CH. 1 Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Define Privacy

A

“the right to be let alone,” HLR. The desire of people to freely choose the circumstances and the degree to which individuals will expose their attitudes and behavior to others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Classes of Privacy

A

1) Information Privacy - PII
2) Bodily Privacy - intrusion on the physical being
3) Territorial Privacy - intrusion on the environmental or geographical
4) Communications Privacy - Intrusion on the means of correspondence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Fair Information Practices

A

(AKAs: FIP, Fair Information Privacy Practice, FIPP)

Means by which to organize rights and responsibilities as to personal information. Four Principles:

1) Individual’s rights
2) Controls on the Information
3) Information Lifecycle
4) Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

FIP/FIPP - Individual’s rights

A
  • Notice about policy, procedure, and purpose of collection, use, and how its retained and disclosed
  • Choice and consent as to above with either explicit or implicit consent
  • Data subject access to personal information for review and update
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

FIP/FIPP - Controls on the Information

A
  • Information security showing implemented safeguards

- Information quality standards having accurate, complete, and relevant information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FIP/FIPP - Information Lifecycle

A
  • Collection limited to notice
  • Use and retention limited to notice and consent “for as long as necessary”
  • Disclosure limited to notice and consent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

FIP/FIPP - Management

A
  • Management and action to define, document, communicate, and assign accountability
  • monitoring and enforcement of compliance and complaints
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PII

A

Personally Identifiable Information

  • as opposed to aggregate o statistical information
  • information that makes it possible to identify
  • ex. ssn, passport no., street add, telephone, and email
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Sensitive PII

A

PII with higher scrutiny

- ex. ssn, fin info, driver license no., and health info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Non-Personal Information

A

De-identified or anonymized information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Pseudonymized data

A

Information on data subject retained under pseudonym

  • often reversible
  • useful in drug tests, if trial has adverse effects and individuals need to be contacted
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Gray areas of data collection

A

ex. operaional data, intellectual proprty, informationabout products and services, IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Sources of Personal data

A

The source of data can alter its treatment.

  • public records
  • publicly available information
  • non-public information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Processing Personal Information

A

the collection, recording, organization, storage, updating or modification, transmission, dissemination or making available in any other form, linking, alignment or combination, blocking, erasure, or destruction of personal information.

1) data subject - individual
2) data controller - organization with authority over data
3) data processor - processor on behalf of controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Sources of Privacy Protection

A
  • Markets - concerns of the consumer
  • Technology - ability to encrypt
  • Law - traditional source
  • Self-regulation and co-regulation - where self-regulation is the legislation (who defines privacy rules), enforcement (who initiates action), and/or adjudication (who decides a violation occurred)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data Protection Models

A

1) Comprehensive Model
2) Sectorial Model
3) Co-Regulatory and Self-Regulatoy Model

17
Q

Data Protection Model - Comprehensive

A
  • governs the collection, use, and dissemination of personal information
  • formed as a reaction to remedy past injustices, ensure consistency, and promote e-commerce
  • con: its a one size fits all; stifles innovation
18
Q

Data Protection Model - Sectorial

A
  • protection of PII by enacting laws addressing a particular industry standard
  • con: no single data protection authority; overlap in laws
19
Q

Data Protection Model - Co-regulatory

A
  • emphasis on industry, development of enforceable codes or standards for privacy and data protection with legal regulations
  • ex. U.S.’s Children’s Online Privacy Protection Act
20
Q

Data Protection Model - Self-regulatory

A
  • emphasis on creation of codes of practice for the protection of PII by a corporation, industry, or independent body
  • generally, no legal framework