A financial organization may share nonpublic information about its customers in accordance with Gramm-Leach-Bliley Act of the US. Which one of the following is the requirement?

• A.Consumers' consent must be obtained first
• B.FTC permission is required
• C.As soon as the GLBA privacy notice is disclosed initially and annually
• D.Data sharing does not require consent from the consumers.

Comment: *

Name: *

Email: *

Verification: *

Which of the following privacy regulation advocates de-identification of personal information?

• A.EU Data Protection Directive
• B.Canada's PIPEDA
• C.Australia's ANPP
• D.IT Act of India

Comment: *

Name: *

Email: *

Verification: *

Which of the following does not fall under the category of Personal Financial Information (PFI)?

• A.Bank account Information
• B.Credit card number with expiry date
• C.Loan account Information
• D.Income tax return file acknowledgement number

Comment: *

Name: *

Email: *

Verification: *

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.
For the outsourced work of its customers' data processing, in order to initiate data transfer to another organizations outside EU, which is the most appropriate among the following?

• A.The data importer need to notify about the transfer to data protection commissioner in the destination country and exporter need to similarly notify in the EU country of origin
• B.The vendor (data importer) in the third country, and not the exporter is responsible to put in place suitable model contractual clauses, and hence the exporter does not need to take any action.
• C.Since the data is processed by the vendor outside the EU, the EU directive does not apply and hence there are no legal concerns
• D.The data exporter needs to initiate model contractual clauses after obtaining approvals from data protection commissioner and have the vendor be a signatory on the same as data importer

Comment: *

Name: *

Email: *

Verification: *

Which of the following are needed for projects like DNA profiling, UIDAI, and statistical collection of individuals ?

• A.Established a service which guarantees citizens' privacy only online
• B.Protect the privacy of individuals
• C.The need for a comprehensive privacy legislation at national level
• D.None of the above

Comment: *

Name: *

Email: *

Verification: *