print(count_missing_consent(records))Expected output:
2[5]
Question 7: Retention Rule
Write should_archive(record_date, cutoff_date) that returns True when record_date is earlier than cutoff_date.
Dates are ISO strings in YYYY-MM-DD format.
Test:
print(should_archive("2024-01-15", "2025-01-01"))
print(should_archive("2025-02-10", "2025-01-01"))Expected output:
True
False[6]
Question 8: Stakeholder Report
Write impact_counts(records) that counts how many impact records apply to each stakeholder.
Test:
records = [
{"stakeholder": "students", "impact": "privacy concern"},
{"stakeholder": "staff", "impact": "less manual work"},
{"stakeholder": "students", "impact": "faster service"}
]
print(impact_counts(records))Expected output:
{'students': 2, 'staff': 1}[5]
Question 9: Bias Check
Write approval_rates(records) that returns approval rates for each group. A record has group and approved.
Test:
records = [
{"group": "A", "approved": True},
{"group": "A", "approved": True},
{"group": "A", "approved": False},
{"group": "B", "approved": True},
{"group": "B", "approved": False},
{"group": "B", "approved": False}
]
print(approval_rates(records))Expected output:
{'A': 0.67, 'B': 0.33}[7]
Question 10: Incident Response
Write ordered_incident_steps() that returns the incident response steps in this order:
"contain leak""preserve evidence""assess affected data""notify responsible parties""fix cause""review controls"
Expected output:
['contain leak', 'preserve evidence', 'assess affected data', 'notify responsible parties', 'fix cause', 'review controls'][5]
Review Checklist
After attempting these questions, check whether you can:
- turn ethics/privacy requirements into concrete checks;
- process access logs, consent records, and retention dates;
- anonymise by removing direct identifiers;
- summarise stakeholder impacts and approval rates;
- order incident-response steps sensibly.