Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Privacy 101 > Privacy > Flashcards

Privacy Flashcards

You may prefer our related Brainscape-certified flashcards:
Physics 101 flashcards Psychology 101 flashcards Chemistry 101 flashcards Biology 101 flashcards Organic Chemistry 101 flashcards Sociology 101 flashcards
1
Q

Why is data protection so important?

A

Data protection helps to ensure a right to a private and family life, and for freedom of expression.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name a Legislative institution.

A

European parliament

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name a policy making institution.

A

European commission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the goal of the Treaty of Lisbon?

A

Strengthening and improving the core structures of the European Union in regards to protecting personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the European Convention of Human Rights - 1953?

A

An international treaty protecting human rights and fundamental freedoms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When was the Universal Declaration of Human Rights drawn up? What articles are relevant?

A
  1. Contains specific provisions in connection with the right to a private and family life.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What was Article 12 of Universal Declaration of Human rights?

A

Right to private and family life

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What was Article 19 of Universal Declaration of Human Rights 1948?

A

Right to freedom of expression

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Article 29 of the Universal declaration of Human Rights?

A

Rights are not absolute, and there will be instances where a balance has to be struck

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the European Convention of Human Rights - 1953?

A

An international treaty to protect human rights and fundamental freedoms - drawn up by the European Council of Europe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Who enforces the treaty by the European convention of Human Rights 1953

A

European Court of Human Rights Strasburg
Article 8 - protects the rights of individuals
Article 10 - protects freedom of expression. and right to share information & ideas across national boundaries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When were the OECD Guidelines developed?

A

1980’s - guidlines on the protection of privacy and transborder flows of Personal Data (1980)

  • Non legally binding rules governing trans-border data flows, and protection of personal information and privacy to facilitate harmonisation of data protection law between countries.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What was the first legally binding international instrument in the area of data protection ?

A

Council of Europe Convention for the Protection of Individuals with regard to the automatic processing of Personal Data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the 108 Convention also known as?

A

Council of Europe Convention for the Protection of Individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does 108 convention require?

A

Required signatories to take necessary steps in their domestic legislation to apply the principles it lays down.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What benchmark did the European Commission use in drawing up the framework directive?

A

The principles contained in Convention 108 - led to the development of the Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and the free movement of such data. (“The Directive”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the Treaty of Lisbon? and when?

A

Treaty of Lisbon came into force in 2009 - aims to strengthen and improve the core structures of th eEuropean Union to enable it to function more efficiently and ensures all of the European Union must have regard to the protection of individuals when processing personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the responsibilities of the European Parliament?

A

Its members are directly elected.

  1. Legislative development
  2. Supervisory oversight of other institutions
  3. Democratic representation
  4. Development of budget.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the e-privacy directive?

A

Developed due to the internet overturning tradittional market structures and rhe new digital information society.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

In the late 1980’s what were the difficulties with the 108 convention (Council of Europe COnvention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data of 1981?

A
  1. Only a smalll number of states had ratified it.

2. Those that had adopted a fragmented approach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What was developed in response to the difficulties with the 108 Convention?

A

In 1990 the European Commision proposed the introduction of a dedicated directive which led to the European Data Directive 95/46/EC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is Article 5(3) of the e-privacy directive?

A

Article 5(3) states that the storing of information (or gaining access to information already stored) in terminal equipment of a subscriber or user is allowed only on the condition that the user has given consent, having been clear and comprehensive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How many articles are in the EU Data Protection Directive?

A

34 - it sets out the general principles and leaves the member states to implement as they see fit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

First data protection principle ?

A

Personal data shall be processed fairly and lawfully, and on particular should not be processed unless

A) at least one of the conditions in schedule 1 is met.

B) in the case of sensitive personal data one of the conditions in schedule 3 is met.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Second data protection principle?

A

Personal data shall only be obtained for one or more specified lawful purposes, and shall not be further processed in any manner incompatible with that or those purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Third data protection principle ?

A

Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Fourth data protection principle ?

A

Personal data shall be accurate and where necessary kept up to date.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Fifth data protection principle ?

A

Personal data processed for any purpose or purposes shall not be kept longer than is necessary for that purpose or purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Sixth data protection principle ?

A

Personal data shall be processed in accordance with the rights of data subjects under this Act.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Seventh data protection principle ?

A

Appropriate technical and organizational measures shall be taken against unlawful or unauthorized processing of personal data and against accidental loss or destruction of or damage to personal data.

31
Q

Eight data protection principle ?

A

Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensure an adequate level if protection for the rights and freedoms of data subjects in relation to the processing of their personal data.

32
Q

Contractual necessity - Schedule 2, paragraph 2, of the DPA provided that personal data processing will be legitimized for the purposes of the first data protection principle where the processing is necessary :-

A

A) for the performance of a contract for which the data subject is party

Or

B) for the taking of steps at the request of the data subject with a view into entering a contract.

33
Q

Legal obligation - Schedule 2, paragraph 3 of the DPA provides that personal data processing will be legitimized for the purposes of the first data protection principle where:

A

The processing is necessary for compliance with any legal obligation to which the data controller is subject, other than an obligation imposed by the contract.

