Complete the sentence:
The Gramm-Leach-Bliley Act (GLBA) of US regulates the privacy practices adopted by financial institutions, requiring them to provide adequate security of the customer records. It lays various obligations on the financial institutions but allows such financial institutions to share the non-public information of customers (after properly notifying their consumers in a manner mentioned in the Act) with
A. Its affiliates after obtaining explicit permission of Federal Trade Commission
B. Its affiliates after disclosure in initial and annual GLBA privacy notices
C. Its affiliates without need for obtaining explicit consent from the consumers for sharing their data
D. Its affiliates only after obtaining explicit consent from the consumers
正解:D
質問 2:
Under the OECD Privacy Guidelines, 1980, which of the following was not a privacy principle?
A. Purpose Specification
B. Security Safeguard
C. Data minimization
D. Openness
正解:C
質問 3:
Which of the following statement about Personally Identifiable Information (PII) is true?
A. PII is necessarily a single data element, not a combination of data elements, which can uniquely identify an individual
B. PII is any information about a legal entity including details of its registration or any information that may allow its easy identification
C. None of the above
D. PII is a subset of Sensitive Personal Information
正解:B
質問 4:
'Challenging Compliance' as a privacy principle is covered in which of the following data protection/ privacy act?
A. UK Data Protection Act
B. Singapore Data Protection Act
C. Federal Data Protection Act, Germany
D. PIPEDA
正解:D
質問 5:
A ministry under government of India plans to collect citizens' information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens' 'Consent' would be mandatory for which of the following elements before their collection?
A. Medical condition
B. Caste and religion
C. Sec 43A may not be applicable
D. Educational records
正解:A
質問 6:
Choose from the options below to group privacy principles into user centric (requiring people's involvement) and organization centric (restricted to processes within the organization) categories:
A. User Centric: Notice, Consent, Choice, Access & Correction Organization Centric: Consent, Collection Limitation, Use Limitation, Security, Disclosure to third party, Openness, Accountability
B. User Centric: Notice, Consent, Collection Limitation, Access and Correction Organization Centric: Choice, Use Limitation, Security, Disclosure to third party, Openness, Accountability
C. User Centric: Notice, Openness, Accountability Organization Centric: Consent, Choice, Collection Limitation, Use Limitation, Security, Disclosure to third party, Access & Correction
D. User Centric: Choice, Collection Limitation, Access and Correction Organization Centric: Notice, Use Limitation, Security, Disclosure to third party, Accountability
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
How soon after becoming aware of the breach the data controller has to notify the supervisory authority under Article 33 of GDPR.
A. 72 hours
B. 17 hours
C. 36 hours
D. 24 hours
正解:A
質問 8:
Which of the following activities form part of an organization's Visibility over Personal Information (VPI) initiative, according to DSCI Privacy Framework (DPF)?
A. 'Data processing environment' analysis of industry peers
B. 'Data processing environment' analysis of the country
C. 'Data processing environment' analysis of the organization only
D. 'Data processing environment' analysis of the organization and associated third parties
正解:C
質問 9:
You are part of a team that has been created by Indian government to create India's privacy law based on recommendations in Justice AP Shah's Report. Which of the following provisions should be addressed in the law?
A. Setup of a national data controller registry
B. Offences, penalties and remedies
C. Privacy as an explicit fundamental constitutional right
D. National privacy principles
正解:D
Matsuda -
DCPP-01の内容は問題数も増えた感じで内容も充実しているし、早速勉強していきたいと思います!