1. Privacy in the Modern Era

Question 1

Who wrote an article in the Harvard Law Review with the right “to be left alone?”

Answer 1

Louis D. Brandeis (1890)

Question 2

Olmstead v. United States

Answer 2

The 1927 case of Olmstead v. United States proved to be an incredibly important and influential decision. The case revolved around the prosecution of Washington state resident Roy Olmstead for attempting to smuggle and sell alcohol in violation of Prohibition. After suspecting Olmstead for years, the government gathered evidence by wiretapping Olmstead’s office phones without first obtaining a warrant. Olmstead argued that the police had violated his Fourth and Fifth Amendment rights. The Supreme Court, in a 5 – 4 decision, ruled that the government could use the evidence obtained from wiretapping. The “Exclusionary Rule,” which holds that illegally-obtained evidence may not be used against defendants at trial, was in force at the time. However Chief Justice William Taft cited previous decisions which characterized the Fourth Amendment as only applying to physical search and seizure.

Question 3

Carpenter v. United States

Answer 3

Carpenter v. United States “raises a specific question about whether Americans have an expectation of privacy in historical ‘cell-site location information,’” he writes. The 6th Circuit, on appeal, affirmed that the defendant did not have an expectation of privacy with his CSLI, and thus, law enforcement did not need a warrant. “Whether the Supreme Court endorses or rejects this logic, the answer has enormous implications for privacy rights,” according to Vladeck. More specifically, the implications of the decision “and for the relationship between new technology and constitutional understandings of privacy — will be profound.”

Question 4

Define Privacy as stated by the Generally Accepted Privacy Principles (GAPP)

Answer 4

The rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and destruction of personal information.

Question 5

Define Personal Information as stated by Generally Accepted Privacy Principles (GAPP)

Answer 5

Information that is or can be about or related to an identifiable individual.

Question 6

What type of information falls within Sensitive Personal Information (SPI)?

Answer 6

• Racial or ethnic origin
• Political opinions
• Religious or philosophical beliefs
• Trade union membership
• Genetic data
• Biometric data used for the purpose of uniquely identifying a natural person
• Health data
• Data concerning a natural person’s sex life or sexual orientation

Question 7

Who publishes a de-identification standard?

Answer 7

U.S. Department of Health and Human Services (HHS)

Question 8

What is “expert determination?”

Answer 8

The involvement of a trained statistician who analyzes a de-identified dataset and determines that there is very little risk that the information could be used to identify an individual, even if that information is combined with other publicly available information.

Question 9

Safe harbor requires the removal of 18 different information types, what are they?

Answer 9

1. Names
2. Geographic divisions and Zip codes containing fewer than 20,000 people
3. Month and day of a person’s birth, death, hospital admission or discharge or the age in years of a person over 89
4. Telephone numbers
5. Vehicle identifiers and serial numbers, including license plate numbers
6. Fax numbers
7. Device identifiers and serial numbers
8. Email addresses
9. Web URLs
10. Social Security numbers
11. IP addresses
12. Medical record numbers
13. Biometric identifiers, including finger and voice prints
14. Health plan beneficiary numbers
15. Full-face photographs and any comparable images
16. Account numbers
17. Any other uniquely identifying number, characteristic, or code
18. Certificate/license numbers

Question 10

What is anonymization?

Answer 10

The process of taking personal information and making it impossible to identify the individual to whom the information relates.

Question 11

What is aggregation?

Answer 11

Summarizing data about a group of individuals in a manner that makes it impossible to draw a conclusion about a single person.

Question 12

Why should an organization care about privacy?

Answer 12

1. Privacy is an ethical obligation
2. Laws and regulations require privacy protections
3. Poor privacy practices reflect poorly on an organization

Question 13

What are the 10 Generally Accepted Privacy Principles (GAPP)?

Answer 13

1. Management
2. Notice
3. Choice and Consent
4. Collection
5. Use, retention, and Disposal
6. Access
7. Disclosure to Third Parties
8. Security for Privacy
9. Quality
10. Monitoring and Enforcement

Question 14

What are the U.S. Department of Commerce (DOC) 4 goals?

Answer 14

1. Foster a culture of privacy and disclosure and demonstrate leadership through policy and partnership
2. Provide outreach, education, training, and reports in order to promote privacy and transparency
3. Conduct robust compliance and oversight programs to ensure adherence with federal privacy and disclosure laws and policies in all DOC activities
4. Develop and maintain the best privacy and disclosure professionals i the federal government

Question 15

What are the three primary privacy roles?

Answer 15

1. Data subjects
2. Data controllers
3. Data processors

Question 16

What are Data Subjects?