34
Q

What is consent?

A

A clear and unambiguous indication of wishes

Freely given

Specific

Informed

35
Q

Problem with consent?

A

Standards are too high

  • can be with drawn
  • freely given
36
Q

What are the four elements of a breach management plan ?

A
  1. Containment and recovery
  2. Assessment of ongoing risk
  3. Notification of breach
  4. Evaluation and response.
37
Q

Transfers to USA - SafeHarbour pros?

A
  • tailored to US thinking
  • straightforward process
  • easy to publish
  • profile raising exercise
38
Q

Excluded from SafeHarbour ?

A
  • telecoms
  • not for profit
  • financial

Because regulator (FTC) does not have competency.

39
Q

Data Controller?

A

A person who (alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

40
Q

Data processor?

A

Any person (other than an employee of a data controller) who processes the data on behalf of the data controller.

41
Q

Personal data ?

A

Means data which relate to a living individual who can be identified -

A) from those data
B) from those data and other information which is in the possession of, or is likely to come into the possession of the data controller and includes any expression of opinion about the individual and any indications of the data controller or any other person in respect of the individual.

42
Q

Sensitive personal data?

A

Means personal data consisting of information as to:

A) racial or ethnic origin
B) political opinions 
C) religious beliefs
D) member of a trade union
E) physical or mental health
F) sexual life
G) the commission or all edged commission of any offence. 
H) any proceedings for any offence committed.
43
Q

Special Purposes ?

A

A) the purposes of journalism
B) artistic purposes
C) literary purposes.

44
Q

Exemption s.28 ?

A

National Security

  • exempt from the principles, parts II, III and Section 55
45
Q

Exception s.29

A

Crime prevention / detection / apprehension / prosecution / tax collection.

  • Exempt from subject information.
46
Q

Exception s.30 ?

A

Health, Education , Social Work

  • Exemt from subject information.
47
Q

Exemption s.31 ?

A

Regulatory activity

  • Exempt from subject information
48
Q

Exemption s.32

A

Special purposes

  • exempt from all principles except 7th, s7, s10, s12 and s14
49
Q

Exemption s.33

A

Research

  • retention is not incompatible, can be retained indefinitely, exempt from s.7.
50
Q

Exemption s.34

A

Statutory purposes

  • exempt from subject information , non disclosure , 4th principle , and s.14
51
Q

Exemption s.35 (1)

A

Disclosures required by law

  • exemption from non disclosure.
52
Q

Exemption s.35 (2)

A

Disclosures for legal proceedings / advice / defense of rights

  • Exempt from subject information.
53
Q

Schedule 2 Conditions ?

A 
1 consent
2 necessary for contract
3 necessary for legal obligations 
4 necessary for vital interests
5 necessary for justice/statute/crown / public functions 
6 necessary for legitimate purposes
54
Q

Schedule 3 Conditions ?

A
  1. Explicit consent
  2. Employment law purposes
  3. Vital interests
  4. Not for profit use.
  5. Made public by subject
  6. Legal proceedings
  7. Justice / statute / crown functions
  8. Medical purposes
  9. Ethnic and disability monitoring
    10 Secretary of State orders
55
Q

Schedule 4 Conditions - did applying 8th principle? 1

A
  1. Consent
56
Q

Schedule 4 Conditions - did applying 8th principle? 2

A
  1. Contract
57
Q

Schedule 4 Conditions - did applying 8th principle? 3

A
  1. Contract in public interests.
58
Q

Schedule 4 Conditions - did applying 8th principle? 4

A
  1. Public register
59
Q

Schedule 4 Conditions - did applying 8th principle? 5

A
  1. Vital interest
60
Q

Schedule 4 Conditions - did applying 8th principle? 6

A

6 Public interest

61
Q

Schedule 4 Conditions - did applying 8th principle? 7

A
  1. Legal proceedings
62
Q

Schedule 4 Conditions - did applying 8th principle? 8

A

8 Safeguards approved by commissioner.

63
Q

Fair processing 1

A
  1. Identity of controller
64
Q

Fair processing 2

A
  1. Identity of representative
65
Q

Fair processing 3

A
  1. Purposes of processing.
66
Q

Data subject rights s7

A

Access

67
Q

Data subject rights s710

A

Objection to processing

68
Q

Data subject rights s11

A

Objection to marketing.

69
Q

Data subject rights s12

A

Objection to automated processing

70
Q

Data subject rights s13

A

Right to sue following any breach

71
Q

Data subject rights s14

A

Right to sue for rectification/ blocking/ erasure or destruction.

72
Q

Why other people’s data might not be provided in subject access?

A

Can others be identified?
Can consent be obtained?
Can 3rd party be removed?
Is it reasonable to disclose without consent?

73
Q

Notification - Registrable particulars. ?

A

Name address of controller
Description if processing
Recipients of processing
Description of data and subjects
Transfers outside EEA
Whether simplified notification mechanism is in place
Whether data controller is a public authority

74
Q

Exemptions from processing?

A 
Domestic purposes
National security
Only for public register
Not for profit
Manual processing
Limited processing : staff ain , marketing, accounting

Privacy 101 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions