A public domain or freely accessible piece of information cannot be construed as sensitive personal data or information under Indian law.
According to the EU-US Safe Harbour Framework, which of the following is not required when transferring personal information from EU member nations to the US?
Which of the following are needed for projects like DNA profiling, UIDAI, and statistical collection of individuals ?
APPI, the Act for the Protection of Personal Information, applies to:
Which of the following activities form part of an organization’s Visibility over Personal Information (VPI) initiative, according to DSCI Privacy Framework (DPF©)?
One of the main objectives of ‘Do Not Track’ technology is to
Which of the following statements are true about the privacy statement of an organization?
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.
Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?
After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India. Which privacy principle provisions notified under Sec 43A were exempted for the service providers?
XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?
I. Notice
II. Choice and Consent
III. Collection Limitation
IV. Use Limitation
V. Access and Correction
VI. Security
VII. Disclosure to third Party
Please select the correct set of principles from below listed options:
A US IT company has created a cloud based application for Canadian consumers only, with servers located in Vancouver, Canada. The application allows its users to publish their short stories, essays or e-books. The purpose of the application, i.e. literary work, is clearly stated in the terms and conditions which are mandatorily acknowledged by each user. With respect to this application, the company must ensure compliance with:
Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?
A government agency collecting biometrics of citizens can deny sharing such information with Law Enforcement Agencies (LEAs) on which of the following basis?
Choose the correct statement:
Projects like DNA profiling, UIDAI, collection of individual’s statistics, etc.
In the history of human evolution, erection of walls and fences around one’s living spaces is interpreted as arrival of which type of privacy consciousness?
Which of the following doesn’t contribute, or contributes the least, to the growing data privacy challenges in today’s digital age?
When an individual has choice to decide on who else can have access to their personal information, it is called
Which one of the following is considered as the first step of evolution in the formation of today’s concept of privacy?