Answer 16

The individuals about whom personal information is collected.

Question 17

What are Data Controllors?

Answer 17

The organizations who determine the purpose and means of collecting personal information from the data subjects.

Question 18

What are Data Processors

Answer 18

Service providers who collect or process personal information on behalf of data controllers.

Question 19

What are the steps in developing a Privacy Program?

Answer 19

1. Craft strategy, goals, and objectives
2. Appoint a Privacy Official
3. Establish privacy roles
4. Build inventories
5. Conduct a privacy assessment
6. Implement privacy controls
7. Ongoing operation and monitoring

Question 20

What is a privacy notice?

Answer 20

The primary means that an organization uses to convey the details of its privacy policy to end users.

Question 21

What is the purpose of a privacy program?

Answer 21

To safeguard the privacy rights that individuals have to their personal information.

Question 22

What is the purpose of cybersecurity?

Answer 22

To protect the confidentiality, integrity, and availability of data maintained by an organization.

Question 23

GDPR what are the “special category data?”

Answer 23

• Personal data revealing racial or ethnic origin;
• Personal data revealing political opinions;
• Personal data revealing religious or philosophical beliefs;
• Personal data revealing trade union membership;
• Genetic data;
• Biometric data (where used for identification purposes);
• Data concerning health;
• Data concerning a person’s sex life; and
• Data concerning a person’s sexual orientation.

Question 24

What are the 7 foundational principles of “Privacy by Design?”

Answer 24

1. Proactive, not Reactive; Preventive, not Remedial
2. Privacy as the Default Setting
3. Privacy Embedded into Design
4. Full Functionality - Positive-Sum, not Zero-Sum
5. End-to-End Security - Full Lifecycle Protection
6. Visibility and Transparency - Keep it Open
7. Respect for User Privacy - Keep it User-Centric

Question 25

Which of the following types of information should be protected by a privacy program?
A. Customer records
B. Product plans
C. Trade secrets
D. All of the above

Answer 25

A. Customer records.

Privacy programs are specifically intended to protect personal information.

Question 26

Barry is consulting with his organization’s cybersecurity team on the development of their cybersecurity program. Which one of the following would not be a typical objective of such a program?
A. Privacy
B. Confidentiality
C. Availability
D. Integrity

Answer 26

A. Privacy

The three main goals of a cybersecurity program are confidentiality, integrity, and availability.

Question 27

Howard is assisting his firm in developing a new privacy program and wants to incorporate a privacy risk assessment process into the program. If Howard wishes to comply with industry best practices, how often should the firm conduct these risk assessments?
A. Monthly
B. Semiannually
C. Annually
D. Biannually

Answer 27

C. Annually

Industry best practice calls for an annual privacy risk assessment designed to analyze the organization’s current practices in light of the evolving privacy environment.

Question 28

Of the following fields, which fits into the “special categories of personal data” under GDPR?
A. Banking records
B. Union membership records
C. Educational records
D. Employment records

Answer 28

B. Union membership records

Question 29

Katie is assessing her organization’s privacy practices and determines that the organization previously collected customer addresses for the purpose of shipping goods and is now using those addresses to mail promotional materials. If this possibility was not previously disclosed, what privacy principle is the organization most likely violating?
A. Quality
B. Management
C. Notice
D. Security

Answer 29

C. Notice

Organizations should provide notice to data subjects before they use information for a purpose other than those that were previously disclosed.

Question 30

Kara is the chief privacy officer of an organization that maintains a database of customer information for marketing purposes. What term best describes the role of Kara’s organization with respect to that database?
A. Data subject
B. Data custodian
C. Data controller
D. Data processor

Answer 30

C. Data controller

The organization is collecting and processing this information for its own business.

Question 31

Richard would like to use an industry standard reference for designing his organization’s privacy controls. Which one of the following ISO standards is best suited for this purpose?
A. ISO 27001
B. ISO 27002
C. ISO 27701
D. ISO 27702

Answer 31

C. ISO 27701

Privacy Information Management | IT Governance

Question 32

Which of the following organizations commonly requests a formal audit of a privacy program?
A. Management
B. Board of directors
C. Regulators
D. All of the above

Answer 32

D. All of the above

Unlike assessments, audits are always performed by an independent auditor who does not have a vested interest in the outcome.

Question 33

Which element of a privacy program is likely to remain unchanged for long periods of time?
A. Mission
B. Goals
C. Objectives
D. Procedures

Answer 33

A. Mission

The mission of a privacy program should be written at a high level as an enduring document. The goals, objectives, and procedures of a privacy program may change frequently as business needs and privacy requirements change.

