DCPP-01 exam

You are part of a team that has been created by Indian government to create India’s privacy law based on recommendations in Justice AP Shah’s Report. Which of the following provisions should be addressed in the law?A . Privacy as an explicit fundamental constitutional rightB . Offences, penalties and remediesC...

Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions, to transfer personal information from EU member nation to US?A . Adherence to the seven safe harbor principlesB . Disclose their privacy policy publiclyC . Sign standard contractual clauses with data exporters...

A US IT company has created a cloud based application for Canadian consumers only, with servers located in Vancouver, Canada. The application allows its users to publish their short stories, essays or e-books. The purpose of the application, i.e. literary work, is clearly stated in the terms and conditions which...

For negligence in implementing and maintaining the reasonable security practices and procedures for protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________A . Rs. 50,000,000B . Rs....

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some...

Select the element(s) of APEC cross border privacy rules system from the following list: i. self-assessment ii. compliance review iii. recognition/acceptance by APEC members iv. dispute resolution and enforcement Please select correct option:A . i, ii and iiiB . ii, iii, and ivC . i, iii and ivD . i,...

Under which of the following conditions can a company in India may transfer sensitive personal information (SPI) to any other company or a person in India, or located in any other country?A . Transfer of information is allowed to those who ensure the same level of data protection that is...

Which of the following statements are true about the privacy statement of an organization?A . Content of the online privacy statement of an organization will depend upon the applicable laws, and may need to address requirements across geographical boundaries and legal jurisdictionsB . As per privacy laws generally it is...

After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India. Which privacy...

APEC privacy framework envisages common principles such as Notice, Collection limitation, Use Limitation, Access and Correction, Security/Safeguards, and Accountability. But it differs from the EU Data Protection Directive in which of the below aspect?A . APEC privacy framework does not deal with the usage of personal informationB . APEC privacy...