All About Statutes
The framework for fair and responsible handling of personal data in the EU
What is the GDPR?
This is the reason some categories of data are classified as belonging to special categories under the GDPR.
What is because improper use of these types of data can have a more significantly negative impact on individuals.
This topic is concerned with how others collect, use, share and protect personal information.
What is data protection?
Browsing history, job title, screen names, and geolocation data can be examples of this.
What is personal data / information?
Data processing only refers to an organization that is actively using personal data.
What is false?
The acronym of the EU Regulation stands for?
What is the General Data Protection Regulation?
Which component of the CCPA Personal Information definition expands the standard definition?
What is a household?
Data collection, usage, storing, sharing, archiving and destruction are the components of this concept.
What is the data lifecycle?
This is how organizations and websites often comply with transparency requirements under data protection regimes.
What is a privacy policy or privacy notice?
The CCPA only applies to for-profit businesses meeting certain criteria.
What is true?
Only if this happens, then the CCPA provides for a private right of action.
What is a data breach?
Which of the following are classified as "special categories" of data under the GDPR?
a) email address, b) ethnic origin, c) mobile number, d) full name, e) health data, f) religious beliefs, g) biometric data
What are: b) ethnic origin, e) health data, f) religious beliefs, and g) biometric data
The rule that data should be destroyed once it is no longer needed describes this concept.
What is data minimization?
A California college student visiting the emergency room and filling out her paperwork in Arizona would be considered a ________ under the CCPA.
What is a consumer?
The GDPR applies to trade secrets.
What is false.
The CCPA applies to you if....
What is a for-profit business that has either: 1) $25M in annual revenue globally; 2) holds the personal information (PI) of 50K people, households or devices; or 3) makes at least half of its revenue from the sale of PI.
Under the CCPA as it stands today, employers must still meet this obligation with respect to a job applicant before or at the point of collecting their resume.
What is notice?
Allowing customers to update their personal information on the company website is an example of which privacy principle?
What is access?
Neville provided Corporation with his personal data when purchasing a widget from them. Corporation uses E-Marketer to provide customers with notices about new products. Corporation sends Neville's information to E-Marketer.
Under the GDPR, what is Corporation's designation w/r/t to the personal data?
What is a data controller?
A data breach includes an organization accidentally deleting personal data.
What is true?
This is who the GDPR applies to.
What are organizations that a) are established in the E.U., b) offer goods or services to individuals in the EU, or c) monitor the behaviors of individuals in the EU
The passage of the CPRA extended both the B2B and this other exemption from the definition of personal information for purposes of certain CCPA requirements and if certain conditions are met.
What are employees, job applicants and owners.
These are the principles that are widely recognized as forming the basis for all data protection practices.
What are transparency, consent, data minimization, purpose limitation, access and security?
Which of the following would be considered sensitive personal information generally:
a) birthdates, b) fingerprints, c) bank account information, d) medical diagnoses, e) full name, f) street addresses, g) paternity test
What are b) fingerprints, d) medical diagnoses, and g) paternity tests?
Personal information publicly available on a LinkedIn profile would still be considered personal information.
What is true?