Podcast
Questions and Answers
What term is used to describe the act of performing any operation on personal data, including collection, storage, and destruction?
What term is used to describe the act of performing any operation on personal data, including collection, storage, and destruction?
- Confidentiality
- Data Protection
- Assurance
- Processing (correct)
Which of the following is NOT considered a criterion for information to be classified as personal information?
Which of the following is NOT considered a criterion for information to be classified as personal information?
- Religious affiliations
- Being about an individual
- Revealing an individual's identity
- Marital status (correct)
What right entitles an individual to correct inaccurate personal information held about them?
What right entitles an individual to correct inaccurate personal information held about them?
- Right to Rectification (correct)
- Right to Access
- Right to Erasure or Blocking
- Right to Object
Which type of information includes details like race, age, and religious affiliations?
Which type of information includes details like race, age, and religious affiliations?
What penalties can be imposed for the unauthorized procession of personal information due to negligence under the Data Privacy Act of 2012?
What penalties can be imposed for the unauthorized procession of personal information due to negligence under the Data Privacy Act of 2012?
What type of breach involves concealing security breaches concerning sensitive personal information?
What type of breach involves concealing security breaches concerning sensitive personal information?
What government agency is responsible for implementing the Intellectual Property Code?
What government agency is responsible for implementing the Intellectual Property Code?
Which bureau is responsible for handling trademarks under the Intellectual Property Office?
Which bureau is responsible for handling trademarks under the Intellectual Property Office?
What does the Data Privacy Act aim to protect?
What does the Data Privacy Act aim to protect?
Under what conditions is the processing of sensitive personal information allowed according to Section 13?
Under what conditions is the processing of sensitive personal information allowed according to Section 13?
Which entity regulates the processing of personal information to protect individual privacy?
Which entity regulates the processing of personal information to protect individual privacy?
What is the main focus of Section 4 of the Data Privacy Act?
What is the main focus of Section 4 of the Data Privacy Act?
Flashcards are hidden until you start studying
Study Notes
Data Privacy Act of 2012
- The Data Privacy Act of 2012 aims to protect personal information, including private, personal, and sensitive information.
Personal Information
- Personal information must satisfy two criteria: it must be about an individual, and the individual's identity must be reasonably ascertainable from the information or opinion.
- Examples of personal information include: name, address, number, email, picture, and video of a person, and land ownership.
Sensitive Personal Information
- Sensitive personal information includes: race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations.
- Also included are: health, education, genetic or sexual life of a person, civil, criminal or administrative proceedings, and unique identifiers issued by government agencies.
Processing of Personal Information
- Processing refers to any operation or set of operations performed upon personal data, including collection, recording, organization, storage, and more.
- A data subject is an individual whose personal, sensitive personal, or privileged information is processed.
Rights of Data Subjects
- Right to be Informed
- Right to Access
- Right to Object
- Right to Rectification
- Right to Erasure or Blocking
- Right to Damages
- Right to Data Portability
- Right to File a Complaint
Fines and Penalties
- Unauthorized processing of personal information: imprisonment of 1 to 3 years, fine of 500K to 2M pesos.
- Unauthorized processing of sensitive personal information: imprisonment of 3 to 6 years, fine of 500K to 4M pesos.
- Processing of personal information for unauthorized purposes: imprisonment of 1 year and 6 months to 5 years, fine of 500K to 1M pesos.
- Unauthorized access or intentional breach: imprisonment of 1 to 3 years, fine of 500K to 2M pesos.
- Concealment of security breaches involving sensitive personal information: imprisonment of 1 year and 6 months to 5 years, fine of 500K to 1M pesos.
- Unauthorized disclosure: imprisonment of 1 to 3 years, fine of 500K to 1M pesos.
Government Agencies
- The Intellectual Property Office is responsible for implementing the Intellectual Property Code.
- The National Privacy Commission protects individual personal information by regulating the processing of personal information.
Republic Act No. 10173
- The Data Privacy Act is a law that seeks to protect all forms of personal information.
- It applies to the processing of all types of information, in the country and even abroad, subject to certain qualifications.
- Conditions under which processing of personal information is allowed are outlined in Section 12 of the Act.
- Processing of sensitive personal information is prohibited except in certain cases outlined in Section 13 of the Act.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