Question 34

Tonya is seeking to de-identify a set of records about her organization’s customers. She is following the HHS guidelines for de-identifying records and is removing ZIP codes associated with small towns. What is the smallest population size for which she may retain a ZIP code?
A. 1,000
B. 2,000
C. 10,000
D. 20,000

Answer 34

D. 20,000

The HHS guidelines for the de-identification of records specify that ZIP codes should be included only if the region represented by the ZIP code has 20,000 or more residence.

Question 35

Which one of the following statements is not correct about privacy best practices?
A. Organizations should maintain personal information that is accurate, complete, and relevant.
B. Organizations should inform data subjects of their privacy practices.
C. Organizations should retain a third-party dispute resolution service for handling privacy complaints.
D. Organizations should restrict physical and logical access to personal information.

Answer 35

C. Organizations should retain a third-party dispute resolution service for handling privacy complaints.

Organizations should maintain a dispute resolution process, there is no requirement that it be run by a third party.

Question 36

Which one of the following is not a common responsibility for an organization’s chief privacy officer?
A. Managing privacy risks
B. Encrypting personal information
C. Developing privacy policy
D. Advocating privacy strategies

Answer 36

B. Encrypting personal information

It would be unusual for someone in this role to be involved in the actual encryption of personal information.

Question 37

When designing privacy controls, an organization should be informed by the results of what type of analysis?
A. Impact analysis
B. Gap analysis
C. Business analysis
D. Authorization analysis

Answer 37

B. Gap analysis

The gap analysis is the formal process of identifying deficiencies that prevent an organization from achieving its privacy objectives. The results of the gap analysis may be used to design new controls.

Question 38

Which one of the following is an example of active online data collection?
A. Users completing an online survey
B. Collecting IP addresses from websites
C. Tracking user activity with web cookies
D. Authorization analysis

Answer 38

A. Users completing an online survey

Active data collection techniques directly request data from the subject, such as in an online survey or other form. Passive data collection techniques gather and analyze data automatically, such as by analyzing a user’s web browsing traffic.

Question 39

Which one of the following would not normally appear in an organization’s privacy notice?
A. Types of information collected
B. Contact information for the data controller
C. Detailed descriptions of security controls
D. Categories of recipients to whom personal information is disclosed

Answer 39

C. Detailed descriptions of security controls

May contain general descriptions of security controls, but it would not normally contain detailed descriptions of those controls.

Question 40

Gwen is investigating a security incident where attackers deleted important medical records from a hospital’s electronic system. There are no backups and the information was irretrievably lost. What cybersecurity goal was most directly affected?
A. Integrity
B. Privacy
C. Confidentiality
D. Availability

Answer 40

D. Availability

The most direct impact is the records were irretrievably deleted, causing an availability breach.

Question 41

When creating his organization’s privacy policy, Chris wrote a simplified version of the policy and placed it at the top of the document, following it with the legal detail. What term best describes this approach?
A. Layered policy
B. Filtered policy
C. Redacted policy
D. Condensed policy

Answer 41

A. Layered policy

Simplified version appears first, followed by the full legal and technical details.

Question 42

Under the Privacy by Design philosophy, which statement is correct?
A. Organizations should design systems to respond to privacy lapses that occur
B. Privacy should be treated as requiring trade-offs with business objectives
C. Organizations should strictly limit the disclosure of their privacy practices
D. Privacy should be embedded into design

Answer 42

D. Privacy should be embedded into design

Organizations should strive for a positive-sum approach to privacy that does not treat privacy as requiring trade-offs. Organizations should design privacy mechanisms with visibility and transparency in mind. Systems should be designed to prevent privacy risks from occurring in the first place, not to respond to privacy lapses that do occur.

Question 43

In what Supreme Court case did the term “right to be let alone” first appear?
A. Olmstead v. United States
B. Carpenter v. United States
C. Roe v. Wade
D. Katz v. United States

Answer 43

A. Olmstead v. United States

Justice Louis Brandeis used the term “right to be let alone” in a dissenting opinion in Olmstead v. United States. This opinion was later cited in Roe v. Wade, Katz v. United States, and Carpenter v. United States

Question 44

Matt wants to share some information gathered from student records but is concerned about disclosing personal information. To protect privacy, he discloses only a table of summary statistics about overall student performance. What technique has he used?
A. Anonymization
B. De-identification
C. Aggregation
D. Redaction

Answer 44

C. Aggregation

A technique that only reports summary information about a population in a manner that avoids disclosing information that may be traced back to a single person.