Privacy Notice and Regulatory Authorities

Play an AI-generated podcast conversation about this lesson

According to the text, what is the purpose of the APEC Privacy Framework?

To limit the collection of personal information

To recognize the individual's legitimate expectations of privacy

To provide clear and easily accessible statements about privacy practices

To prevent the misuse of personal information (correct)

Which of the following is considered personal information?

De-identified information

Public records

Non-personal information

Sensitive personal information (correct)

What principle states that individuals should have the right to access and correct their personal information?

Individual Participation Principle

Access and Correction Principle (correct)

Notice Principle

Accountability Principle

What type of information is not covered by privacy and data protection laws?

Non-personal information Signup and view all the answers

Which branch of the US government is responsible for interpreting laws?

Judicial Signup and view all the answers

Which of the following is a type of self-regulatory model?

Seal Programs Signup and view all the answers

What is the authority of a court or a government agency to hear a particular case called?

Jurisdiction Signup and view all the answers

What is the term for a judgment entered by consent of the parties whereby the defendant agrees to stop alleged illegal activity, usually without admitting guilt or wrongdoing?

Consent Decree Signup and view all the answers

Which government agency is responsible for enforcing criminal laws?

Department of Justice Signup and view all the answers

Which government agency is responsible for overseeing medical privacy?

Department of Health and Human Services Signup and view all the answers

Which government agency is responsible for enforcing financial privacy laws under the Gramm-Leach-Bliley Act (GLBA)?

Consumer Financial Protection Bureau Signup and view all the answers

Which government agency is responsible for overseeing education privacy?

Department of Education Signup and view all the answers

Which type of privacy is concerned with establishing rules that govern the collection and handling of personal information?

Information privacy Signup and view all the answers

Which type of privacy is focused on a person’s physical being and any invasion thereof?

Bodily privacy Signup and view all the answers

Which type of privacy is concerned with placing limits on the ability to intrude into another individual’s environment?

Territorial privacy Signup and view all the answers

Which type of privacy encompasses protection of the means of correspondence, including postal mail, telephone conversations, email, and other forms of communicative behavior and apparatus?

Communications privacy Signup and view all the answers

Which one of the following is an industry standard formula for assessing risk?

Risk = Threat x Vulnerability x Expected Loss Signup and view all the answers

According to the text, publicly available information refers to information that is generally available to a wide range of persons. Which of the following is an example of publicly available information?

Names and addresses in telephone books Signup and view all the answers

According to the text, nonpublic information is not generally available or easily accessed due to law or custom. Which of the following is an example of nonpublic information?

Adoption records Signup and view all the answers

According to the text, what is the role of a US-based software-as-a-service provider that stores employee personal data for a global company headquartered in the US with subsidiaries in the EU?

Data processor Signup and view all the answers

According to the text, what is the difference between a comprehensive model and a sectoral model of data protection?

Comprehensive models govern the collection, use, and dissemination of personal info in both public and private sectors, while sectoral models address a particular industry sector Signup and view all the answers

Which one of these is a correct formulation of risk?

The amount of risk for a security event is equal to the probability of the event occurring times the expected loss associated with the event. Signup and view all the answers

Which one of these is a correct principle of the Fair Information Practices (FIPs)?

Organizations should maintain accurate, complete and relevant personal information for the purposes identified in the notice. Signup and view all the answers

Which one of these is a correct principle of the OECD Guidelines?

Personal data should be protected by reasonable security safeguards against risks like loss or unauthorized access, destruction, use, modification or disclosure of data. Signup and view all the answers

Which one of these is a correct description of vulnerabilities?

Vulnerabilities are weaknesses in an organization’s information systems, policies, or procedures. Signup and view all the answers

Which branch of government does the FTC fall under?

Independent Branch Signup and view all the answers

When was the general consumer protection mission of the FTC established?

1938 Signup and view all the answers

Which act initiated the enforcement of privacy violations by the FTC?

Fair Credit Reporting Act of 1970 Signup and view all the answers

Which industry is exempt from the application of Section 5 of the FTC Act?

Banks and other federally-regulated financial institutions Signup and view all the answers

When did the FTC start focusing on the Notice and Choice approach for privacy?

Late 1990s Signup and view all the answers

What does Section 5 of the FTC Act declare unlawful?

Unfair or deceptive acts or practices in or affecting commerce Signup and view all the answers