50 Questions
What was the unethical practice committed by Volkswagen AG?
Manipulating emissions software to meet regulatory standards during testing
What led to criminal charges against six ranking VW executives?
Manipulating emissions software to meet regulatory standards during testing
What led to Takata Corporation filing for bankruptcy in June 2017?
Covering up faulty airbags used in millions of cars over many years
What unethical practice was admitted by Wells Fargo bank?
Opening millions of false accounts
What are the major ethical issues in information systems discussed in the chapter?
Accountability, system quality, and preservation of values and institutions
What has given new urgency to ethical issues in information systems?
The rise of the internet and digital technologies
Which technological trend has heightened ethical concerns in information systems?
Declining data storage costs
What has enabled the proliferation of detailed databases on individuals?
The rapid decline in data storage costs
What has exponentially reduced the cost of data movement?
Networking advances
What has led to concerns about individual cell phone tracking without user consent?
Mobile device growth
What has facilitated the invasion of privacy by enabling firms to identify customers using enormous data storage systems?
Advances in information technology
What ethical dimensions are raised by information systems according to the chapter?
Information rights, property rights, and system quality
What are the key ethical issues related to e-commerce and the internet according to the chapter?
Customer information use, personal privacy, and intellectual property protection
What are the ethical dimensions of actions based on information systems, according to the chapter?
Focusing on principles of right and wrong and their impact on societal values and power distributions
How are ethical, social, and political issues related according to the chapter?
Closely linked, with ethical dilemmas reflected in social and political debates
What has raised concerns about privacy invasion, data storage, and individual tracking according to the chapter?
Advances in information technology
What raises ethical concerns about accessing highly detailed personal information about individuals?
Advances in data analysis techniques for large pools of data
What do companies use to assemble and combine myriad pieces of personal information?
Contemporary data management tools
What generates digital information about individuals?
Credit card purchases, telephone calls, government records, and website visits
What do companies do to finely target their marketing campaigns?
Purchase personal information
What does profiling involve?
Using computers to combine data from multiple sources and create digital dossiers of detailed information on individuals
What does the Google Marketing Platform do?
Tracks online activities to create detailed profiles of visitors for targeted web ads
What can advertisers do with online consumer information?
Combine it with offline information, such as credit card purchases at stores
What do ethical, social, and political issues always reference?
Higher values
What is crucial in ethical decision making?
Identifying options that satisfy the interests involved and considering potential consequences
What are some ethical principles with deep roots in many cultures?
The Golden Rule, Immanuel Kant’s categorical imperative, the utilitarian principle, and the risk aversion principle
What is essential in making ethical decisions?
Considering ethical principles and higher-order values
Which amendment in the United States primarily protects the claim to privacy?
First Amendment
What is the most important U.S. privacy law that regulates the federal government’s collection, use, and disclosure of information?
The Privacy Act of 1974
Which of the following principles is NOT included in the FTC’s Fair Information Practices (FIP)?
Transparency
What is the basis of American and European privacy law?
Fair Information Practices (FIP)
Which organization has restated and extended the original FIP to provide guidelines for protecting online privacy?
Federal Trade Commission (FTC)
What percent of Americans feel that consumers have lost control of their personal information online?
91 percent
Which act safeguards the maintenance and transmission of health information about individuals in the U.S.?
Health Insurance Portability and Accountability Act
What is the primary basis of privacy protection in the United States, Canadian, and German constitutions?
The claim of individuals to be left alone and free from surveillance or interference
What is the primary focus of the Federal Trade Commission's (FTC) privacy policies?
Protecting online privacy
Which area is NOT addressed by the FTC's extended privacy policies?
Social media regulation
Which statement about U.S. federal privacy laws is true?
They apply primarily to the federal government and regulate very few areas of the private sector
How do information technology and systems threaten individual claims to privacy?
By making the invasion of privacy cheap, profitable, and effective
What is the main objective of the GDPR?
To strengthen the rights of citizens to their personal information
What is the maximum fine an organization can face for abusing PII under the GDPR?
$20 million or 4% of the organization’s global revenue, whichever is greater
What type of data is protected by the GDPR?
Basic identity information, web data, health and genetic data, and more
What is a requirement for organizations under the GDPR?
Having a data protection officer
How are privacy laws enforced in the United States compared to the EU?
Privacy laws in the United States are piecemeal and enforced sector by sector; in the EU, data protection laws are comprehensive and apply to all organizations
What is a requirement for organizations under the GDPR?
Requiring explicit consent before collecting data
How does the GDPR address organizations operating in the EU or processing data of EU citizens?
By enforcing conditions worldwide for such organizations
What is the role of data protection agencies in the EU?
Enforcing data protection laws in each country
What is the primary focus of the GDPR in relation to individual rights?
Protecting the rights of citizens to their personal information
How does the GDPR address privacy concerns related to ad-based web businesses?
By aiming to address privacy concerns related to ad-based web businesses like Facebook, Google, and Twitter
What is the scope of the GDPR in terms of the data it protects?
It protects a wide variety of PII, including basic identity information, web data, health and genetic data, and more
Study Notes
EU General Data Protection Regulation (GDPR) Overview
- The EU General Data Protection Regulation (GDPR) was implemented by the European Commission in 2018, applying to all firms and organizations that collect, store, or process personal information of EU citizens.
- The GDPR is an updated framework for protecting personally identifiable information (PII) and replaces the earlier Data Protection Directive of 1998.
- In the United States, privacy laws are piecemeal and enforced sector by sector, while in the EU, data protection laws are comprehensive, applying to all organizations and enforced by data protection agencies in each country.
- The GDPR protects a wide variety of PII, including basic identity information, web data, health and genetic data, and more.
- The main objectives of the GDPR are to strengthen the rights of citizens to their personal information, harmonize conflicting data protection standards among EU nations, and enforce conditions worldwide for organizations operating in the EU or processing data of EU citizens.
- For individuals, the GDPR requires organizations to allow consumers to access their personal information without charge, delete personal data, ensure data portability, and guarantee the right to sue providers for damages or abuse of PII.
- Organizational requirements under the GDPR include having a data protection officer, requiring explicit consent before collecting data, reporting breaches, and liability for data shared with partners.
- Organizations that abuse PII can be fined up to $20 million or 4% of the organization’s global revenue, whichever is greater.
- The EU will enforce the GDPR requirements with non-EU countries, like the United States, using intergovernmental privacy shield agreements.
- The GDPR is aimed at addressing privacy concerns related to ad-based web businesses like Facebook, Google, and Twitter, which have been criticized for invading privacy and not protecting PII.
- Privacy laws have been enacted in over 80 nations around the world, each with its own privacy regulations and frameworks.
- Internet technology has posed new challenges for the protection of individual privacy, with websites and advertising networks capable of tracking personal browsing behavior across thousands of websites.
Test your knowledge of the EU General Data Protection Regulation (GDPR) with this quiz covering its implementation, objectives, impact on organizations, and global enforcement. Learn about the requirements for both individuals and organizations under the GDPR.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
