1. __________ are responsible for the day-to-day caretaking of data. A. Data custodians
2. __________ requires that sites obtain parental permission, post a privacy policy detailing specifics concerning information collected from children, and describe how the children’s information will be used. A. COPPA
3. A patient’s medical records are shared with a third party who is not a medical professional and without the patient’s approval. Which law may have been violated? A. HIPAA
4. A school principle allows for student information to be accessed by a marketing company in exchange for goods and services for the school. The principle may have violated which law? A. FERPA
5. A video rental store shares its customer database with a private investigator. The rental store may have violated which law? A. VPPA
6. In the United States, the primary path to privacy is via __________, whereas in Europe and other countries, it is via __________. A. opt-out; opt-in
7. T/F? Data wiping is destructive to the media. A. False
8. T/F? Fair and Accurate Credit Transactions Act (FACTA) mandates that information that is no longer needed must be properly disposed or irreversibly destroyed. A. True
9. T/F? Privacy laws as they relate to education are very recent phenomena. A. False
10. T/F? The development of a privacy policy is an essential foundational element of a company’s privacy stance. A. True
11. T/F? The three words that can govern good citizenry when collecting PII are notice, choice, and consent. A. True
12. T/F? Video Privacy Protection Act (VPPA) is considered to be the strongest U.S. privacy law by many privacy advocates. A. True
13. The EU has developed a comprehensive concept of privacy, which is administered via a set of statutes known as __________. A. data protection
14. What does the privacy-enhancing technology called cookie cutter do? A. It prevents the transfer of cookies between browsers and web servers.
15. What is the mechanism for self-regulation that can be enforced through trade practice law via the FTC? A. Safe Harbor
16. Which act requires credit agencies to perform timely investigations on inaccuracies reported by consumers? A. FCRA
17. Which contractual regulation is a standard that provides guidance on what elements of a credit card transaction need protection and the level of expected protection? A. PCI DSS
18. Which data destruction method is considered to be one of the gold standard methods? A. Burning
19. Which law was designed to enable public access to U.S. government records? A. FOIA
20. Which term refers to a structured approach to determining the gap between desired privacy performance and actual privacy performance? A. Privacy impact assessment
Other Links:
See other websites for quiz:
Check on QUIZLET