Content-centric networking is an architecture designed to transfer named and addressable data from producers to consumers. Data retrieval is driven by a simple request and response protocol. A consumer issues a request for named data that is routed by the network towards the nearest location where this data is stored. Once found, the corresponding data is returned to the consumer. This data-centric model is different from the datagram- and stream-based protocols used to transport data between endpoints in IP networks: Instead of being tied to the channel through which data flows, security and privacy properties apply to data itself. Consequently, privacy issues in CCN warrant careful evaluation. In this paper, we present a comprehensive assessment of CCN privacy issues in the presence of various adversaries. We specify conditions sufficient to achieve different levels of privacy. We also show that data privacy is more dependent on requests than responses for data. We conclude that strong privacy necessitates some form of session- or channel-based communication, which strongly contradicts the data-centric nature of CCN. We also discuss how to implement proposed CCN privacy mechanisms in practice.