Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Data Privacy > PIPL > Flashcards

PIPL Flashcards

1
Q

What is the main purpose of the Personal Information Protection Law of the People’s Republic of China?

A

To protect personal information rights and interests, standardize personal information handling activities, and promote rational use of personal information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What types of information are classified as personal information under this law?

A

All kinds of information related to identified or identifiable natural persons, excluding anonymized information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which principles must be observed in personal information handling?

A
  • Legality
  • Propriety
  • Necessity
  • Sincerity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is required for personal information handlers to collect personal information?

A

They must have a clear and reasonable purpose to handle the PI and limit collection to the smallest scope.

Additionally, they must conform to one of the following circumstances: obtain consent, conclude a contract with the data subject, statutory duties, public emergencies, news reporting, PI that is otherwise already disclosed, and 等等.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: Personal information handlers can collect excessive personal information if they believe it is necessary.

A

False.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What rights do individuals have regarding their consent for personal information handling?

A

Individuals have the right to rescind their consent at any time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fill in the blank: Personal information handlers must notify individuals of the handling of their personal information using _______.

A

[clear and easily understood language]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What must personal information handlers do before handling sensitive personal information?

A

Obtain the individual’s separate consent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is defined as sensitive personal information?

A
  • Biometric characteristics
  • Religious beliefs
  • Medical health
  • Financial accounts
  • Individual location tracking
  • Personal information of minors under the age of 14
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Where must personal information handled by State organs be stored?

A

Within the mainland territory of the People’s Republic of China.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What must personal information handlers do if they need to provide personal information outside of China?

A

Meet one of the specified conditions, such as passing a security assessment, undergoing certification, or concluding a contract with the data subject.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the role of the State in personal information protection?

A

Establish a personal information protection structure, prevent and punish violations, and promote education and cooperation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or False: Personal information handlers can disclose personal information without consent if they believe it’s in the public interest.

A

False.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What must happen if personal information handlers jointly decide on handling purposes and methods?

A

They must agree on the rights and obligations of each but do not affect individuals’ rights to demand compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does Article 28 define as sensitive personal information?

A

Information that may cause grave harm to personal dignity, security, or property if leaked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What should personal information handlers do when handling personal information of minors under the age of 14?

A

Obtain consent from the parent or guardian.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is one exception to the requirement of notifying individuals about their personal information handling?

A

In emergency situations where timely notification is impossible to protect individuals’ lives or health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the responsibilities of personal information handlers in terms of data accuracy?

A

Ensure the quality of personal information and avoid adverse effects from inaccuracies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Fill in the blank: Personal information handlers must provide a convenient way for individuals to _______.

A

[withdraw consent]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What must personal information handlers do if they transfer personal information due to mergers, bankruptcy, etc.?

A

Notify individuals about the receiving party and ensure they continue to fulfill the original duties.

21
Q

What is required for automated decision-making involving personal information?

A

Guarantee transparency, fairness, and provide individuals the right to refuse such decisions.

22
Q

What is the purpose of the security assessment for cross-border provision of personal information?

A

To ensure that foreign receiving parties meet the standards of personal information protection set by the law.

23
Q

What is required for critical information infrastructure operators and personal information handlers when handling personal information within China?

A

They must store personal information domestically and pass a security assessment for any international provision.

24
Q

True or False: Personal information handlers can provide personal information stored in China to foreign authorities without approval.

A

False

25
Q

What rights do individuals have regarding their personal information according to this law?

A

Individuals have the right to know, decide, limit, or refuse the handling of their personal information.

26
Q

Fill in the blank: Individuals have the right to request the _______ of their personal information.

A

[correction or completion]

27
Q

What must personal information handlers do when individuals request access to their personal information?

A

Provide access in a timely manner.

28
Q

What are the circumstances under which personal information handlers must delete personal information?

A

When handling purpose is achieved, services are ceased, consent is rescinded, or laws are violated.

29
Q

What is the role of personal information protection officers?

A

To supervise personal information handling activities and adopted protection measures.

30
Q

What must personal information handlers do in the event of a data breach?

A

Adopt remedial measures and notify the relevant authorities and individuals.

31
Q

What are the obligations of personal information handlers providing important Internet platform services?

A

Establish compliance systems, clarify platform rules, and regularly release social responsibility reports.

32
Q

True or False: All individuals have the right to file complaints about unlawful personal information handling.

A

True

33
Q

What penalties can be imposed for violating personal information handling laws?

A

Fines, suspension of services, or cessation of business activities.

34
Q

What is the definition of a ‘personal information handler’ as per this law?

A

Organizations and individuals that autonomously decide handling purposes and methods.

35
Q

What happens if a personal information handler fails to prove they are not at fault for an infringement?

A

They shall bear compensation and responsibility for the infringement.

36
Q

Fill in the blank: The State cybersecurity and informatization department is responsible for _______ of personal information protection work.

A

[comprehensive planning and coordination]

37
Q

What measures can departments fulfilling personal information protection duties adopt?

A

Interview concerned parties, inspect records, and conduct on-site inspections.

38
Q

What must personal information handlers do if they handle sensitive personal information?

A

Conduct a personal information protection impact assessment.

39
Q

What is the minimum retention period for personal information protection impact assessment reports?

A

At least three years.

40
Q

What is the consequence for organizations or individuals that violate personal information handling laws?

A

They will be entered into credit files and publicized.

41
Q

What is the significance of Article 72 in this law?

A

It states the law does not apply to personal information handling for personal or family affairs.

42
Q

True or False: Personal information handlers are required to regularly audit their compliance with laws and regulations.

A

True

43
Q

What is the definition of ‘personal information handler’?

A

Organizations and individuals that autonomously decide handling purposes and handling methods in personal information handling activities.

This term is central to understanding who is responsible for managing personal information under the law.

44
Q

What does ‘automated decision-making’ refer to?

A

The activity of using computer programs to automatically analyze or assess personal behaviors, habits, interests, or hobbies, or financial, health, credit, or other status, and make decisions based thereupon.

This process can impact individuals significantly, especially regarding privacy and discrimination.

45
Q

Define ‘de-identification’.

A

The process of personal information undergoing handling to ensure it is impossible to identify specific natural persons without the support of additional information.

This method is often used to protect privacy while allowing data analysis.

46
Q

What is ‘anonymization’?

A

The process of personal information undergoing handling to make it impossible to distinguish specific natural persons and impossible to restore.

Anonymization is a stronger form of data protection compared to de-identification.

47
Q

When does this Law enter into force?

A

November 1, 2021.

This date marks the implementation of the regulations outlined in the Law.

48
Q

True or False: The Law applies to natural persons handling personal information for personal or family affairs.

A

False.

Article 72 explicitly states that the Law does not apply to such cases.

49
Q

What provisions apply to personal information handling by people’s governments?

A

Those contained in the law regarding statistical and archival management activities.

This ensures that governmental handling of personal information is regulated.

Data Privacy (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions