ITM100 CHAPTER 4 QUIZ

Questions and Answers

What was the unethical practice committed by Volkswagen AG?

Manipulating submissions for the LIBOR benchmark interest rates

Forcing auto loan customers to purchase unneeded insurance

Manipulating emissions software to meet regulatory standards during testing (correct)

Covering up faulty airbags used in millions of cars

What led to criminal charges against six ranking VW executives?

Covering up faulty airbags used in millions of cars

Opening millions of false accounts

Manipulating emissions software to meet regulatory standards during testing (correct)

Manipulating submissions for the LIBOR benchmark interest rates

What led to Takata Corporation filing for bankruptcy in June 2017?

Opening millions of false accounts

Manipulating submissions for the LIBOR benchmark interest rates

Covering up faulty airbags used in millions of cars over many years (correct)

Manipulating emissions software to meet regulatory standards during testing

What unethical practice was admitted by Wells Fargo bank?

Opening millions of false accounts

What are the major ethical issues in information systems discussed in the chapter?

Accountability, system quality, and preservation of values and institutions

What has given new urgency to ethical issues in information systems?

The rise of the internet and digital technologies

Which technological trend has heightened ethical concerns in information systems?

Declining data storage costs

What has enabled the proliferation of detailed databases on individuals?

The rapid decline in data storage costs

What has exponentially reduced the cost of data movement?

Networking advances

What has led to concerns about individual cell phone tracking without user consent?

Mobile device growth

What has facilitated the invasion of privacy by enabling firms to identify customers using enormous data storage systems?

Advances in information technology

What ethical dimensions are raised by information systems according to the chapter?

Information rights, property rights, and system quality

What are the key ethical issues related to e-commerce and the internet according to the chapter?

Customer information use, personal privacy, and intellectual property protection

What are the ethical dimensions of actions based on information systems, according to the chapter?

Focusing on principles of right and wrong and their impact on societal values and power distributions

How are ethical, social, and political issues related according to the chapter?

Closely linked, with ethical dilemmas reflected in social and political debates

What has raised concerns about privacy invasion, data storage, and individual tracking according to the chapter?

Advances in information technology

What raises ethical concerns about accessing highly detailed personal information about individuals?

Advances in data analysis techniques for large pools of data

What do companies use to assemble and combine myriad pieces of personal information?

Contemporary data management tools

What generates digital information about individuals?

Credit card purchases, telephone calls, government records, and website visits

What do companies do to finely target their marketing campaigns?

Purchase personal information

What does profiling involve?

Using computers to combine data from multiple sources and create digital dossiers of detailed information on individuals

What does the Google Marketing Platform do?

Tracks online activities to create detailed profiles of visitors for targeted web ads

What can advertisers do with online consumer information?

Combine it with offline information, such as credit card purchases at stores

What do ethical, social, and political issues always reference?

Higher values

What is crucial in ethical decision making?

Identifying options that satisfy the interests involved and considering potential consequences

What are some ethical principles with deep roots in many cultures?

The Golden Rule, Immanuel Kant’s categorical imperative, the utilitarian principle, and the risk aversion principle

What is essential in making ethical decisions?

Considering ethical principles and higher-order values

Which amendment in the United States primarily protects the claim to privacy?

First Amendment

What is the most important U.S. privacy law that regulates the federal government’s collection, use, and disclosure of information?

The Privacy Act of 1974

Which of the following principles is NOT included in the FTC’s Fair Information Practices (FIP)?

Transparency

What is the basis of American and European privacy law?

Fair Information Practices (FIP)

Which organization has restated and extended the original FIP to provide guidelines for protecting online privacy?

Federal Trade Commission (FTC)

What percent of Americans feel that consumers have lost control of their personal information online?

91 percent

Which act safeguards the maintenance and transmission of health information about individuals in the U.S.?

Health Insurance Portability and Accountability Act

What is the primary basis of privacy protection in the United States, Canadian, and German constitutions?

The claim of individuals to be left alone and free from surveillance or interference

What is the primary focus of the Federal Trade Commission's (FTC) privacy policies?

Protecting online privacy

Which area is NOT addressed by the FTC's extended privacy policies?

Social media regulation

Which statement about U.S. federal privacy laws is true?

They apply primarily to the federal government and regulate very few areas of the private sector

How do information technology and systems threaten individual claims to privacy?

By making the invasion of privacy cheap, profitable, and effective

What is the main objective of the GDPR?

To strengthen the rights of citizens to their personal information

What is the maximum fine an organization can face for abusing PII under the GDPR?

$20 million or 4% of the organization’s global revenue, whichever is greater

What type of data is protected by the GDPR?

Basic identity information, web data, health and genetic data, and more

What is a requirement for organizations under the GDPR?

Having a data protection officer

How are privacy laws enforced in the United States compared to the EU?

Privacy laws in the United States are piecemeal and enforced sector by sector; in the EU, data protection laws are comprehensive and apply to all organizations

What is a requirement for organizations under the GDPR?

Requiring explicit consent before collecting data

How does the GDPR address organizations operating in the EU or processing data of EU citizens?

By enforcing conditions worldwide for such organizations

What is the role of data protection agencies in the EU?

Enforcing data protection laws in each country

What is the primary focus of the GDPR in relation to individual rights?

Protecting the rights of citizens to their personal information

How does the GDPR address privacy concerns related to ad-based web businesses?

By aiming to address privacy concerns related to ad-based web businesses like Facebook, Google, and Twitter

What is the scope of the GDPR in terms of the data it protects?

It protects a wide variety of PII, including basic identity information, web data, health and genetic data, and more

Study Notes

EU General Data Protection Regulation (GDPR) Overview

• The EU General Data Protection Regulation (GDPR) was implemented by the European Commission in 2018, applying to all firms and organizations that collect, store, or process personal information of EU citizens.
• The GDPR is an updated framework for protecting personally identifiable information (PII) and replaces the earlier Data Protection Directive of 1998.
• In the United States, privacy laws are piecemeal and enforced sector by sector, while in the EU, data protection laws are comprehensive, applying to all organizations and enforced by data protection agencies in each country.
• The GDPR protects a wide variety of PII, including basic identity information, web data, health and genetic data, and more.
• The main objectives of the GDPR are to strengthen the rights of citizens to their personal information, harmonize conflicting data protection standards among EU nations, and enforce conditions worldwide for organizations operating in the EU or processing data of EU citizens.
• For individuals, the GDPR requires organizations to allow consumers to access their personal information without charge, delete personal data, ensure data portability, and guarantee the right to sue providers for damages or abuse of PII.
• Organizational requirements under the GDPR include having a data protection officer, requiring explicit consent before collecting data, reporting breaches, and liability for data shared with partners.
• Organizations that abuse PII can be fined up to $20 million or 4% of the organization’s global revenue, whichever is greater.
• The EU will enforce the GDPR requirements with non-EU countries, like the United States, using intergovernmental privacy shield agreements.
• The GDPR is aimed at addressing privacy concerns related to ad-based web businesses like Facebook, Google, and Twitter, which have been criticized for invading privacy and not protecting PII.
• Privacy laws have been enacted in over 80 nations around the world, each with its own privacy regulations and frameworks.
• Internet technology has posed new challenges for the protection of individual privacy, with websites and advertising networks capable of tracking personal browsing behavior across thousands of websites.

Description

Test your knowledge of the EU General Data Protection Regulation (GDPR) with this quiz covering its implementation, objectives, impact on organizations, and global enforcement. Learn about the requirements for both individuals and organizations under the GDPR.