A country should allow its citizens to access specific information owned by the government in order to bring transparency in the government administration processes. This is the basis for formulation of which of the following rights in India?
Company A collects and stores information from people X & Y on behalf of company B. Which of the following statements are true?
If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:
Which one of the following is considered as the first step of evolution in the formation of today’s concept of privacy?
Technological advancement is inevitable and the speed of change is exponential. In such a scenario, which of the following statement is not true for defining the relationship between privacy protection and technology advancement, both at individual and corporate levels?
Which of the following does not fall under the category of Personal Financial Information (PFI)?
Under GDPR, the European Commission takes the adequacy decision in relation to privacy laws in a third country, territory, sector etc. A subjective approach is taken. For the assessment of whether a third country, a territory, or one or more specific sectors within that third country, or an international organization has an adequate level of protection, who is required to provide an opinion to the Commission?
Privacy laws generally protect information in the following categories?
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?
Which of the following does not fall under the category of Sensitive Personal Data or Information as defined in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Data or Information) Rules, 2011?
APPI, the Act for the Protection of Personal Information, applies to:
From the following list, select the element (elements) that comprise APEC's cross border privacy rules system:
Select the element(s) of APEC cross border privacy rules system from the following list:
i. self-assessment
ii. compliance review
iii. recognition/acceptance by APEC members
iv. dispute resolution and enforcement
Please select correct option:
Which of the following privacy regulation advocates de-identification of personal information?
After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India. Which privacy principle provisions notified under Sec 43A were exempted for the service providers?
Complete the sentence:
The Gramm-Leach-Bliley Act (GLBA) of US regulates the privacy practices adopted by financial institutions, requiring them to provide adequate security of the customer records. It lays various obligations on the financial institutions but allows such financial institutions to share the non-public information of customers (after properly notifying their consumers in a manner mentioned in the Act) with
XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?
I. Notice
II. Choice and Consent
III. Collection Limitation
IV. Use Limitation
V. Access and Correction
VI. Security
VII. Disclosure to third Party
Please select the correct set of principles from below listed options:
Please select the incorrect statement in context of “Online Privacy”: