Data Privacy Act of 2012 (DPA) Quiz

Questions and Answers

What is the main purpose of Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA)?

• To protect personal data in information and communications systems (correct)
• To promote social media privacy
• To restrict access to government data
• To regulate internet usage

Which entity was created by the DPA to monitor its implementation?

• Data Security Authority (DSA)
• Privacy Protection Bureau (PPB)
• Information Privacy Office (IPO)
• National Privacy Commission (NPC) (correct)

What type of consent is required before processing personal information under the DPA?

• Consent by the data processor
• Implied consent by a data subject
• Consent by the government
• Direct consent by a data subject (correct)

What is the primary requirement for government and private entities processing personal data under the DPA?

Establish policies and implement measures to ensure data privacy (A)

What are entities required to implement to protect personal data against natural dangers under the DPA?

Reasonable and appropriate measures (A)

What is the primary distinction between a tort and a crime?

A tort is a civil wrong with remedy pursued by the injured individual, while a crime is an offense against the public with remedy pursued by the state. (A)

Who prosecutes the wrongdoer in a crime?

The state (C)

Can an injured party seek recovery from the offender in a civil action for a prosecuted crime?

Yes, it is possible (C)

What is the traditional approach to criminal law?

Retribution and deterrence (D)

In a crime, who is the wrong committed against?

The public (B)

Flashcards

Purpose of DPA

Protect personal data in information systems

DPA Monitoring Body

National Privacy Commission (NPC)

Consent Type

Direct data subject consent

Essential Data Requirement

Policies and measures for data privacy

Data Protection Measures

Reasonable & appropriate measures (natural dangers)

Tort vs. Crime

Tort: civil wrong; Crime: public offense

Crime Prosecutor

State prosecutes

Civil Action & Crime

Injured party can sue

Traditional Criminal Law

Retribution & Deterrence

Crime Target

Public, not individual

Study Notes

Republic Act No. 10173 - Data Privacy Act of 2012 (DPA)

• Aims to protect the privacy of individuals and ensure the security of personal information.
• Promotes the free flow of information while safeguarding personal data from unauthorized access.

Implementing Entity

• The National Privacy Commission (NPC) was established to oversee the implementation of the DPA and enforce compliance among stakeholders.

Consent for Processing Personal Information

• Prior explicit consent from the individual is mandatory before any processing of their personal information can take place under the DPA.

Requirements for Processing Personal Data

• Both government and private entities must ensure lawful, transparent processing of personal data and implement necessary measures to protect such information.

Protection Against Natural Dangers

• Entities are required to adopt appropriate physical, technical, and organizational measures to secure personal data against risks such as natural disasters or emergencies.

Distinction Between Tort and Crime

• A tort is a civil wrong causing harm or loss, while a crime is an offense against the state or society, punishable by law.

Prosecution in a Crime

• The state or government acts as the prosecutor in criminal cases against the alleged wrongdoer.

Civil Action for Prosecuted Crime

• An injured party may file a civil lawsuit seeking damages from the offender regardless of whether criminal charges were pursued.

Traditional Approach to Criminal Law

• Emphasizes state intervention where the government prosecutes the offender on behalf of society to uphold public order.

Wrong Committed Against

• In a crime, the wrong is committed against society, while a tort addresses a wrong done to an individual.